-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Currently selinux-policy*rpm install the pp files in
/usr/share/selinux/POLICYTYPE/*.pp

Then it calls semodule on them to load the policy.  libsemanage copies
the policy package files to /etc/selinux/targeted/modules/active,  Then
it recopies the files to /etc/selinux/targeted/modules/previous, where
it finishes the assembly of the files.

So we end up requiring three times as much space as necessary if the
modules are not changing.

Policy in Rawhide is 36 megabytes.

So on small devices or even usb sticks and cd's this is a large waste of
space.  This patch is an attempt to use hard links when we can.

I have not put it in production, since I wanted people who know the
library better then me to tell me whether it is a cracked idea.

There is really two ideas in the patch.  One is to add interfaces
semanage_modules_*_file which take a file instead of a block of memory.
 semodule would then be changed to use these interfaces.

The library then calls semanage_link,  This function checks to make sure
the file countext of the source matches the file context of the
destination, if they match, the tool will attempt a link, if either
fails the tool will fall back to copy them.

I changed the write_file to unlink the destination file which would
remove the linked file if it exists.


semanage_store has been changed, so that the creation of the sandbox is
via link, if possible.

Is this a good idea or bad?

Also want to reinvestigate using some form of compression.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkjdEWAACgkQrlYvE4MpobNvEQCgsedSuXz9Igagh3jJF5gja4/U
18sAn0wDWTMjtu5gLrIN/zD/Ox0dk49z
=gtQW
-----END PGP SIGNATURE-----