On Thu, Jan 5, 2017 at 11:18 PM, Sergei Golubchik <serg@mariadb.org> wrote:
Hi, Clint! What could a fix be?
* Include a new selinux policy into the rpm? - Is that possible?
This should definitely be possible, one other approach I have seen is to create a separate RPM that just handles the policy stuff separately say MariaDB-server--selinux. Here is an example that I have found that talks about Fedora, the process should be very similar for CentOS. https://lvrabec-selinux.rhcloud.com/2015/07/07/how-to-create-selinux-product-policy/
A quick yum search on one of my CentOS 6 systems shows a number of packages that seem to be doing this you may want to check out the rpm spec files of some of the following packages and see if they help
# yum search selinux | less ============================= N/S Matched: selinux ============================= cjdns-selinux.noarch : Targeted SELinux policy module for cjdns dokuwiki-selinux.noarch : SElinux support for dokuwiki drraw-selinux.noarch : SELinux context for drraw fts-monitoring-selinux.noarch : SELinux support for fts-monitoring fts-rest-selinux.noarch : SELinux support for fts-rest fts-server-selinux.x86_64 : SELinux support for fts-server ipa-server-selinux.x86_64 : SELinux rules for ipa-server daemons ... pure-ftpd-selinux.x86_64 : SELinux support for Pure-FTPD ... totpcgi-selinux.noarch : SELinux policies for totpcgi websvn-selinux.noarch : SELinux context for websvn xrootd-selinux.noarch : SELinux policy module for the xrootd server ... mailgraph-selinux.noarch : A RRDtool frontend for Mail statistics ...