> The current version of libselinux1.postint runs "telinit u" to tell init > to re-exec itself. This was added so the system can shutdown cleanly when > sysvinit is the active PID 1.
AFAIK that was never the case. The reason for running "telinit u" when a shared object that init uses is upgraded is so that init will start using the new version. I don't think we can unconditionally avoid such an operation. If at some future time we find a security flaw in one of those libraries that can affect the operation of process 1 there needs to be a way of causing the buggy library to be removed from memory. If systemd is unable to handle this correctly then that would be a bug in systemd. Also there is the possibility of an upgrade requiring a file format change to something under /etc/selinux. Upgrades of SE Linux user space between major versions of Debian without a reboot are officially unsupported (I'll close any bug report of the form "I did a dist-upgrade from wheezy to jessie without rebooting and things didn't work correctly"), so this shouldn't be a problem. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753790 I don't think that systemd needs to get the new library instantly (not even for a security issue). But it definitely needs to get it before the next reboot (which may be a year later). So maybe we could have a trigger or something and let systemd work it out. I have filed bug report #753790 against systemd for this. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
