I should make the connection between rpmsign and --setfscontext clearer.
One of the reasons for splitting package signing into a separate rpmsign executable
is to avoid adding a
Requires: /usr/bin/gpg
or
Requires: /usr/bin/gpg2
dependency to RPM's packaging. There's a macro with a default value that controls
which executable to invoke.
Prelink has a similar attachment to RPM behavior, there's an implicit pre-requsite
onto prelink(8).
There is a similar luser expectation for --setfscontext, which has an implicit/ovious
pre-requisite of
Requires: /sbin/restorecon
as for gpg/gpg2/prelink.
There's no one right/clear/consistent answer ... so please don't take my comments
as being against --setfscontext.
I should make the connection between rpmsign and --setfscontext clearer.
One of the reasons for splitting package signing into a separate rpmsign executable
is to avoid adding a
Requires: /usr/bin/gpg
or
Requires: /usr/bin/gpg2
dependency to RPM's packaging. There's a macro with a default value that controls
which executable to invoke.
Prelink has a similar attachment to RPM behavior, there's an implicit pre-requsite
onto prelink(8).
There is a similar luser expectation for --setfscontext, which has an implicit/ovious
pre-requisite of
Requires: /sbin/restorecon
as for gpg/gpg2/prelink.
There's no one right/clear/ consistent answer ... so please don't take my comments
as being against --setfscontext.