Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1410741pxb;
        Thu, 4 Mar 2021 10:33:53 -0800 (PST)
X-Google-Smtp-Source: ABdhPJzwVS6fifwCjaoLOTkbQ5lbqBj6K8HJXVVgKc/xEJiCgTxaLRh6U0NjuoNTA4ObLUtGqGXR
X-Received: by 2002:a50:e882:: with SMTP id f2mr5990440edn.184.1614882833160;
        Thu, 04 Mar 2021 10:33:53 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1614882833; cv=none;
        d=google.com; s=arc-20160816;
        b=yrVfpDd/Ns6KfaGaKniHoKmAkRvQATcmz/gqhoiJVfxeK7Z9mJl1xlLlqpiB3gDGPR
         6Js0WVbcOr0MW5Pid+M1lsjBw4a3m4ckOYy366Cigw4MKQmMVOG5eWFNBfTX4R5kGRV2
         +udzcoyMAFSXhXhDrq7KO39+b0Mz++TIUfjJU6khwS3pCQckV28bYlaY/zc5HdgMrFPc
         QkidRMpf4ao8KJvyCNQSUMyoAwfa//VbxdHnaFVxRwqnrP0UwlOj65g+4jY20WuutxZg
         CSnlDzYPckcQFGpoICyEC8GxFueDx0B96LYyHFAsbaKzt80gmqoLl3ZmLZrTlqP+WZrf
         8cPQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:mime-version:user-agent:message-id:in-reply-to
         :date:references:subject:cc:to:from:dkim-signature:dkim-filter;
        bh=0Ve+xXBHTbEw0fPFu0O/xod8NU6BElrTOOdos1pHxaI=;
        b=MhYa29wgPphgUWywoDZAhPDIgrgqYQQ2xP85GNlQxRTJXUHAUUrloz038egCoS5Dz0
         MiHEDSolg5XNRb9obs0yxp8Pxis8IjN4zgA5NqTUcWawP1xO150XeDAXcbIJZIRFgrdc
         b05vAyYwE5SdL1W7z/UvLkwLPRFZAtJiEKx76JrBClt0tPeSVeqDsYBPOFXmQCeUyjQB
         QAJDxzKtJYcbDLV55L+wEoGF6I5NDKBQFN1BENBsXvryicyMBzWK6tTC6LTWa5FvpT6g
         uAC7e5cJuHoIWwGz6ZAOcy+bQFBOCMh9AJ0hzSsNsOtG6n4Y6DEtIzRVJSszy01SF0Sc
         gPIw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@defensec.nl header.s=default header.b=aHoAMWEN;
       spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org
Return-Path: <selinux-refpolicy-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id f4si3127708ejk.478.2021.03.04.10.33.48;
        Thu, 04 Mar 2021 10:33:53 -0800 (PST)
Received-SPF: pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@defensec.nl header.s=default header.b=aHoAMWEN;
       spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S238241AbhCDQsU (ORCPT <rfc822;linux.lists.archive@gmail.com>
        + 16 others); Thu, 4 Mar 2021 11:48:20 -0500
Received: from agnus.defensec.nl ([80.100.19.56]:55398 "EHLO agnus.defensec.nl"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S238359AbhCDQsR (ORCPT
        <rfc822;selinux-refpolicy@vger.kernel.org>);
        Thu, 4 Mar 2021 11:48:17 -0500
Received: from brutus (brutus.lan [IPv6:2001:985:d55d::438])
        by agnus.defensec.nl (Postfix) with ESMTPSA id E792D2A0CF2;
        Thu,  4 Mar 2021 17:47:35 +0100 (CET)
DKIM-Filter: OpenDKIM Filter v2.11.0 agnus.defensec.nl E792D2A0CF2
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=defensec.nl;
        s=default; t=1614876456;
        bh=0Ve+xXBHTbEw0fPFu0O/xod8NU6BElrTOOdos1pHxaI=;
        h=From:To:Cc:Subject:References:Date:In-Reply-To:From;
        b=aHoAMWEN/nTkmNwMbvdgtAvtDkWkK3LEE3dHLJ1SpfWUBQ0XO6E9WsKCaKw1N3iUP
         Y20/xeiZR/dCc2MJk2iXcJvRFVODaY0siH0LVZtRFrDidf1D7DBRq+YVZsdC6mVSh9
         Dl34nwKaysyUsRg0bPT4MVHQEMT7/OyZhnUK1yM4=
From:   Dominick Grift <dominick.grift@defensec.nl>
To:     Russell Coker <russell@coker.com.au>
Cc:     selinux-refpolicy@vger.kernel.org
Subject: Re: cgroups
References: <201858869.AyTo3W3VYL@liv>
Date:   Thu, 04 Mar 2021 17:47:32 +0100
In-Reply-To: <201858869.AyTo3W3VYL@liv> (Russell Coker's message of "Thu, 04
        Mar 2021 22:21:44 +1100")
Message-ID: <ypjl1rcun9wb.fsf@defensec.nl>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Precedence: bulk
List-ID: <selinux-refpolicy.vger.kernel.org>
X-Mailing-List: selinux-refpolicy@vger.kernel.org

Russell Coker <russell@coker.com.au> writes:

> https://sourceforge.net/projects/libcg/files/
>
> Above seems to be the source for the programs listed in policy/modules/
> services/cgroup.fc, upstream has no changes since 2014 and the package in 
> Debian doesn't support cgroup2 so is pretty much useless.
>
> Is there any reason for not deleting policy/modules/services/cgroup.* from 
> refpolicy?

libgroup is indeed probably history. Although I vaguely recall it still
being used somewhere out there. I wouldnt mind removing it.

>
> Also as an aside what is the best way of managing cgroups and do we have 
> policy that works with it?

I suppose depends who you ask. Many nowayday's will probably say that systemd
should be the only cgroup manager.

On systems with systemd i generally use systemd, one my openwrt powered
router i just use shell and (init)?scripts

-- 
gpg --locate-keys dominick.grift@defensec.nl
Key fingerprint = FCD2 3660 5D6B 9D27 7FC6  E0FF DA7E 521F 10F6 4098
https://sks-keyservers.net/pks/lookup?op=get&search=0xDA7E521F10F64098
Dominick Grift