Received: by 2002:a05:6a10:17d3:0:0:0:0 with SMTP id hz19csp3352683pxb; Tue, 20 Apr 2021 06:32:58 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxbCHFwTg5MynxYtPS1ouf+oTBLdLo4i3cr+TOkkeGF7qtTB4hEnshu8LNt/zM0uXYXwe4z X-Received: by 2002:a17:906:d110:: with SMTP id b16mr27731415ejz.146.1618925578519; Tue, 20 Apr 2021 06:32:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1618925578; cv=none; d=google.com; s=arc-20160816; b=sWRyEFj8d7RDSv5TgfVV48RBeaq5hiXjiMubbr6o6N2qcrKQbhZTxaPO+6JV4UHM7K aZzPV1rdKFKCW94jhf/hbzEBo7Rdh1gd1Xgrp28X4ZZGOt0KDp5i+rhgVusNtzq/TEKr rsEI/ne6ddnAUWWQe5WdlQErlWSEyLnXWliHH9KZABqBQCcziJO8219w/YRWp4tPkSjA awOWl2WfzSQk9t13q2AW/zhoVcW08MCScjXJhuiOnwDkq6V2OpeWaCYvM8tnjtidwgOG hxcju8vZbENtvZlgbI4cAnhelwrYYCnO7RuHYruozvFibo3kDmaBp4JRCafnnnvxFgqP xdxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:reply-to:to:from :dkim-signature; bh=pwpnOW43BxRGa7wxd5xOnK8LLOZMNMPBguR+KkF47Fc=; b=SZf10uKDzCsCYB7InheMs8NaVEbrENWsQmr7PtbDkCEq2SUww4kl/sDiH483e0PqY7 9MZ5pOyDPECe5EMurzzdkNjxuY08CI9agHE8trekePJrkVcGCV1TJY0iPdCqtk3OcCkE 0E8bU5q5vQyuNFdSb1Bb8v6x1LU0OIdrsRwTXl7ycdGLHlP4xwjLL6SJFClk/NGeLMOR PxETDbPgDONJ0qEyc8LjdMANpV7QVGZG/TDVOY5jEcq54Ly8c6BtZBNAKX0kCstBthzW MboF2IppKqiXpqwYh9YtBg+ir9dtUokn3ijNJYOVzgsh+ZZVpMnCYmY/CAaUdBXXqkNC WiAg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@coker.com.au header.s=2008 header.b=bG2JOUa3; spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=coker.com.au Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id bu23si15139407ejb.669.2021.04.20.06.32.51; Tue, 20 Apr 2021 06:32:58 -0700 (PDT) Received-SPF: pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@coker.com.au header.s=2008 header.b=bG2JOUa3; spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=coker.com.au Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232477AbhDTNcd (ORCPT + 17 others); Tue, 20 Apr 2021 09:32:33 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38784 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232456AbhDTNcd (ORCPT ); Tue, 20 Apr 2021 09:32:33 -0400 X-Greylist: delayed 14110 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Tue, 20 Apr 2021 06:32:02 PDT Received: from smtp.sws.net.au (smtp.sws.net.au [IPv6:2a01:4f8:140:71f5::dada:cafe]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2CC96C06174A for ; Tue, 20 Apr 2021 06:32:02 -0700 (PDT) Received: from xev.coker.com.au (localhost [127.0.0.1]) by smtp.sws.net.au (Postfix) with ESMTP id E190AFB1E; Tue, 20 Apr 2021 23:31:59 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=coker.com.au; s=2008; t=1618925520; bh=pwpnOW43BxRGa7wxd5xOnK8LLOZMNMPBguR+KkF47Fc=; l=954; h=From:To:Reply-To:Cc:Subject:Date:In-Reply-To:References:From; b=bG2JOUa3/VA+RAgoUJk4K1vJQaJVzmk5ScSCfDnTJhp2Ia/OxddVaN2JLgLUiJMi/ Z2dTGDdccMj7vQR7QIxj84PyhSMysUyimLML9MgzpRQpSpAH34HdWsJOiAlxhqNGGD Klb63zzdjOkW8jjJuMes9vZtbEmZtc74OsdetihM= Received: by xev.coker.com.au (Postfix, from userid 1001) id 4BA51141BC35; Tue, 20 Apr 2021 23:31:55 +1000 (AEST) From: Russell Coker To: Matej Marusak Reply-To: russell@coker.com.au Cc: selinux-refpolicy@vger.kernel.org Subject: Re: [PATCH] cockpit web admin system Date: Tue, 20 Apr 2021 23:31:55 +1000 Message-ID: <1637645.KEFvsIcdD4@xev> In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Precedence: bulk List-ID: X-Mailing-List: selinux-refpolicy@vger.kernel.org On Tuesday, 20 April 2021 10:48:32 PM AEST Matej Marusak wrote: > As a Cockpit developer I would like to mention that Cockpit will ship its > own policy very soon - it will be the same one that is currently in rawhide > and it is possible it will involve over time. It will be shipped with > priority 200 to suppress policy that is shipped by default. > We first ship it in Fedora-33 and newer as well as rhel-9 and newer. We > have a plan to ship it in Debian as well. Other OSes may come later. > > This is being developed in [1]. > > MM > > [1] https://github.com/cockpit-project/cockpit/pull/15707 The same policy won't work for Red Hat and for Refpolicy systems (including Debian). Many interfaces have different names and some interfaces do different things. You will have to ship 2 policies if you want to support Red Hat and the rest. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/