Received: by 2002:a05:7412:2a8c:b0:e2:908c:2ebd with SMTP id u12csp1739832rdh; Tue, 26 Sep 2023 01:56:12 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEezOYTu5AOX42TN/kZ+5ePWVDWThFuNqb969Yz/019MWXKm+mzvNpzmDFLSNpirBllL3v0 X-Received: by 2002:a17:90b:8c6:b0:26d:54de:b0d6 with SMTP id ds6-20020a17090b08c600b0026d54deb0d6mr6198198pjb.20.1695718571886; Tue, 26 Sep 2023 01:56:11 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695718571; cv=none; d=google.com; s=arc-20160816; b=ZYZei0XiyxhVRdesHw0ntP9cA5WCMyoQBOVgBfUu55WacTwGDR/MujwJWVi6t21Q1V UB4qhLLt8qYOckGLqQIbypO1+AZB07NMfd3AgMrS5TdoxTUzXJXpsMz64JawD38H7tBR 2r9zl0u8qktuZ4ZKaoLmZvfGIPo2Q2Ezq4h79k3e1jzMEGWx2GXT8JQrBrKz467YY3wr PCepDvkJbJ5HUfdbPY0J/JCcq6gNkzht0JYYbHjfh0gFJALBRLiuOA3g/JD9GySuaiW6 B/AFqY+vECQ0OscJ4Ki/w5EbOMbwI0sUJ1AHf7vBc4KLJAzSML63J2+NjJJKdXdy7ExC xkrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:to:from:dkim-signature; bh=EBWzWGdKFlsR177Ivx3kU1ShqrVnRDkWfp+LDAq36Fs=; fh=3Vtgu05Yn9oXU9H2P64RUSEazd8Bxqo5IubZD7OcIw8=; b=Y+zd0oV8pmV1/dLLgLX7NddLlJ2THNtQ6hryFFvzESm+Uudups/0s8cqtuwhNB4tWy NqBLrDj7ygWxjDdQWTbieF+CewOjOvq6YgIAbTLpL9GKVEF1VcHFoU96YHfYepbfOQ6o 3Js+TACkKDHfexnHiARR5bxNalIkd13LTuiQII1CsxezQabT8aIe4O4Kw53nu/YZnBVj OJTpiL2l05zr5FuAr5kTuMy/80yJ1MeYuEEqJXQASSE+Zu/9vTdFHIGCaOFhuTfcpX9A LqmNNEhLLT5QrHoArxbJS2dczlqi0wUdtJK4xO4NsCZt62yTDOKBHycQJS9YrnF3UI+T nzfw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@coker.com.au header.s=2008 header.b=GfcHQ58Y; spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=coker.com.au Return-Path: Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id nh18-20020a17090b365200b002772ff87ee4si6875467pjb.82.2023.09.26.01.56.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 26 Sep 2023 01:56:11 -0700 (PDT) Received-SPF: pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; dkim=pass header.i=@coker.com.au header.s=2008 header.b=GfcHQ58Y; spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=coker.com.au Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 994D28062372; Tue, 26 Sep 2023 01:18:12 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231649AbjIZISH (ORCPT + 22 others); Tue, 26 Sep 2023 04:18:07 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57462 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233994AbjIZIRy (ORCPT ); Tue, 26 Sep 2023 04:17:54 -0400 X-Greylist: delayed 405 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Tue, 26 Sep 2023 01:16:51 PDT Received: from smtp.sws.net.au (smtp.sws.net.au [144.76.186.9]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AA07319AE for ; Tue, 26 Sep 2023 01:16:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=coker.com.au; s=2008; t=1695715803; bh=EBWzWGdKFlsR177Ivx3kU1ShqrVnRDkWfp+LDAq36Fs=; l=703; h=From:To:Subject:Date:From; b=GfcHQ58YltkgiafAoQ6smCoMhHnl0zi4Hiwqhv8HBkx2CaJotqqNPfoCGSsHugzoL 618fkpUwgbrUY+hAO4DsXz3EhtztWTRx3NwbWGSWVQCSq9Clw+vkA5XjbSmu+J9x9w /X/vE2Sh//uNUg/zbAYXo3Em3T3fq9UPbk/fbMEQ= Received: from liv.coker.com.au (unknown [IPv6:2001:4479:5805:1700:aa8e:e0a7:2df6:4d50]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) (Authenticated sender: russell@coker.com.au) by smtp.sws.net.au (Postfix) with ESMTPSA id D718BED95; Tue, 26 Sep 2023 18:10:02 +1000 (AEST) From: Russell Coker To: selinux-refpolicy@vger.kernel.org, Chris PeBenito Subject: /usr/lib/NetworkManager/nm-dispatcher Date: Tue, 26 Sep 2023 18:09:55 +1000 Message-ID: <2772620.BEx9A2HvPv@cupcakke> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: selinux-refpolicy@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Tue, 26 Sep 2023 01:18:12 -0700 (PDT) Regarding /usr/lib/NetworkManager/nm-dispatcher, you asked for more information when I submitted a patch changing the context. Currently it has type NetworkManager_initrc_exec_t which implies that it's part of a start script when it's really a program that's doing the actual work. Also that type means that when a laptop resumes from suspend it gets run in domain initrc_t which is not appropriate for it. We could have a domain_auto_trans for type NetworkManager_initrc_exec_t but I think it's more appropriate to give it a label that more accurately reflects it's use. What do you think Chris? -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/