On Sep 13, 2012 5:40 PM, "Daniel J Walsh" <[email protected]> wrote:
> > selinux_compute_create_context(testdomain)
> > selinux_compute_relabel_context(testdomain)
> > selinux_compute_user_contexts(testdomain) +
+auth_read_passwd(testdomain)
> >
> Probably should use
>
> auth_use_nsswitch(testdomain)
>
> Since this will handle cases where users are listed in ldap or use sssd.
Also please try to not depend on distribution policies but rather
refpolicy. Other distributions don't use a separate type for passwd (yet?)
and I don't know if the interface suggested before is also supported.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.tresys.com/pipermail/refpolicy/attachments/20120914/cfc0a1d8/attachment.html