From: dwalsh@redhat.com (Daniel J Walsh)
Date: Fri, 03 Apr 2009 16:17:35 -0400
Subject: [refpolicy] system_fstools.patch
In-Reply-To: <1238769772.32379.4562.camel@gorn.columbia.tresys.com>
References: <49B00863.2040301@redhat.com>
	<1238769772.32379.4562.camel@gorn.columbia.tresys.com>
Message-ID: <49D66EDF.8060505@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 04/03/2009 10:42 AM, Christopher J. PeBenito wrote:
> On Thu, 2009-03-05 at 13:14 -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F11/system_fstools.patch
>>
>> Remove label for badblocks and mkswap no need to transition
>
> Still dropping this block.
>
>> fsadm creates files in nfs and cifs directories
>
Building a kernel or other packages in a nfs and cifs environment 
involes fsadm tools writing to these directories I believe.

> Why?
>
>> Uses terminals
>
If one of these tools runs during boot it will write to a tty_device_t.

> Why are all terminals needed?  Console and user terminals should be
> sufficient.
>
>> We run it unconfined
>
> moved this to distro_redhat
>