From: dwalsh@redhat.com (Daniel J Walsh)
Date: Tue, 07 Apr 2009 10:51:20 -0400
Subject: [refpolicy] services_sssd.patch
In-Reply-To: <1239115453.32379.4915.camel@gorn.columbia.tresys.com>
References: <49C8E77A.7050605@redhat.com>
	<1239115453.32379.4915.camel@gorn.columbia.tresys.com>
Message-ID: <49DB6868.9040108@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 04/07/2009 10:44 AM, Christopher J. PeBenito wrote:
> On Tue, 2009-03-24 at 10:00 -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_sssd.patch
>>
>> New policy for the new sssd daemon (part of ipa.)
>
> Why isn't there just a module for ipa instead?  Then it would have all
> of the parts.
>
sssd is not necessarily tied to ipa, I believe the goal is to allow 
caching of login information as well as support for more complex login 
situations.

ipa policy is shipped with the ipa server software, sssd is shipped with 
every client.