From: dwalsh@redhat.com (Daniel J Walsh)
Date: Wed, 27 May 2009 11:25:42 -0400
Subject: [refpolicy] appconfig-mcs_default_contexts.patch
In-Reply-To: <1243430190.5421.8.camel@gorn>
References: <4A156664.5030701@redhat.com> <1243430190.5421.8.camel@gorn>
Message-ID: <4A1D5B76.2000603@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 05/27/2009 09:16 AM, Christopher J. PeBenito wrote:
> On Thu, 2009-05-21 at 10:34 -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F11/appconfig-mcs_default_contexts.patch
>>
>> default context file should have one default context all of the other
>> types should be broken out into the users directory.
>
> I disagree.  We need defaults that work.
>
But the defaults are in the individual files which we now ship.  So as I 
add new user ABC_U type I need to provide a 
/etc/selinux/targeted/contexts/users/ABC_U

And defaults_context will not work for that user if the ABC_U file is 
not there.  So it will not Just work.