From: joe@nall.com (Joe Nall)
Date: Wed, 27 May 2009 10:38:52 -0500
Subject: [refpolicy] Rules.modular.patch
In-Reply-To: <4A1D5ADF.1060101@redhat.com>
References: <4A157577.9000308@redhat.com> <1243429403.5421.2.camel@gorn>
	<4A1D5ADF.1060101@redhat.com>
Message-ID: <072AC0B3-8DD5-4A2A-9585-21DC06374A66@nall.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com


On May 27, 2009, at 10:23 AM, Daniel J Walsh wrote:

> On 05/27/2009 09:03 AM, Christopher J. PeBenito wrote:
>> On Thu, 2009-05-21 at 11:38 -0400, Daniel J Walsh wrote:
>>> http://people.fedoraproject.org/~dwalsh/SELinux/F11/Rules.modular.patch
>>>
>>> Do not call per_role extension automagically.
>>
>> I have to leave this upstream for some time, for compatibility.
>>
> But isn't this the problem, we should be moving forward and  
> eliminating
> all of the old RHEL4 stuff.  As we move forward we need a mechanism to
> clean the old cruft out.  I think this was a bad decision that we came
> up with many years ago, and we need to get rid if it.

I would like to second the request to depreciate/eliminate the  
automatic per-role extensions.

joe