From: dwalsh@redhat.com (Daniel J Walsh)
Date: Tue, 21 Jul 2009 15:07:42 -0400
Subject: [refpolicy] services_ricci.patch
In-Reply-To: <1248200367.2914.444.camel@gorn.columbia.tresys.com>
References: <4A2DB472.1050609@redhat.com>	
	<1248185501.2914.432.camel@gorn.columbia.tresys.com>	
	<4A65D3A6.1030006@redhat.com>
	<1248200367.2914.444.camel@gorn.columbia.tresys.com>
Message-ID: <4A6611FE.8000105@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 07/21/2009 02:19 PM, Christopher J. PeBenito wrote:
> On Tue, 2009-07-21 at 10:41 -0400, Daniel J Walsh wrote:
>> On 07/21/2009 10:11 AM, Christopher J. PeBenito wrote:
>>> On Mon, 2009-06-08 at 21:01 -0400, Daniel J Walsh wrote:
>>>> http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_ricci.patch
>>>>
>>>> Lots of additional access required by ricci and friends.
>>> Merged except for the default_t access, which seems like a labeling
>>> issue.
>>>
>> I would like to remove all default_t access and remove the read_default_t boolean.  
> 
> I can definitely agree with this.
> 
>> This is almost guaranteed to be a labeling problem. 
>  
Go for it.  I have it removed from rawhide now.