From: stefan@seekline.net (Stefan Schulze Frielinghaus)
Date: Mon, 23 Nov 2009 15:36:41 +0100
Subject: [refpolicy] services_nut.patch
In-Reply-To: <4B0A88B7.1050903@redhat.com>
References: <4AFC823D.3090202@redhat.com>
	<1258381900.5120.16.camel@localhost>  <4B019ACD.4010406@redhat.com>
	<1258901980.2423.16.camel@localhost>  <4B0A88B7.1050903@redhat.com>
Message-ID: <1258987001.3109.6.camel@localhost>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Mon, 2009-11-23 at 14:05 +0100, Miroslav Grepl wrote:
[...]
> > Another question, what is the intention of the following
> >
> > permissive upsd_t;
> > permissive upsdrvctl_t;
> > permissive upsmon_t;
> >
> > Does that make the domain permissive by default?
> Yes, it does. We add new domains to permissive so we can fix all the avc's without blocking of functionality apps.

But not for refpolicy, right? I cannot find any such statement in the
policy modules of refpolicy. At least I wouldn't expect such a behavior
from modules of refpolicy. I guess we can remove those three lines.

If you are fine with the merge of both policies then we can commit it
(after the port change of course).

cheers
Stefan