From: sds@tycho.nsa.gov (Stephen Smalley)
Date: Fri, 19 Feb 2010 13:00:39 -0500
Subject: [refpolicy] Changing build.conf defaults?
Message-ID: <1266602439.32011.88.camel@moss-pluto.epoch.ncsc.mil>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Hi,

I was wondering whether it would make sense to change the refpolicy
build.conf defaults to more closely reflect the actual settings in use
in modern distributions.  In particular, I was thinking that we are long
past the point where it makes sense to make MONOLITHIC=n the default
given that:
- all modern distros with SELinux use modular/managed policy, and
- semodule, semanage, and even setsebool -P will only work if using
modular/managed policy these days.

Changing the default would eliminate at least one case of common user
error when building from upstream refpolicy on a modern distribution.

Any objections to changing that default upstream?

-- 
Stephen Smalley
National Security Agency