From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Mon, 07 Jun 2010 10:00:08 -0400
Subject: [refpolicy] kernel_filesystem.patch
In-Reply-To: <20100607125737.GB27414@localhost.localdomain>
References: <4C06BDB8.2030401@redhat.com>
	<1275658453.809.48.camel@gorn.columbia.tresys.com>
	<4C090298.40006@redhat.com>
	<1275914949.809.84.camel@gorn.columbia.tresys.com>
	<20100607125737.GB27414@localhost.localdomain>
Message-ID: <1275919208.809.102.camel@gorn.columbia.tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Mon, 2010-06-07 at 14:57 +0200, Dominick Grift wrote:
> On Mon, Jun 07, 2010 at 08:49:09AM -0400, Christopher J. PeBenito wrote:
> > On Fri, 2010-06-04 at 09:41 -0400, Daniel J Walsh wrote:
> > > On 06/04/2010 09:34 AM, Christopher J. PeBenito wrote:
> > > > On Wed, 2010-06-02 at 16:23 -0400, Daniel J Walsh wrote:
> > > >> http://people.fedoraproject.org/~dwalsh/SELinux/F14/kernel_filesystem.patch
> > > >>
> > > >> Changes for /cgroup policy
> > > >
> > > > While moving the labeling of cgroup from kernel to filesystem modules
> > > > may make sense, I'm not sure why the type and interfaces need to be
> > > > renamed.
> > > >
> > > Well it is a file system?
> > 
> > Thats not necessarily a good reason, since other pseudo filesystems
> > exist in other modules, for good reason.  It also doesn't explain the
> > renaming.
> 
> the libcgroup suite was one of the reasons to rename. libcgroup which
> automates cgroup management installs the /cgroup mountpoint. whilst
> that directories content is the cgroup pseudo filesystem. So we needed
> two types for almost the same purpose. So we choose cgroup_t for
> libcgroups /cgroup mountpoint and we decided to rename the cgroupfs
> pseudo fs cgroupfs

I don't see a need for two different types.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com