From: dwalsh@redhat.com (Daniel J Walsh)
Date: Wed, 09 Jun 2010 15:10:46 -0400
Subject: [refpolicy] kernel_files.patch
In-Reply-To: <1276088999.809.172.camel@gorn.columbia.tresys.com>
References: <4C06BD89.7000606@redhat.com>
	<1276088999.809.172.camel@gorn.columbia.tresys.com>
Message-ID: <4C0FE736.6020606@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 06/09/2010 09:09 AM, Christopher J. PeBenito wrote:
> On Wed, 2010-06-02 at 16:22 -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F14/kernel_files.patch
>>
>> Files created in / I label as etc_runtime_t, we have never come up with
>> a better label.
>
> I think that you couldn't come up with a better label because there is
> no good label.  There isn't a standard concept of what files created in
> the root directory are.
>
>> Miroslav added system_conf_t so firewall apps could edit these files
>
> I'm still thinking about this one.  It still seems weird, but I'm not
> sure why.
>
>> Redhat does want /usr/local/src labeled src_t or /usr/src for that matter
>>
>> Fix labels on chroot environments
>
> Otherwise merged.
>

I figured out what the kernel_stream_connect was.  Plymouthd runs in the 
initrd and when xdm or boot is complete,  It sends a message to tell the 
plymouthd to stop running.