From: dwalsh@redhat.com (Daniel J Walsh)
Date: Thu, 09 Sep 2010 09:48:31 -0400
Subject: [refpolicy] [alsa patch 1/1] Interaction with alsa home content
 by confined users.
In-Reply-To: <20100909125752.GD16089@localhost.localdomain>
References: <20100908104106.GA31213@localhost.localdomain>	<4C88D931.2010807@tresys.com>
	<20100909125752.GD16089@localhost.localdomain>
Message-ID: <4C88E5AF.8050508@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/09/2010 08:57 AM, Dominick Grift wrote:
> On Thu, Sep 09, 2010 at 08:55:13AM -0400, Christopher J. PeBenito wrote:
>> On 09/08/10 06:41, Dominick Grift wrote:
>>> Confined users can manage and relabel alsa home files.
>>>
>>> Plus some cleanups inspired by example policy.
>>>
>>> Signed-off-by: Dominick Grift<domg472@gmail.com>
>>> ---
>> [...]
>>> diff --git a/policy/modules/roles/staff.te b/policy/modules/roles/staff.te
>>> index 0c9876c..f9c23ed 100644
>>> --- a/policy/modules/roles/staff.te
>>> +++ b/policy/modules/roles/staff.te
>>> @@ -53,6 +53,11 @@ optional_policy(`
>>>
>>>  ifndef(`distro_redhat',`
>>>  	optional_policy(`
>>> +		alsa_manage_home_files(staff_t)
>>> +		alsa_relabel_home_files(staff_t)
>>> +	')
>>
>> Is there a reason why this needs to be excluded on redhat systems?
> 
> Yes confined users can manage and relabel all userdom_user_home_content by default (so its redundant)
I would rather this not be there, to stop the type of question that
Chris asked.  Redundancy is not a problem.
>>
>> -- 
>> Chris PeBenito
>> Tresys Technology, LLC
>> www.tresys.com | oss.tresys.com
>>
>>
>> _______________________________________________
>> refpolicy mailing list
>> refpolicy at oss.tresys.com
>> http://oss.tresys.com/mailman/listinfo/refpolicy

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkyI5a8ACgkQrlYvE4MpobOu7ACeOObY66KGhzvhYddk0s182i9a
uwgAnA9E37RN0D2fXkOUrzuWxLz+Xkxh
=Hou2
-----END PGP SIGNATURE-----