From: domg472@gmail.com (Dominick Grift)
Date: Mon, 24 Jan 2011 16:55:01 +0100
Subject: [refpolicy] [PATCH/RFC 14/19]: patch set to update the git
 reference policy
In-Reply-To: <1295884164.1547.8.camel@tesla.lan>
References: <1295829869.3862.73.camel@tesla.lan>	 <4D3D8387.6010003@gmail.com>
	<1295884164.1547.8.camel@tesla.lan>
Message-ID: <4D3DA0D5.7010304@gmail.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/24/2011 04:49 PM, Guido Trentalancia wrote:
> On Mon, 24/01/2011 at 14.49 +0100, Dominick Grift wrote:
>> On 01/24/2011 01:44 AM, Guido Trentalancia wrote:
>>> diff -pruN -x .git -x booleans.conf -x corenetwork.if -x corenetwork.te -x modules.conf refpolicy-git-18012011/policy/modules/system/logging.te refpolicy-git-18012011-new/policy/modules/system/logging.te
>>> --- refpolicy-git-18012011/policy/modules/system/logging.te	2011-01-08 19:07:21.356759360 +0100
>>> +++ refpolicy-git-18012011-new/policy/modules/system/logging.te	2011-01-18 23:13:49.813854998 +0100
>>> @@ -223,6 +223,8 @@ allow audisp_t self:unix_dgram_socket cr
>>>  
>>>  allow audisp_t auditd_t:unix_stream_socket rw_socket_perms;
>>>  
>>> +allow audisp_t proc_t:file read_file_perms;
>>
>> usage of proc_t is not allowed here. use:
>>
>> kernel_read_system_state(audisp_t)
> 
> Ok, it will be changed accordingly. Wasn't aware of that restriction, is
> it the style guidelines thing ? Of course, proc_t is not defined
> there...

I guess atleast some unwritten rules. but it may or may not be mentioned
in the style guide.

But if you study refpolicy long enough you will probably see that pattern.

> 
> There were other comments to other pieces of the set. Will check the
> rest later this evening or tomorrow as it requires a bit more time.

> Thanks very much for your comments.
> 
> Regards,
> 
> Guido
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk09oNUACgkQMlxVo39jgT84TwCguwWul+QDcfBnp7qEOvh7Zjd+
dbYAnAjfSXdfWeheY9hPO5CFdRUVTMXQ
=D62H
-----END PGP SIGNATURE-----