From: dominick.grift@gmail.com (Dominick Grift)
Date: Fri, 23 Sep 2011 22:26:27 +0200
Subject: [refpolicy] [PATCH 1/1] Cronjobs might create temporary
 directories
In-Reply-To: <20110923191154.GA31939@siphos.be>
References: <20110921192331.GA10041@siphos.be>
	<1316636711.24149.11.camel@x220.mydomain.internal>
	<20110922060405.GA13992@siphos.be>
	<1316678065.374.10.camel@x220.mydomain.internal>
	<20110922184251.GA15227@siphos.be> <20110923191154.GA31939@siphos.be>
Message-ID: <1316809587.1931.44.camel@x220.mydomain.internal>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Fri, 2011-09-23 at 21:11 +0200, Sven Vermeulen wrote:
> On Thu, Sep 22, 2011 at 08:42:51PM +0200, Sven Vermeulen wrote:
> > If the system_cronjob_t domain is seen more like a "jump board" towards the
> > application specific domains, I don't mind creating a makewhatis policy
> > module and work from there onwards.
> 
> Giving the fact that the policy will probably read and write man_t together
> with the usual suspects (_exec, _domtrans), is it okay to suggest a patch for
> the miscfiles module? Or would you rather see an independent module?
> 
> I don't think I need to offer a _run or _role interface, since transitioning
> from sysadm_t wouldn't be necessary. Or is it better to do that anyway?

I wonder what PeBenito thinks about this.

I wouldnt mind adding this to miscfiles, but i wouldnt add any unused
interfaces. If it turns out they are needed they can always be added
later.

> Wkr,	
> 	Sven Vermeulen
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20110923/46106723/attachment.bin