From: dominick.grift@gmail.com (Dominick Grift)
Date: Tue, 26 Jun 2012 23:37:23 +0200
Subject: [refpolicy] [PATCH 1/1] blueman contrib policy
In-Reply-To: <4FEA2964.1090102@redhat.com>
References: <4FEA2517.90200@redhat.com>
	<1340745635.12652.23.camel@x220.mydomain.internal>
	<4FEA2964.1090102@redhat.com>
Message-ID: <1340746643.12652.33.camel@x220.mydomain.internal>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Tue, 2012-06-26 at 23:28 +0200, Miroslav Grepl wrote:
> On 06/26/2012 11:20 PM, Dominick Grift wrote:
> > On Tue, 2012-06-26 at 23:09 +0200, Miroslav Grepl wrote:
> >
> > There is a significant difference between the way reference policy
> > implemented auth_use_nsswitch and the way fedora implemented it.
> >
> > This leads me to believe that, since this policy relies on
> > auth_use_nsswitch, it should probably be modified to reflect these
> > changes between fedora's and refpolicy's auth_use_nsswitch()
> You could say it about lot of policies which are in the contrib repo.

Not quite but there may be some that slipped the cracks. since fedora's
auth_use_nsswitch() implementation underwent a huge change not many new
modules have been upstreamed as far as i know.

So i dont think this is true, although in some cases i may be wrong.

> Let's discuss it.
> 
> >
> > Some other minor comments:
> >
> > 1. files dont need to file transition from var_lib_t to
> > blueman_var_lib_t; only directories. The files are created inside these
> > directories as per file context specification:
> >
> > /var/lib/blueman(/.*)?gen_context(system_u:object_r:blueman_var_lib_t,s0)
> >
> > 2. files_read_etc_files(blueman_t) is redundant (it is already included
> > with auth_use_nsswitch()
> >
> >
> >> A new policy for blueman-mechanism from Fedora contrib repo.
> >> (git://git.fedorahosted.org/selinux-policy.git)
> >>
> >> Description :
> >> Blueman is a tool to use Bluetooth devices.
> >>
> >> Patch:
> >> http://mgrepl.fedorapeople.org/SELinux/F18/contrib_blueman.patch
> >>
> >> _______________________________________________
> >> refpolicy mailing list
> >> refpolicy at oss.tresys.com
> >> http://oss.tresys.com/mailman/listinfo/refpolicy
> >
> > _______________________________________________
> > refpolicy mailing list
> > refpolicy at oss.tresys.com
> > http://oss.tresys.com/mailman/listinfo/refpolicy
> 
>