From: mgrepl@redhat.com (Miroslav Grepl)
Date: Tue, 26 Jun 2012 23:37:36 +0200
Subject: [refpolicy] [PATCH 1/1] blueman contrib policy
In-Reply-To: <4FEA2964.1090102@redhat.com>
References: <4FEA2517.90200@redhat.com>
	<1340745635.12652.23.camel@x220.mydomain.internal>
	<4FEA2964.1090102@redhat.com>
Message-ID: <4FEA2BA0.3020202@redhat.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 06/26/2012 11:28 PM, Miroslav Grepl wrote:
> On 06/26/2012 11:20 PM, Dominick Grift wrote:
>> On Tue, 2012-06-26 at 23:09 +0200, Miroslav Grepl wrote:
>>
>> There is a significant difference between the way reference policy
>> implemented auth_use_nsswitch and the way fedora implemented it.
>>
>> This leads me to believe that, since this policy relies on
>> auth_use_nsswitch, it should probably be modified to reflect these
>> changes between fedora's and refpolicy's auth_use_nsswitch()
> You could say it about lot of policies which are in the contrib repo.
>
> Let's discuss it.
Also I don't see this big differences. We use nsswitch_domain attribute 
now which will also submit as a patch.
>
>> Some other minor comments:
>>
>> 1. files dont need to file transition from var_lib_t to
>> blueman_var_lib_t; only directories. The files are created inside these
>> directories as per file context specification:
>>
>> /var/lib/blueman(/.*)?gen_context(system_u:object_r:blueman_var_lib_t,s0)
>>
>> 2. files_read_etc_files(blueman_t) is redundant (it is already included
>> with auth_use_nsswitch()
>>
>>
>>> A new policy for blueman-mechanism from Fedora contrib repo.
>>> (git://git.fedorahosted.org/selinux-policy.git)
>>>
>>> Description :
>>> Blueman is a tool to use Bluetooth devices.
>>>
>>> Patch:
>>> http://mgrepl.fedorapeople.org/SELinux/F18/contrib_blueman.patch
>>>
>>> _______________________________________________
>>> refpolicy mailing list
>>> refpolicy at oss.tresys.com
>>> http://oss.tresys.com/mailman/listinfo/refpolicy
>> _______________________________________________
>> refpolicy mailing list
>> refpolicy at oss.tresys.com
>> http://oss.tresys.com/mailman/listinfo/refpolicy
>
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy