From: dominick.grift@gmail.com (Dominick Grift)
Date: Fri, 10 Aug 2012 18:20:11 +0200
Subject: [refpolicy] ntp issue
Message-ID: <1344615611.6662.4.camel@d30.localdomain>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

I was playing with ntp_admin() and i figured out that /etc/ntp.conf is
labeled net_conf_t. What is the rationale behind that decision, I dont
see it?

Whatever the reason for this is, its not implemented properly. The
net_conf_t type should not be used in the ntp.fc file.

Instead, if one really wants /etc/ntp.conf to be net_conf_t, then move
the fc spec to sysnetwork.fc

But again i dont see why this file has to be net_conf_t. Its not good
for ntp_admin either. I wouldnt want my ntp_admin to have access to
net_conf_t files just so that he is able to manage ntp config files