From: dominick.grift@gmail.com (Dominick Grift)
Date: Thu, 06 Sep 2012 21:21:00 +0200
Subject: [refpolicy] state of core/contrib split
In-Reply-To: <5048F19E.7000301@redhat.com>
References: <5048D6E2.3030303@tresys.com> <5048DA26.3080703@trentalancia.com>
	<1346954588.15262.89.camel@d30.localdomain> <5048EF31.10902@redhat.com>
	<5048F19E.7000301@redhat.com>
Message-ID: <1346959260.15262.97.camel@d30.localdomain>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com



On Thu, 2012-09-06 at 14:55 -0400, Daniel J Walsh wrote:

> 
> The problem I saw when I started to merge changes in the past was that lots of
> new policies required changes to the base, especially corenetwork.  As

The issue with regard to port labeling should in my view be easily
solved. just label the darned ports :)

so if we can just merge corenetwork.te.in ( atleast with regard to
declaring new port types.) then that should give me more room to merge
stuff.

although i really like your idea of using attributes to classify ports
rather than giving them a service specific name.

But there are more issues but it does not have to be perfect in my view.
If fedora has something controversial then, in my view, i could just
merge the policy without the controversial bits (if i cant fix it to
something acceptable myself). Policy is never perfect anyways is always
a process.