From: dominick.grift@gmail.com (Dominick Grift)
Date: Wed, 01 May 2013 22:14:47 +0200
Subject: [refpolicy] [PATCH/RFC 2/2] Add minidlna policy
In-Reply-To: <20130501200901.GA27004@siphos.be>
References: <20130501183657.GA25116@siphos.be>
	<20130501183845.GC25116@siphos.be> <1367435529.452.19.camel@d30>
	<20130501200901.GA27004@siphos.be>
Message-ID: <1367439287.452.23.camel@d30>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Wed, 2013-05-01 at 22:09 +0200, Sven Vermeulen wrote:
> On Wed, May 01, 2013 at 09:12:09PM +0200, Dominick Grift wrote:
> > > +/etc/minidlna\.conf	--	gen_context(system_u:object_r:minidlna_etc_t,s0)
> > 
> > Can we use type minidlna_conf_t instead for consistency?
> 
> Ok... but in the contrib/ folder, I find more _etc_t definitions than
> _conf_t ones:
> 
> $ grep '^type .*_conf_t' *.te | wc -l
> 36
> $ grep '^type .*_etc_t' *.te | wc -l
> 89

Hmm, i see. I prefer conf in light of self-documenting policy

> 
> I wasn't sure what to do here. Gentoo installs the /var/lib/minidlna
> directory already as part of the software installation. But I noticed that
> the majority of modules do have this set.
> 
> I'll change it to a files_search_var_lib(minidlna_t).

Thanks. A file transition is not needed in that case

> > 
> > Which file is that? /etc/nsswitch.conf?
> 
> nsswitch.conf and passwd.
> 

Probably needs nsswitch support then

> Wkr,
> 	Sven Vermeulen