From: aranea@aixah.de (Luis Ressel)
Date: Mon, 18 Nov 2013 21:15:52 +0100
Subject: [refpolicy] [PATCH] Only label administrative postgres commands
 as postgresql_exec_t
In-Reply-To: <528A7389.6090806@redhat.com>
References: <1384692777-9505-1-git-send-email-aranea@aixah.de>
	<528A1FAD.4000809@redhat.com> <20131118174649.1c833f67@gentp.lnet>
	<528A7389.6090806@redhat.com>
Message-ID: <20131118211552.3e3811b2@gentp.lnet>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Mon, 18 Nov 2013 15:07:37 -0500
Daniel J Walsh <dwalsh@redhat.com> wrote:

> I believe by default then should be bin_t unless they match someother
> regex.

I thought it would be lib_t. But you're right, there's
"/usr/lib(.*/)?bin(/.*)?" --> bin_t, so my rule can indeed be dropped.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 966 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20131118/858f2109/attachment.bin