From: dominick.grift@gmail.com (Dominick Grift)
Date: Wed, 11 Dec 2013 11:31:12 +0100
Subject: [refpolicy] RFC: direct_init_entry breaks direct_initrc
In-Reply-To: <20131211095203.GA6201@siphos.be>
References: <20131211083339.GA5997@siphos.be>
	<1386752197.18689.88.camel@d30> <20131211095203.GA6201@siphos.be>
Message-ID: <1386757872.18689.96.camel@d30>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Wed, 2013-12-11 at 10:52 +0100, Sven Vermeulen wrote:

> > It's a bit harder to verify init related stuff now though because
> > gentoo, debian and fedora each use a different init systems now
> 
> Indeed. I wouldn't mind splitting the init code into their respective
> domains, although that will be a "hell of a job", while there are still
> important shared aspects to it.

Looking at Fedoras' solution i now think that this probably will not be
optimal although i cannot think of any really convincing arguments to
back up my statement, other then that it is probably a bit too late for
that now, and that it is probably not as efficient.

We can make the systemd specific policy conditional, and if we do that
consistent then that should probably be okay

Thanks