From: aranea@aixah.de (Luis Ressel)
Date: Wed, 28 Dec 2016 00:02:30 +0100
Subject: [refpolicy] [PATCH] init: run sysvinit without the dangerous
 unconfined_domain() call
In-Reply-To: <1320659434.14525.1482879298312.JavaMail.open-xchange@popper05.register.it>
References: <1425370720.18751.1482877006863.JavaMail.open-xchange@popper10.register.it>
	<20161227233846.6ed0ebf0@gentp.lnet>
	<1320659434.14525.1482879298312.JavaMail.open-xchange@popper05.register.it>
Message-ID: <20161228000230.798bf64d@gentp.lnet>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Tue, 27 Dec 2016 23:54:58 +0100 (CET)
Guido Trentalancia via refpolicy <refpolicy@oss.tresys.com> wrote:

> Ok, that's fine. Consider, I have completed testing it with sysvinit,
> so I don't really need to debug anything.
> 
> It comes from the following recent advice that has been posted (I was
> not even aware of the existence of such statement):
> 
> http://oss.tresys.com/pipermail/refpolicy/2016-December/008835.html
> 

Neither was I; I had to look it up before answering to your mail. :)

> but, if it is more likely to cause problems, then I can create a new
> patch which just dumps the dangerous call to unconfined_domain() and
> that's the end of the story.
> 

Thanks!

> At the end, there must be a way out of it !

Yes. Personally, I never really cared about it because I don't use
'unconfined' anyway, but I definitly appreciate your effort to get rid
of it.

Regards,
Luis Ressel