From: russell@coker.com.au (Russell Coker)
Date: Thu, 09 Feb 2017 12:34:10 +1100
Subject: [refpolicy] [PATCH] systemd core patch
In-Reply-To: <ff81c86b-db6d-7cad-8507-13fe67233d11@ieee.org>
References: <11722027.yIq6mmZ5g1@russell.coker.com.au>
	<ff81c86b-db6d-7cad-8507-13fe67233d11@ieee.org>
Message-ID: <3002933.O5dVEifZcm@russell.coker.com.au>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Wednesday, 8 February 2017 5:05:51 PM AEDT Chris PeBenito wrote:
> On 02/06/17 22:40, Russell Coker via refpolicy wrote:
> > I've attached the main patch for systemd policy in Debian.  Please
> > consider it for merging.
> > 
> > It's a large patch (which is why I had to compress it to fit the list
> > limits for attachment size).  If you don't like some sections could you
> > merge the others?
> 
> Yes, I'll do that.  Do you have a summary of the changes?

Added systemd_notify_t domain and all necessary policy.

Added policy for systemd_backlight_t, systemd_cgroups_t, systemd_hostnamed_t, 
systemd_locale_t, systemd_sessions_t

Added quite a bit of policy for systemd_tmpfiles_t which is mostly to allow it 
to work in a normal configuration without being able to modify everything on 
the system.

Added lots of policy for systemd_coredump_t, systemd_machined_t, 
systemd_nspawn_t, and systemd_passwd_agent_t.  These were essentially stub 
domains before.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/