From: russell@coker.com.au (Russell Coker)
Date: Tue, 14 Feb 2017 14:35:08 +1100
Subject: [refpolicy] [PATCH] capability sorting
In-Reply-To: <9cd6c679-6a58-5acd-e242-4b2210385408@ieee.org>
References: <37190070.fYifpz0EYe@russell.coker.com.au>
	<311d8934-76e2-75fd-8ff3-8bbb3f7c573e@ieee.org>
	<2272A259-6997-48B9-9DF4-E3BF457E23C4@coker.com.au>
	<9cd6c679-6a58-5acd-e242-4b2210385408@ieee.org>
Message-ID: <429BF6CC-EF1D-444B-88A3-F7C87ACF5522@coker.com.au>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

They said the same when I first submitted a patch to remove whitespace at the end of lines. ;)

Capabilities are different from all the other object classes. There's no other object class with as many permissions that can each be usefully set independently.

On 14 February 2017 11:42:12 am LHDT, Chris PeBenito via refpolicy <refpolicy@oss.tresys.com> wrote:
>On 02/12/17 20:59, Russell Coker wrote:
>> I'm just pendant about such things.
>>
>> But it does make it easier to compare policy by looking at it if
>things are in the same order. If you have 2 lists of capabilities and
>one has an extra item it can take a minute if they are in random order.
>
>True, but I don't plan on enforcing that it stays that way in the style
>
>guide, so I don't know that it's worth applying.
>
>
>> On 13 February 2017 5:58:38 am LHDT, Chris PeBenito
><pebenito@ieee.org> wrote:
>>> On 02/12/17 04:23, Russell Coker via refpolicy wrote:
>>>> The attached patch (gzip compressed due to list size limits) sorts
>>> the
>>>> capabilities in alphabetical order which is also the order from the
>>> system
>>>> include files.
>>>>
>>>> I used the below perl script to sort the capabilities and both
>>> inspected and
>>>> tested the result.
>>>
>>> I'm ok with the change, but I'm not clear why you made it.  If it is
>>> what you understood from the style guide, I really need to clarify
>it,
>>> since this type of alphabetical sorting isn't required.
>>>
>>>
>>>> #!/usr/bin/perl
>>>> use strict;
>>>>
>>>> while(<STDIN>)
>>>> {
>>>>   if($_ =~ /capability.*{/)
>>>>   {
>>>>     chomp;
>>>>     my @line = split /{/,$_;
>>>>     my @end = split /}/,$line[1];
>>>>     my $capabilities = join(' ', sort split / /,$end[0]);
>>>>     print "$line[0]\{$capabilities }$end[1]\n";
>>>>   }
>>>>   else
>>>>   {
>>>>     print $_;
>>>>   }
>>>> }
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> refpolicy mailing list
>>>> refpolicy at oss.tresys.com
>>>> http://oss.tresys.com/mailman/listinfo/refpolicy
>>>>
>>

-- 
Sent from my Nexus 6P with K-9 Mail.