From: russell@coker.com.au (Russell Coker)
Date: Fri, 17 Feb 2017 02:08:28 +1100
Subject: [refpolicy] [PATCH] tiny mon patch
In-Reply-To: <CAJ2a_DcuE0cNamHsViEqvj4GqPzk9K+vR-SRwxuqyOpsKKa7Kw@mail.gmail.com>
References: <20170214092214.34skcrjynny264h6@athena.coker.com.au>
	<e0036fa5-5ea0-b524-abbb-43b12679d711@ieee.org>
	<CAJ2a_DcuE0cNamHsViEqvj4GqPzk9K+vR-SRwxuqyOpsKKa7Kw@mail.gmail.com>
Message-ID: <201702170208.28373.russell@coker.com.au>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Fri, 17 Feb 2017 01:17:21 AM cgzones via refpolicy wrote:
> * The runtime file contexts starts with /var/run, but after the
> runtime-filecontext transition it should start with /run

Last time I tested it the algorithm used for labelling files matched the 
expression with the longest non-regex part and didn't take the subs_dist into 
account.  So an expression starting with /run would often lose out to one 
starting with /var/run in situations where you didn't want it to.

If nothing has changed in this regard then a change to /run instead of 
/var/run requires changing everything at once.  This isn't impossible or even 
that difficult (my usrmerge patch was essentially the same thing for /usr), but 
it has to be done all at once.

Are all the other distributions using /run nowadays?  If so you could make a 
patch to change everything and send it to the list.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/