From: russell@coker.com.au (Russell Coker) Date: Fri, 7 Apr 2017 16:41:17 +1000 Subject: [refpolicy] [PATCH] systemd related changes again In-Reply-To: References: <20170405045106.5r3a24caq6p353ui@athena.coker.com.au> Message-ID: <201704071641.17152.russell@coker.com.au> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Fri, 7 Apr 2017 07:31:23 AM Chris PeBenito via refpolicy wrote: > > in the longrun i'd like to run systemd-timesyncd in a seperate domain, > > cause it's onyl a ntp client, which should require less permissions > > than the ntp server > > I agree. I'd like to have fewer little almost-duplicate domains that make it more time- consuming to maintain policy and more difficult to analyse it. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/