From: russell@coker.com.au (Russell Coker)
Date: Fri, 7 Apr 2017 16:41:17 +1000
Subject: [refpolicy] [PATCH] systemd related changes again
In-Reply-To: <afb9703c-fc51-611a-5f77-335a73fc2d70@ieee.org>
References: <20170405045106.5r3a24caq6p353ui@athena.coker.com.au>
	<CAJ2a_DeO5OEm-2hqDV9idCWcoCMUhLX1K-Q8ij5L5=ArgLbnkg@mail.gmail.com>
	<afb9703c-fc51-611a-5f77-335a73fc2d70@ieee.org>
Message-ID: <201704071641.17152.russell@coker.com.au>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Fri, 7 Apr 2017 07:31:23 AM Chris PeBenito via refpolicy wrote:
> > in the longrun i'd like to run systemd-timesyncd in a seperate domain,
> > cause it's onyl a ntp client, which should require less permissions
> > than the ntp server
> 
> I agree.

I'd like to have fewer little almost-duplicate domains that make it more time-
consuming to maintain policy and more difficult to analyse it.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/