From: russell@coker.com.au (Russell Coker)
Date: Sat, 22 Apr 2017 17:22:19 +1000
Subject: [refpolicy] s/apm/acpi/g
Message-ID: <201704221722.19418.russell@coker.com.au>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

https://en.wikipedia.org/wiki/Advanced_Power_Management

It has been a long time since APM was used much.  Wikipedia says that APM 
hasn't been fully functional in Linux since kernel 3.3 (that means it wouldn't 
have worked in Debian/Jessie).  It might work in the RHEL6 kernel which is 
still supported but RHEL6 doesn't include the apmd package.  The domain apmd_t 
is used for running acpid and it seems impossible to run apmd on any supported 
distribution.

I think it would be a good idea to rename the domain and the types of the files 
that it uses to reflect the fact that it's used for ACPI nowadays.

As the feature set of ACPI is a super-set of APM (and implemented in a more 
complex manner too) it's most likely that policy which works for acpid will 
also permit apmd to do whatever it wants.  But it probably hasn't been tested 
for 10 years or more so probably no-one knows.

You can expect the apmd_t domain to work well for acpid because it's tested 
with that all the time.  If you manage to get a distribution with working APM 
support (Debian/Wheezy or something older) and hardware that supports it 
(Windows XP was the last MS release that supported it so new hardware wouldn't 
have APM support tested) then there's no guarantee that apmd_t has the 
permissions needed to run it.

-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/