From: aranea@aixah.de (Luis Ressel)
Date: Tue, 14 Nov 2017 03:56:46 +0100
Subject: [refpolicy] map permissions
In-Reply-To: <9767fc1e-3461-6c6f-dc40-329fec8652e4@ieee.org>
References: <3850548.JCvBVk9sDr@xev>
	<20171104211601.083a0a96@vega.skynet.aixah.de>
	<472df9ba-2110-39ca-e540-4b165c4648c9@m4x.org>
	<9767fc1e-3461-6c6f-dc40-329fec8652e4@ieee.org>
Message-ID: <20171114035646.5664426e@vega.skynet.aixah.de>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Sun, 5 Nov 2017 13:09:58 -0500
Chris PeBenito via refpolicy <refpolicy@oss.tresys.com> wrote:

> Thanks for looking in to that.  I'm inclined to dontaudit all that
> stuff.

The only remaining question is whether we actually care about this.
With the 2.26 release, glibc has deprecated libnss_compat, which was
the source of this denial spam.

If a dontaudit is added, I'd suggest to add a comment alongside it
stating that the dontaudit should be removed again (in 1-2 years,
perhaps?).

Regards,
Luis Ressel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20171114/34920dc4/attachment.bin