From: pebenito@ieee.org (Chris PeBenito)
Date: Fri, 9 Mar 2018 17:24:14 -0500
Subject: [refpolicy] Rebasing fedora selinux-policy with refpolicy
 upstream
In-Reply-To: <8aaf5b27-9bb7-ae2e-4864-44cfef01d48e@redhat.com>
References: <8aaf5b27-9bb7-ae2e-4864-44cfef01d48e@redhat.com>
Message-ID: <72cde042-debd-0145-ecc4-790d84783ab7@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 03/09/2018 04:16 AM, Lukas Vrabec via refpolicy wrote:
> As a maintainer of SELinux distribution policy for Fedora, I would like
> to start with rebasing SELinux modules with upstream refpolicy.
> 
> Unfortunately refpolicy and fedora selinux-policy quite diverged
> during the time. Do the full rebase will be probably really messy
> action. I prefer start with smaller modules from contrib branch/repo.
> 
> However I have few questions here. SELinux policy in Fedora cover more
> setups then refpolicy (contain more allow/generic rules). I'll merge
> allow rules from refpolicy which are missing in Fedora selinux-policy,
> but would you like to see allow rules from fedora selinux-policy in
> refpolicy upstream? Lot of these rules could be Fedora/RHEL specific.
> Should I start sending patches and you will decide which
> should be merged?

I have not looked at the Fedora policy in some time, so I don't know of 
anything specific that would be problematic.  My suggestion would be to 
start with small changes in contrib that will hopefully not be contentious.

-- 
Chris PeBenito