[refpolicy] ANN: Reference Policy contrib repository

Christopher J. PeBenito cpebenito at tresys.com
Wed Sep 14 07:19:00 CDT 2011


On 09/13/11 17:31, Dominick Grift wrote:
> Op 9-9-2011 17:35, Christopher J. PeBenito schreef:
>> The core modules are critical modules on the system.  This includes all of the kernel layer, most of the system and roles layers, some admin modules, such as bootloader, su, and sudo, and userspace object managers.  It is possible to build a policy using only the core modules.  It is important to ensure these modules are well reviewed to ensure quality, so Reference Policy can be used as a base for both general-purpose systems (e.g. Linux distributions) and custom systems.  All remaining modules were moved to the contrib repository.  An important thing to note is that in the future, modules may move between core and contrib as necessary.
> 
> I like this, although i would prefer the core to be only the base
> modules (kernel layer) but it will not build without atleast a user,
> which is a pity.

This split was chosen because very few systems, if any, build their policy starting with only the kernel layer.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com


More information about the refpolicy mailing list