[refpolicy] [PATCHv2 0/4] Separate domtrans/run interfaces for portage_fetch

Christopher J. PeBenito cpebenito at tresys.com
Wed Sep 14 11:49:44 CDT 2011

On 09/13/11 14:19, Sven Vermeulen wrote:
> This revised patchset updates the portage interfaces to support
> portage_run_fetch and portage_domtrans_fetch, rather than including the
> support for portage_fetch_t in the regular portage_run and portage_domtrans
> interfaces.
> I'm not sure how to best "mix" changes across refpolicy and
> refpolicy::contrib. If the patches are not correctly made, this was what I
> did:
> - Make changes in contrib, then format-patch to generate patches
> - Make changes in refpolicy, then format-patch to generate patches

I'm not sure what the best way is either.  The way you did it is fine.

> I notice that git also supports "adding" the commits from contrib to the
> patches in the main refpolicy, but I'm not sure that's the idea behind it
> for refpolicy.
> Changes since v1
> ----------------
> - Removes the portage_fetch_t calls from portage_domtrans and portage_run
> - Adds callers for portage_fetch_t (sysadm, unconfined and puppet for now)


Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com

More information about the refpolicy mailing list