[refpolicy] state of core/contrib split

Dominick Grift dominick.grift at gmail.com
Thu Sep 6 14:21:00 CDT 2012



On Thu, 2012-09-06 at 14:55 -0400, Daniel J Walsh wrote:

> 
> The problem I saw when I started to merge changes in the past was that lots of
> new policies required changes to the base, especially corenetwork.  As

The issue with regard to port labeling should in my view be easily
solved. just label the darned ports :)

so if we can just merge corenetwork.te.in ( atleast with regard to
declaring new port types.) then that should give me more room to merge
stuff.

although i really like your idea of using attributes to classify ports
rather than giving them a service specific name.

But there are more issues but it does not have to be perfect in my view.
If fedora has something controversial then, in my view, i could just
merge the policy without the controversial bits (if i cant fix it to
something acceptable myself). Policy is never perfect anyways is always
a process.



More information about the refpolicy mailing list