[refpolicy] [PATCH 3/8] Label systemd-journald files and directories

Nicolas Iooss nicolas.iooss at m4x.org
Fri Aug 29 15:43:29 EDT 2014

2014-08-25 14:32 GMT+02:00 Christopher J. PeBenito:
> On 8/23/2014 11:41 AM, Nicolas Iooss wrote:
> > (a) refpolicy already supports reading devlog_t symlinks [1].
> It a vestige of the NSA example policy.  Since we don't label the
> symlink devlog_t anymore, we should remove the rules.

Actually it seems that this rule has been added a few days after the
initial SVN import, by commit 5a9522111548 ("add devlog_t symlink to
loggers") [1].  If the arguments which explain this commit from 2005 no
longer apply, I agree we should remove this rule to prevent future




More information about the refpolicy mailing list