On 21/09/15 19:39, Alec Leamas wrote:
On 21/09/15 18:59, Miroslav Grepl wrote:
On 09/21/2015 02:13 PM, Daniel J Walsh wrote:
Adding Miroslav Grepl, current maintainer of selinux-policy in RHEL,
Fedora, Centos.
Miroslav I guess it looks like we are not shipping licrd.pp
About what system are we talking?
We definitely ship lircd in Fedora/RHEL.
# semodule -l |grep lircd
lircd
https://github.com/fedora-selinux/selinux-policy/blob/f23-contrib/lircd.te
So if you see some issues and you use Fedora/RHEL, please open a new bug
or a new pull request against
Hm... for the lircd module I think I now understand why it exists. It's
defined in for kernel and describes permissions for the /dev/lirc[0-9]
devices, defining the type *lirc_device_t*. All this looks fine.
However, I think the kernel module name lircd is, well, "not ideal".
lircd is a user space daemon which basically isn't related to the
kernel devices in any specific way (although it is the primary user of
this interface). IMHO, the kernel selinux module should be named lirc,
leaving the *lircd* name open for the lircd user space daemon.
If it's complicated to change the kernel module name, we need a new name
for the lircd user-space daemon selinux module. It should _not_ be the
same as the kernel stuff since they are unrelated.
Thoughts?
Cheers!
--alec
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
