On 09/26/2015 09:05 PM, Alec Leamas wrote: > On 21/09/15 19:39, Alec Leamas wrote: >> On 21/09/15 18:59, Miroslav Grepl wrote: >>> On 09/21/2015 02:13 PM, Daniel J Walsh wrote: >>>> Adding Miroslav Grepl, current maintainer of selinux-policy in RHEL, >>>> Fedora, Centos. >>>> >>>> Miroslav I guess it looks like we are not shipping licrd.pp >>> >>> About what system are we talking? >>> >>> We definitely ship lircd in Fedora/RHEL. >>> >>> # semodule -l |grep lircd >>> lircd >>> >>> https://github.com/fedora-selinux/selinux-policy/blob/f23-contrib/lircd.te >>> >>> >>> >>> So if you see some issues and you use Fedora/RHEL, please open a new bug >>> or a new pull request against > > Hm... for the lircd module I think I now understand why it exists. It's > defined in for kernel and describes permissions for the /dev/lirc[0-9] > devices, defining the type *lirc_device_t*. All this looks fine. > > However, I think the kernel module name lircd is, well, "not ideal". > lircd is a user space daemon which basically isn't related to the > kernel devices in any specific way (although it is the primary user of > this interface). IMHO, the kernel selinux module should be named lirc, > leaving the *lircd* name open for the lircd user space daemon. > > If it's complicated to change the kernel module name, we need a new name > for the lircd user-space daemon selinux module. It should _not_ be the > same as the kernel stuff since they are unrelated. That makes sense. lircd is not a correct module name. The problem is we would need to rename all lircd interfaces and mark them as deprecated. But it is possible. Could you please open a new bug against selinux-policy component where we could discuss it also with upstream folks. Thank you. > > Thoughts? > > Cheers! > > --alec -- Miroslav Grepl Senior Software Engineer, SELinux Solutions Red Hat, Inc. -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
