Hi guys, I am finally looking for opened Atomic issues with SELinux for what we came with seatomic and I want to move it forward. My idea is we could start to ship selinux-policy-atomic.rpm based on the selinux-policy-targeted where we could reduce the number of types and add possible needed changes.
For example https://bugzilla.redhat.com/show_bug.cgi?id=1309075 is a good example. If we add a new label we will have an issue because we don't have "mac_admin" for unconfined_service_t. So we could start to discuss how it is possible to ship new policy on Atomic to solve these urgent issues. Can you think guys about a way how to do it? Can you identify possible issues with that? Thank you, -- Miroslav Grepl Senior Software Engineer, SELinux Solutions Red Hat, Inc.
