On Fri, Oct 27, 2017 at 07:02:54AM -0700, Peter wrote: > Thanks, I think this is good start. > > I think what we'd want to do is write up a feature page. Using > https://github.com/cockpit-project/cockpit/wiki/Feature-template > > That will help us finish the user stories and design.
I'll rewrite it into the template. Should I create a new page or do you want read and review it somewhere first and then move it to https://github.com/cockpit-project/cockpit/wiki/ ? > > I do have some concerns about the dbus api. If it's just a wrapper around > semanage and we still need to parse the output. What are the advantages of > calling it instead of just running the semanage commands directly from > cockpit. As dbus interface was split from policycoreutils in recent SELinux Userspace release 2.7, it could be rewritten so that it would use libsemanage bindings instead of semanage command. But it's not even on the plan yet so pure speculation. Currently there's no advantage. It's listed as a possibility as DBUS interface seems to be preferred and for the purpose of the feature it should be sufficient. Thanks, Petr > On 10/27/2017 05:35 AM, Petr Lautrbach wrote: > > Hi, > > > > there's already an epic in trello related to Improved SELinux > > troubleshooting and Management [1]. There seems to be missing a > > user story for SELinux management so I put together a document which > > should cover basic SELinux local policy management using either semanage > > command or org.selinux DBUS interface: > > > > https://plautrba.fedorapeople.org/manage-local-selinux-policy-in-cockpit.html > > > > I'd like to ask you for a review and comments if it makes sense and for > > help with design for this effort when there's an agreement > > > > [1] > > https://trello.com/c/WiFrlt4C/381-epic-improved-selinux-troubleshooting-and-management > > > > Thanks, > > > > Petr > > _______________________________________________ > > cockpit-devel mailing list -- cockpit-devel@lists.fedorahosted.org > > To unsubscribe send an email to cockpit-devel-le...@lists.fedorahosted.org > > > _______________________________________________ > cockpit-devel mailing list -- cockpit-devel@lists.fedorahosted.org > To unsubscribe send an email to cockpit-devel-le...@lists.fedorahosted.org _______________________________________________ cockpit-devel mailing list -- cockpit-devel@lists.fedorahosted.org To unsubscribe send an email to cockpit-devel-le...@lists.fedorahosted.org
