03.06.2014, 12:07, "Mika Pflüger" <[email protected]>: [skip] > I think the general policy regarding CIL modules should be solved > upstream (i.e. by the secilc developers; you could propose them your > policy), so that we have a common policy for all linux distributions and > can benefit from each other's work. As long as such an upstream policy > does not exist, it would be premature for debian to ship an own > framework in /usr/(s)bin . I think we should put some example scripts > for system administrators into /usr/share/doc/secilc/examples and > explain them in /usr/share/doc/secilc/README.Debian , but we do not > need to define our own CIL module policy.
> So to sum up my proposal: > * Put CIL module installation scripts and documentation > into /usr/share/doc/secilc/examples for the time being. I think your > proposed scripts look good for that. > * Work with secilc upstream, possibly refpolicy upstream and other > distributions (mainly fedora and gentoo) on a policy for CIL modules. > * As soon as we have an upstream CIL module policy, ship CIL module > installation and support programs/scripts in /usr/(s)bin . There is no mailing list upstream. -- Victor Porton - http://portonvictor.org _______________________________________________ SELinux-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel
