[DSE-Dev] policy

[Russell Coker]

The policy that is in Unstable now is the new upstream release and is working 
well on a bunch of my systems.  If Bullseye releases without any further 
updates to policy then I'll be pretty happy with the situation.  Of course I 
will keep changing things, but unless the systemd people put in a significant 
change at the last minute I don't think that any change will be really needed.

Please test it out and let me know of any problems you find.

Also note that I've changed my approach to type transition rules for file 
creation.  I'm now using them aggressively to deal with cases where package 
maintainers have used shell scripts to create files and directories without 
relabeling them.  So if you notice files/directories/links getting the wrong 
context from postinst then let me know.  My aim is that all the daemons for 
which there is policy can just be installed and work with the default 
configuration.

I was going to work on Exim because in the past it hadn't worked well.  But I 
tested a fairly default config and it all just worked.  A pleasant surprise.


-- 
My Main Blog         http://etbe.coker.com.au/
My Documents Blog    http://doc.coker.com.au/