Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 597535 - Differences between my master branch and fedora v3.8.1-3
Summary: Differences between my master branch and fedora v3.8.1-3
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
: 597534 (view as bug list)
Depends On:
TreeView+ depends on / blocked
Reported: 2010-05-29 12:45 UTC by Dominick Grift
Modified: 2010-06-02 16:16 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2010-06-01 20:02:07 UTC

Attachments (Terms of Use)
Differences between my master branch and Fedora v3.8.1-3 (deleted)
2010-05-29 12:45 UTC, Dominick Grift
no flags Details | Diff

Description Dominick Grift 2010-05-29 12:45:43 UTC
Created attachment 417854 [details]
Differences between my master branch and Fedora v3.8.1-3

Description of problem:

Enclosed you will find the differences between my master branch and fedora v3.8.1-3

Caution: some of it may have errors!

It is on hunk of Clean-ups, features, fixes, modules and other changes.

Comment 1 Dominick Grift 2010-05-29 13:31:41 UTC
So in that diff above i commented out a rule that allowed dnsmasq to bind udp sockets to all ports, but turns out that dnsmasq needs to bind udp sockets to dhcpd ports.

Not sure why in Fedora it is allowed to bind udp sockets to all ports, but seems a bit coarse to me.

Comment 2 Miroslav Grepl 2010-05-31 13:45:36 UTC
*** Bug 597534 has been marked as a duplicate of this bug. ***

Comment 3 Daniel Walsh 2010-06-01 14:33:37 UTC
A lot of this seems to be cleanup of how upstream is defining interfaces.  Lots of interface rearranging, moving the ability to search to the directory to the bottom of the interface and more important calls to the top.  Also lots of cleanup in interface comments.

I would prefer to get chris's input on this and get to a consensus so our diffs become more easily manageable.

Comment 4 Dominick Grift 2010-06-01 20:02:07 UTC
Yes you are right, most is clean up but there are other fixes in there as well.
But anyways this patch is already old compared to my current master branch so forget about it.

I guess thats also the reason that i started to maintain my own policy. Because i just have my own requirements that aren't easy to upstream.

There are some things i think you should review though.

particularly the dev_rw_generic_chr_file(initrc_t) we added recently due to dracuts bug and i would suggest we keep my policy modules that you adopted like irssi synchronized. Some other things that may be of interest is my mail_home_t implementation and my clamdsmtpd policy amongst other things.

But again, i think you are right about the style fixes but there is a very very small chance upstream will ever adopt those.

Anyways , closing this bug report.

Comment 5 Daniel Walsh 2010-06-02 16:16:52 UTC
I am not sure why they would not.  I think we should come to some kind of consensus and then go forward.  That way it would be easier to see the fixes in your code that should go into Fedora and eventually upstream

Note You need to log in before you can comment on or make changes to this bug.