SELinux-Refpolicy Archive on
 help / color / Atom feed
From: Lukas Vrabec <>
Subject: New boolean for using bluetooth
Date: Thu, 25 Apr 2019 18:58:27 +0200
Message-ID: <> (raw)

[-- Attachment #1.1: Type: text/plain, Size: 914 bytes --]

Hi All,

I added new SELinux boolean[1][2] to Fedora SELinux policy called

I would like to push it also to refpolicy, however, refpolicy is not
using bluetooth_socket at all, it's defined in policy but not used by
any SELinux domain. Can I create patch also with adding these rules from
Fedora policy? And also, for some reason my colleagues didn't follow
name conventions of global booleans with refpolicy (I didn't find any
deny_* boolean in refpolicy). So if it make sense to add these kind of
boolean also to refpolicy, should I defined it as allow_bluetooth ?



Lukas Vrabec
Senior Software Engineer, Security Technologies
Red Hat, Inc.

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

             reply index

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-04-25 16:58 Lukas Vrabec [this message]
2019-04-26  0:04 ` Russell Coker
2019-04-26  9:02 ` Jason Zaman
2019-04-26  9:23   ` Lukas Vrabec

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

SELinux-Refpolicy Archive on

Archives are clonable:
	git clone --mirror selinux-refpolicy/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 selinux-refpolicy selinux-refpolicy/ \
	public-inbox-index selinux-refpolicy

Newsgroup available over NNTP:

AGPL code for this site: git clone public-inbox