From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.sws.net.au (smtp.sws.net.au [144.76.186.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8B9843E63A2 for ; Wed, 6 May 2026 08:50:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=144.76.186.9 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1778057444; cv=none; b=MraJpXVhvjnxL5uM/B9S4v9BOFleFNeKF7SDZyAucSv4Gf7T5vO8vYqNARS3TKYoYOUUC+C7y4NNH+1Zzrfv6k00aDqXhHftE6z1BquZNyyI1ZLVEAlnbTsHGqiz8du4g7Z2hiM43XopFUawpycSRfpjp9KWzkf+5IF2gu3fh7M= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1778057444; c=relaxed/simple; bh=anOPkQGmhfcsQ9fFMmGK/GXlykzZg4bhl0HYUi+RO6M=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=rCJvIPrF3oOaqk6QYhpnvQhKmwzHnduayvHd1twh/C4GQv0Zajtk3mNLoUUeHl8FPu7PEnce0Cj0iJrqgKZXXDAboL8VDBUmoJ0P6N85VcnvFF2GnzZpZE1q1NrhvcInUiMBjAtk2+vZfRzETtyFkKhTui7z+z4DJXGBvQHbueI= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=coker.com.au; spf=pass smtp.mailfrom=coker.com.au; dkim=pass (1024-bit key) header.d=coker.com.au header.i=@coker.com.au header.b=kNyYWyTw; arc=none smtp.client-ip=144.76.186.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=coker.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=coker.com.au Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=coker.com.au header.i=@coker.com.au header.b="kNyYWyTw" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=coker.com.au; s=2008; t=1778057438; bh=RUydrw09Lkf0t5zecS6k2MClyn3eY3pCvvi0pgpArS8=; l=708; h=From:To:Reply-To:Cc:Subject:Date:In-Reply-To:References:From; b=kNyYWyTwZS1m4AsZZE8WU3vPDXYwfGFlz10srSSIqxCVjzoT/wnJLhINxuc5w6df2 hWUEY9W+yaHjJyd6tLGFBxo9JpeKa+NimzyW4fKY1iAt9zuTNJZmt3M1P+pEwszWHa 0zNudzyYymyWZqMdQtjSFowkPLmPXJpDKu6FiVO8= Received: from xev.localnet (123-243-116-70.tpgi.com.au [123.243.116.70]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) (Authenticated sender: russell@coker.com.au) by smtp.sws.net.au (Postfix) with ESMTPSA id E54FA10824; Wed, 06 May 2026 18:50:37 +1000 (AEST) From: Russell Coker To: Rahul Sandhu Reply-To: russell@coker.com.au Cc: selinux-refpolicy@vger.kernel.org Subject: Re: xserver policy Date: Wed, 06 May 2026 18:50:33 +1000 Message-ID: <3438641.44csPzL39Z@xev> In-Reply-To: References: Precedence: bulk X-Mailing-List: selinux-refpolicy@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="utf-8" On Wednesday, 6 May 2026 18:17:33 AEST Rahul Sandhu wrote: > The other thing to consider is Xwayland. I don't personally use it (or Xorg) > at all myself, however I do know that some stuff still requires Xwayland > and it is very common as of 2026. It might be worth seeing if there is some > bits that we can share between a future xwayland_t and xserver_t, although > that may turn out to be a fruitless endeavour, I'm not entirely sure what > Xwayland entails yet. Currently Xwayland is running without any domain transition and works fine in user_t, what do you think we need to do in addition to this? -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/