[refpolicy] Interface naming question for a filetrans

All of lore.kernel.org
 help / color / mirror / Atom feed

From: cpebenito@tresys.com (Christopher J. PeBenito)
To: refpolicy@oss.tresys.com
Subject: [refpolicy] Interface naming question for a filetrans
Date: Mon, 2 Jul 2012 08:05:38 -0400	[thread overview]
Message-ID: <4FF18E92.2080806@tresys.com> (raw)
In-Reply-To: <20120701092920.GA32713@siphos.be>

On 07/01/12 05:29, Sven Vermeulen wrote:
> Hi guys,
> 
> Let's say I am in the need for two interfaces.
> 
> One would do:
>   files_pid_filetrans($1, udev_rules_t, dir, $2)
> the other one
>   filetrans_pattern($1, udev_var_run_t, udev_rules_t, dir, $2)
> 
> I'm a bit in doubt about what to call the interfaces.
> 
> I believe the first one would be "udev_pid_filetrans_rules_dirs" as it seems
> that all *_pid_filetrans routines I find in the policy are about the
> var_run_t-based file transition, but then for the second one we would have
> no clear answer.
> 
> One way to tackle such cases, as Dominick Grift suggested on the chat, is to
> use *_generic_pid_filetrans for all the files_pid_filetrans() interfaces
> currently in the policy, but that does mean all interfaces will need to be
> updated.
> 
> Then udev_generic_pid_filetrans_rules_dirs could be used for the first case,
> and udev_pid_filetrans_rules_dirs for the second.
> 
> So, what's the take on this?

The general idea of the naming is modulename_fromtype_filetrans[_totype], where fromtype and totype are the more abstract names for the types.  But it sounds like the above situation is messy.  Would you further describe what you're trying to do (raw rules would be fine)?

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com

next prev parent reply	other threads:[~2012-07-02 12:05 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2012-07-01  9:29 [refpolicy] Interface naming question for a filetrans Sven Vermeulen
2012-07-02 12:05 ` Christopher J. PeBenito [this message]
2012-07-02 20:15   ` Sven Vermeulen
2012-07-03 13:55     ` Christopher J. PeBenito

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4FF18E92.2080806@tresys.com \
    --to=cpebenito@tresys.com \
    --cc=refpolicy@oss.tresys.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.