From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by passt.top (Postfix) with ESMTP id CAFF75A0262
	for <passt-dev@passt.top>; Wed,  8 Mar 2023 22:06:02 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1678309561;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=mlyLfQASZRq/FT41gbP0rJh/7r1Yz1VTc+d78KB8zyA=;
	b=hSc05L912Lfd4+V00uyIQkKYHZaodMrMaV345xLUVAmg1sdTfKz6+f/BjxeRik1YxPyO+d
	pP3/k0Sd3Qi/HcRte9trPFHe98XiSUXbgpQdvI/2f3SzyS/qjpfJtB9/NK9+ffJjOd+KvB
	tbE0uaBocSzIJTR+4IYpfWub5Pze2KQ=
Received: from mail-qk1-f198.google.com (mail-qk1-f198.google.com
 [209.85.222.198]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-387-wiShijAKO8GrbmkG77NX9Q-1; Wed, 08 Mar 2023 16:06:00 -0500
X-MC-Unique: wiShijAKO8GrbmkG77NX9Q-1
Received: by mail-qk1-f198.google.com with SMTP id d10-20020a05620a240a00b0073baf1de8ebso10147104qkn.19
        for <passt-dev@passt.top>; Wed, 08 Mar 2023 13:06:00 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112; t=1678309560;
        h=content-transfer-encoding:in-reply-to:organization:from:references
         :cc:to:content-language:subject:user-agent:mime-version:date
         :message-id:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=mlyLfQASZRq/FT41gbP0rJh/7r1Yz1VTc+d78KB8zyA=;
        b=pFBu6jSCP7OnANPaGA4SxWqNH78zYJStDpYczllZ7VcvIbQlzuA/oZ2k4YuQeQIi8G
         mTTdKsdLfskFmoA7VN/e7UTGOsSgTu5XUDNWMzmVNjKO9F4hsTnoSr/qhkp9RGj38dlE
         r+tP/vayonypoQoSdOTA4HuNbSL5rovPfoqHtBV3p2+05bwgon3fSbeIeMcVhLgRrgUZ
         SXCQRL32E8lcWCbXgGQtPd5VAI7e/5v9XTABrvMSEecZXRVIZBFur6veEe7Aqm5taRqM
         reLA4PM6YRM2jn4fGnrGKeYVkjfZkzP70v1S4i77oxrGlEz6XDPVJ82bzWaa1KYYSAl0
         sesQ==
X-Gm-Message-State: AO0yUKU31uy8LJqPhPvp64cwguaZ6t1EwKUlVIf3JIkBN7RH+swVAGRi
	5J+RGWx2wYYd5VMOsqFtJYslzwCjUCUzNiB45aMkiICBoArL3IkJu46Qzb2SMz95/ybklO6fAEe
	5GjubNBTLdRD4CGObORJNHliYY3g5jd49fx9QJw3N9QSmK3OhnWAvielw9fpeyuJSKM0+
X-Received: by 2002:ad4:5ecc:0:b0:56e:a756:910 with SMTP id jm12-20020ad45ecc000000b0056ea7560910mr35410011qvb.42.1678309559878;
        Wed, 08 Mar 2023 13:05:59 -0800 (PST)
X-Google-Smtp-Source: AK7set8fUhn2RZ3HonxIu7anq3pCuggW2C2EuWF2hAZbqNp7NthG1STZ8QYW2FmBXfwWk/I+rPhGlQ==
X-Received: by 2002:ad4:5ecc:0:b0:56e:a756:910 with SMTP id jm12-20020ad45ecc000000b0056ea7560910mr35409977qvb.42.1678309559522;
        Wed, 08 Mar 2023 13:05:59 -0800 (PST)
Received: from [10.24.0.30] (ip24-254-202-229.hr.hr.cox.net. [24.254.202.229])
        by smtp.gmail.com with ESMTPSA id p188-20020a3742c5000000b006fed58fc1a3sm12175725qka.119.2023.03.08.13.05.58
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Wed, 08 Mar 2023 13:05:58 -0800 (PST)
Message-ID: <09930175-1e6e-8b4d-da5a-c5211262f3a5@redhat.com>
Date: Wed, 8 Mar 2023 16:05:57 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.7.1
Subject: Re: [PATCH 0/4] Further adjustments for SELinux policy files
To: passt-dev@passt.top
References: <20230306232839.1996920-1-sbrivio@redhat.com>
From: Laine Stump <laine@redhat.com>
Organization: Red Hat
In-Reply-To: <20230306232839.1996920-1-sbrivio@redhat.com>
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Message-ID-Hash: 4D3IGKUGVEQ2KRTX53N3LGTDQXMQIIG5
X-Message-ID-Hash: 4D3IGKUGVEQ2KRTX53N3LGTDQXMQIIG5
X-MailFrom: laine@redhat.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: Andrea Bolognani <abologna@redhat.com>, Stefano Brivio <sbrivio@redhat.com>
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/09930175-1e6e-8b4d-da5a-c5211262f3a5@redhat.com/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/4D3IGKUGVEQ2KRTX53N3LGTDQXMQIIG5/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

On 3/6/23 6:28 PM, Stefano Brivio wrote:
> This series addresses a number of issues or inconveniences shown by
> further testing against libvirt, essentially a 9.1.0 version patched
> up to fix the current breakage by starting passt in the "passt_t"
> domain.
> 
> Stefano Brivio (4):
>    contrib/selinux: Drop duplicate init_daemon_domain() rule
>    contrib/selinux: Let passt write to stdout and stderr when it starts
>    contrib/selinux: Allow binding and connecting to all UDP and TCP ports
>    contrib/selinux: Let interface users set paths for log, PID, socket
>      files
> 
>   contrib/selinux/passt.if | 26 +++++++++++++++++++++++++-
>   contrib/selinux/passt.te | 29 ++++++++++++++++-------------
>   2 files changed, 41 insertions(+), 14 deletions(-)
> 

Tested-by: Laine Stump <laine@redhat.com>
Reviewed-by: Laine Stump <laine@redhat.com> (for what it's worth)

I was going to send this along with a link to my latest libvirt patches 
that properly set the selinux context for passt when it is run, but am 
having trouble with my sendmail setup so I haven't yet been able to post 
them :-/