Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp525899ybz;
        Fri, 17 Apr 2020 05:37:26 -0700 (PDT)
X-Google-Smtp-Source: APiQypJe72Do/HocsXENa7A9ySFEtHsDyNm/TvBr81gXxXvrLHgdQwN3Ae+x4tlqt7Sg0ahR4+UH
X-Received: by 2002:a50:d7d3:: with SMTP id m19mr2767069edj.285.1587127046193;
        Fri, 17 Apr 2020 05:37:26 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1587127046; cv=none;
        d=google.com; s=arc-20160816;
        b=Wmtk+lM2Gc2lcj0/KBUVRTGWuRTPs4IDTY6poFZQiieBnKAiYhLTRa9S1eQEaL9xuS
         6nvxpdgW3vCeGoga6BV5yFopHrbH+tTY0SvnkOAtRf2sofcaOsA88Blv9XiWl996Gpri
         ys7G9naMKduiB6Ms74AfwQhjaIf+zLWYMW+Wx4Pk5keUyq5n94KJvkOGWfcjBjXjxxuG
         t90VdHyAkg7uMpB2VJdFDXE6C0dVnUhYGN512ymBxohrlUYdzFG9ni1o4ga7uit+r32C
         MubcXvIc2en515Ef8FD/ef6+QdJoSdhEZ/r9wcygtFiGHca9Ale9dyh1cXLiB0nbukoJ
         BNSA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :message-id:date:subject:to:from:dkim-signature;
        bh=sSZPdkB3eSLJFLDZuTlEZn36s0OMq9CTc7tD+XiCIE0=;
        b=F/7q/1ZsQb3a+N711+tMWFW8Cc/GgJbYcJKYu20SzWcA3zUkPBWQY0PdNv/gD722mR
         KrCwsxN2iI7BBfklMDlzguvh0ocP7f8PrHkE4T4lIMMW5e0i4PR2dr2B/x1a3TITfYra
         5O8CrzZI7G49WqwI5yU1zqBzY+9wcxM6H40gXBbMGYDpRp6d8rcM0yhicoxeoDWFe/yx
         uY2YpMcQmXHXhVYzWuDeQ9PPJZonWi+jKZ3vlrQ0Ss/a0o/y6v0HVynyTZP6EhTuF4s4
         CFefltWU0ihspisCWTZu+l7YpXIUIHDExvJRyYOi5Z1Bh87SnpNpQOEbA/E/vlU26RyW
         5M4w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@bigon.be header.s=key1 header.b=gRDuqvZs;
       spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org
Return-Path: <selinux-refpolicy-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id u10si7341313ejt.145.2020.04.17.05.37.20;
        Fri, 17 Apr 2020 05:37:26 -0700 (PDT)
Received-SPF: pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@bigon.be header.s=key1 header.b=gRDuqvZs;
       spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728682AbgDQMhP (ORCPT <rfc822;toiwoton@gmail.com> + 13 others);
        Fri, 17 Apr 2020 08:37:15 -0400
Received: from ithil.bigon.be ([163.172.57.153]:37570 "EHLO ithil.bigon.be"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1727877AbgDQMhN (ORCPT
        <rfc822;selinux-refpolicy@vger.kernel.org>);
        Fri, 17 Apr 2020 08:37:13 -0400
Received: from localhost (localhost [IPv6:::1])
        by ithil.bigon.be (Postfix) with ESMTP id DA6E41FDE2
        for <selinux-refpolicy@vger.kernel.org>; Fri, 17 Apr 2020 14:37:07 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bigon.be; h=
        content-transfer-encoding:mime-version:x-mailer:message-id:date
        :date:subject:subject:from:from:received:received:received; s=
        key1; t=1587127027; x=1588941428; bh=OrqE7kTr0TR6za7Xvu+9lnDogSK
        pgSgXcu2mANReZog=; b=gRDuqvZsk70LWfwsWtdpFhzyW5O66cPgkr0vQkg2Ahw
        SzxFcEm5KI5WQ9CzNraDpBaqk1AzAg+yk433souAx+jZmgaztjF7gylqez9GFJCD
        hNpskM26prQhcG9hHBB3gt5MAA3auXr/uIm0DDQ8Vk9kmJJVagnjxGbxPBuOoI6Q
        =
Received: from ithil.bigon.be ([IPv6:::1])
        by localhost (ithil.bigon.be [IPv6:::1]) (amavisd-new, port 10026)
        with ESMTP id 2Ka5E4Tmp4xn for <selinux-refpolicy@vger.kernel.org>;
        Fri, 17 Apr 2020 14:37:07 +0200 (CEST)
Received: from edoras.bigon.be (unknown [IPv6:2a02:a03f:65bc:5f00:f7be:6179:48b7:2349])
        (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
         key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
        (No client certificate requested)
        (Authenticated sender: bigon@bigon.be)
        by ithil.bigon.be (Postfix) with ESMTPSA
        for <selinux-refpolicy@vger.kernel.org>; Fri, 17 Apr 2020 14:37:07 +0200 (CEST)
Received: from bigon (uid 1000)
        (envelope-from bigon@bigon.be)
        id 200ee
        by edoras.bigon.be (DragonFly Mail Agent v0.12);
        Fri, 17 Apr 2020 14:37:05 +0200
From:   Laurent Bigonville <bigon@debian.org>
To:     selinux-refpolicy@vger.kernel.org
Subject: [PATCH] Drop support for /dev/.udev and like
Date:   Fri, 17 Apr 2020 14:37:05 +0200
Message-Id: <20200417123705.51352-1-bigon@debian.org>
X-Mailer: git-send-email 2.26.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: selinux-refpolicy-owner@vger.kernel.org
Precedence: bulk
List-ID: <selinux-refpolicy.vger.kernel.org>
X-Mailing-List: selinux-refpolicy@vger.kernel.org

From: Laurent Bigonville <bigon@bigon.be>

This location is gone for quite some times and the udevdb has been moved
to /run/udev.

Drop the udev_tbl_t and deprecate the udev_read_db() function

This inspired from changes in the Red Hat policy

Signed-off-by: Laurent Bigonville <bigon@bigon.be>

Fixes: #221
---
 policy/modules/admin/acct.te              |  2 +-
 policy/modules/admin/dmesg.te             |  2 +-
 policy/modules/admin/kudzu.te             |  2 +-
 policy/modules/admin/mrtg.te              |  2 +-
 policy/modules/admin/quota.te             |  2 +-
 policy/modules/admin/sxid.te              |  2 +-
 policy/modules/admin/updfstab.te          |  2 +-
 policy/modules/apps/chromium.te           |  2 +-
 policy/modules/apps/games.te              |  2 +-
 policy/modules/apps/mozilla.te            |  2 +-
 policy/modules/apps/pulseaudio.te         |  2 +-
 policy/modules/apps/uml.te                |  2 +-
 policy/modules/apps/vmware.te             |  2 +-
 policy/modules/services/acpi.te           |  2 +-
 policy/modules/services/apache.te         |  2 +-
 policy/modules/services/arpwatch.te       |  2 +-
 policy/modules/services/asterisk.te       |  2 +-
 policy/modules/services/automount.te      |  2 +-
 policy/modules/services/avahi.te          |  2 +-
 policy/modules/services/bind.te           |  2 +-
 policy/modules/services/bluetooth.te      |  2 +-
 policy/modules/services/canna.te          |  2 +-
 policy/modules/services/cipe.te           |  2 +-
 policy/modules/services/colord.te         |  1 -
 policy/modules/services/consolekit.te     |  1 -
 policy/modules/services/courier.te        |  2 +-
 policy/modules/services/cpucontrol.te     |  2 +-
 policy/modules/services/cron.te           |  2 +-
 policy/modules/services/cups.te           |  7 +++----
 policy/modules/services/cyrus.te          |  2 +-
 policy/modules/services/dante.te          |  2 +-
 policy/modules/services/dbus.te           |  2 +-
 policy/modules/services/dcc.te            |  6 +++---
 policy/modules/services/ddclient.te       |  2 +-
 policy/modules/services/devicekit.te      |  5 ++---
 policy/modules/services/dhcp.te           |  2 +-
 policy/modules/services/dictd.te          |  2 +-
 policy/modules/services/distcc.te         |  2 +-
 policy/modules/services/dnsmasq.te        |  2 +-
 policy/modules/services/dovecot.te        |  2 +-
 policy/modules/services/entropyd.te       |  2 +-
 policy/modules/services/fetchmail.te      |  2 +-
 policy/modules/services/finger.te         |  2 +-
 policy/modules/services/ftp.te            |  2 +-
 policy/modules/services/gatekeeper.te     |  2 +-
 policy/modules/services/gpm.te            |  2 +-
 policy/modules/services/hal.te            |  2 +-
 policy/modules/services/howl.te           |  2 +-
 policy/modules/services/i18n_input.te     |  2 +-
 policy/modules/services/imaze.te          |  2 +-
 policy/modules/services/inetd.te          |  2 +-
 policy/modules/services/inn.te            |  2 +-
 policy/modules/services/ircd.te           |  2 +-
 policy/modules/services/irqbalance.te     |  2 +-
 policy/modules/services/jabber.te         |  2 +-
 policy/modules/services/kerberos.te       |  4 ++--
 policy/modules/services/ldap.te           |  2 +-
 policy/modules/services/lpd.te            |  2 +-
 policy/modules/services/modemmanager.te   |  2 +-
 policy/modules/services/monop.te          |  2 +-
 policy/modules/services/mpd.te            |  2 +-
 policy/modules/services/munin.te          |  2 +-
 policy/modules/services/mysql.te          |  2 +-
 policy/modules/services/nagios.te         |  4 ++--
 policy/modules/services/nessus.te         |  2 +-
 policy/modules/services/networkmanager.te |  1 -
 policy/modules/services/nis.te            |  6 +++---
 policy/modules/services/nscd.te           |  2 +-
 policy/modules/services/nsd.te            |  2 +-
 policy/modules/services/ntop.te           |  2 +-
 policy/modules/services/ntp.te            |  2 +-
 policy/modules/services/oav.te            |  2 +-
 policy/modules/services/openct.te         |  2 +-
 policy/modules/services/pcscd.te          |  2 +-
 policy/modules/services/pegasus.te        |  2 +-
 policy/modules/services/perdition.te      |  2 +-
 policy/modules/services/portmap.te        |  2 +-
 policy/modules/services/portslave.te      |  2 +-
 policy/modules/services/postfix.te        |  2 +-
 policy/modules/services/postgresql.te     |  2 +-
 policy/modules/services/postgrey.te       |  2 +-
 policy/modules/services/ppp.te            |  4 ++--
 policy/modules/services/privoxy.te        |  2 +-
 policy/modules/services/pxe.te            |  2 +-
 policy/modules/services/radius.te         |  2 +-
 policy/modules/services/radvd.te          |  2 +-
 policy/modules/services/rdisc.te          |  2 +-
 policy/modules/services/resmgr.te         |  2 +-
 policy/modules/services/rgmanager.te      |  2 +-
 policy/modules/services/rhcs.te           |  2 +-
 policy/modules/services/rhgb.te           |  2 +-
 policy/modules/services/roundup.te        |  2 +-
 policy/modules/services/rpc.te            |  2 +-
 policy/modules/services/samba.te          |  6 +++---
 policy/modules/services/sasl.te           |  2 +-
 policy/modules/services/sendmail.te       |  2 +-
 policy/modules/services/slrnpull.te       |  2 +-
 policy/modules/services/smartmon.te       |  2 +-
 policy/modules/services/snmp.te           |  2 +-
 policy/modules/services/snort.te          |  2 +-
 policy/modules/services/soundserver.te    |  2 +-
 policy/modules/services/spamassassin.te   |  2 +-
 policy/modules/services/speedtouch.te     |  2 +-
 policy/modules/services/squid.te          |  2 +-
 policy/modules/services/ssh.te            |  2 +-
 policy/modules/services/stunnel.te        |  2 +-
 policy/modules/services/tftp.te           |  2 +-
 policy/modules/services/timidity.te       |  2 +-
 policy/modules/services/transproxy.te     |  2 +-
 policy/modules/services/uptime.te         |  2 +-
 policy/modules/services/uwimap.te         |  2 +-
 policy/modules/services/virt.te           |  1 -
 policy/modules/services/watchdog.te       |  2 +-
 policy/modules/services/xfs.te            |  2 +-
 policy/modules/services/xprint.te         |  2 +-
 policy/modules/services/xserver.te        |  3 +--
 policy/modules/services/zebra.te          |  2 +-
 policy/modules/system/authlogin.te        |  2 +-
 policy/modules/system/clock.te            |  2 +-
 policy/modules/system/fstools.te          |  2 +-
 policy/modules/system/getty.te            |  2 +-
 policy/modules/system/hotplug.te          |  2 +-
 policy/modules/system/init.te             |  2 +-
 policy/modules/system/ipsec.te            |  2 +-
 policy/modules/system/iptables.te         |  1 -
 policy/modules/system/logging.te          |  6 +++---
 policy/modules/system/lvm.te              |  3 +--
 policy/modules/system/pcmcia.te           |  2 +-
 policy/modules/system/raid.te             |  2 +-
 policy/modules/system/sysnetwork.te       |  2 +-
 policy/modules/system/systemd.te          |  2 --
 policy/modules/system/udev.fc             |  4 ----
 policy/modules/system/udev.if             | 25 +++++++----------------
 policy/modules/system/udev.te             | 13 ++----------
 134 files changed, 148 insertions(+), 183 deletions(-)

diff --git a/policy/modules/admin/acct.te b/policy/modules/admin/acct.te
index 4f3550cf..6974a111 100644
--- a/policy/modules/admin/acct.te
+++ b/policy/modules/admin/acct.te
@@ -79,5 +79,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(acct_t)
+	udev_read_pid_files(acct_t)
 ')
diff --git a/policy/modules/admin/dmesg.te b/policy/modules/admin/dmesg.te
index 5bbe71b2..6aa297c8 100644
--- a/policy/modules/admin/dmesg.te
+++ b/policy/modules/admin/dmesg.te
@@ -56,5 +56,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(dmesg_t)
+	udev_read_pid_files(dmesg_t)
 ')
diff --git a/policy/modules/admin/kudzu.te b/policy/modules/admin/kudzu.te
index 33dea379..d581db34 100644
--- a/policy/modules/admin/kudzu.te
+++ b/policy/modules/admin/kudzu.te
@@ -128,7 +128,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(kudzu_t)
+	udev_read_pid_files(kudzu_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/admin/mrtg.te b/policy/modules/admin/mrtg.te
index dd886f51..212b7f53 100644
--- a/policy/modules/admin/mrtg.te
+++ b/policy/modules/admin/mrtg.te
@@ -147,5 +147,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(mrtg_t)
+	udev_read_pid_files(mrtg_t)
 ')
diff --git a/policy/modules/admin/quota.te b/policy/modules/admin/quota.te
index 13027bbb..4a2bc8ff 100644
--- a/policy/modules/admin/quota.te
+++ b/policy/modules/admin/quota.te
@@ -98,7 +98,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(quota_t)
+	udev_read_pid_files(quota_t)
 ')
 
 #######################################
diff --git a/policy/modules/admin/sxid.te b/policy/modules/admin/sxid.te
index fbd95d2d..57101625 100644
--- a/policy/modules/admin/sxid.te
+++ b/policy/modules/admin/sxid.te
@@ -95,5 +95,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(sxid_t)
+	udev_read_pid_files(sxid_t)
 ')
diff --git a/policy/modules/admin/updfstab.te b/policy/modules/admin/updfstab.te
index e63ef612..5eda742b 100644
--- a/policy/modules/admin/updfstab.te
+++ b/policy/modules/admin/updfstab.te
@@ -112,5 +112,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(updfstab_t)
+	udev_read_pid_files(updfstab_t)
 ')
diff --git a/policy/modules/apps/chromium.te b/policy/modules/apps/chromium.te
index 05987d4c..b5b51683 100644
--- a/policy/modules/apps/chromium.te
+++ b/policy/modules/apps/chromium.te
@@ -196,7 +196,7 @@ tunable_policy(`chromium_bind_tcp_unreserved_ports',`
 
 tunable_policy(`chromium_rw_usb_dev',`
 	dev_rw_generic_usb_dev(chromium_t)
-	udev_read_db(chromium_t)
+	udev_read_pid_files(chromium_t)
 ')
 
 tunable_policy(`chromium_read_system_info',`
diff --git a/policy/modules/apps/games.te b/policy/modules/apps/games.te
index 2cee94b9..b403b98d 100644
--- a/policy/modules/apps/games.te
+++ b/policy/modules/apps/games.te
@@ -85,7 +85,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(games_srv_t)
+	udev_read_pid_files(games_srv_t)
 ')
 
 ########################################
diff --git a/policy/modules/apps/mozilla.te b/policy/modules/apps/mozilla.te
index ffa154fc..eb76c06d 100644
--- a/policy/modules/apps/mozilla.te
+++ b/policy/modules/apps/mozilla.te
@@ -586,7 +586,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(mozilla_plugin_t)
+	udev_read_pid_files(mozilla_plugin_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/apps/pulseaudio.te b/policy/modules/apps/pulseaudio.te
index 44974615..d28df142 100644
--- a/policy/modules/apps/pulseaudio.te
+++ b/policy/modules/apps/pulseaudio.te
@@ -235,7 +235,7 @@ optional_policy(`
 optional_policy(`
 	udev_read_pid_files(pulseaudio_t)
 	udev_read_state(pulseaudio_t)
-	udev_read_db(pulseaudio_t)
+	udev_read_pid_files(pulseaudio_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/apps/uml.te b/policy/modules/apps/uml.te
index 7c777765..8082c80f 100644
--- a/policy/modules/apps/uml.te
+++ b/policy/modules/apps/uml.te
@@ -168,5 +168,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(uml_switch_t)
+	udev_read_pid_files(uml_switch_t)
 ')
diff --git a/policy/modules/apps/vmware.te b/policy/modules/apps/vmware.te
index cfcba305..90727aae 100644
--- a/policy/modules/apps/vmware.te
+++ b/policy/modules/apps/vmware.te
@@ -158,7 +158,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(vmware_host_t)
+	udev_read_pid_files(vmware_host_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/services/acpi.te b/policy/modules/services/acpi.te
index cb49d394..ab25fa1a 100644
--- a/policy/modules/services/acpi.te
+++ b/policy/modules/services/acpi.te
@@ -224,7 +224,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(acpid_t)
+	udev_read_pid_files(acpid_t)
 	udev_read_state(acpid_t)
 ')
 
diff --git a/policy/modules/services/apache.te b/policy/modules/services/apache.te
index be587bab..8eb1aa84 100644
--- a/policy/modules/services/apache.te
+++ b/policy/modules/services/apache.te
@@ -897,7 +897,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(httpd_t)
+	udev_read_pid_files(httpd_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/services/arpwatch.te b/policy/modules/services/arpwatch.te
index 87aed96f..45e6839b 100644
--- a/policy/modules/services/arpwatch.te
+++ b/policy/modules/services/arpwatch.te
@@ -86,5 +86,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(arpwatch_t)
+	udev_read_pid_files(arpwatch_t)
 ')
diff --git a/policy/modules/services/asterisk.te b/policy/modules/services/asterisk.te
index 87c45b0c..5e7adf66 100644
--- a/policy/modules/services/asterisk.te
+++ b/policy/modules/services/asterisk.te
@@ -187,5 +187,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(asterisk_t)
+	udev_read_pid_files(asterisk_t)
 ')
diff --git a/policy/modules/services/automount.te b/policy/modules/services/automount.te
index 5116ceb3..62b218bf 100644
--- a/policy/modules/services/automount.te
+++ b/policy/modules/services/automount.te
@@ -165,5 +165,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(automount_t)
+	udev_read_pid_files(automount_t)
 ')
diff --git a/policy/modules/services/avahi.te b/policy/modules/services/avahi.te
index cb79d14c..da51ce0c 100644
--- a/policy/modules/services/avahi.te
+++ b/policy/modules/services/avahi.te
@@ -112,5 +112,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(avahi_t)
+	udev_read_pid_files(avahi_t)
 ')
diff --git a/policy/modules/services/bind.te b/policy/modules/services/bind.te
index 5eba462d..2118de2e 100644
--- a/policy/modules/services/bind.te
+++ b/policy/modules/services/bind.te
@@ -208,7 +208,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(named_t)
+	udev_read_pid_files(named_t)
 ')
 
 ########################################
diff --git a/policy/modules/services/bluetooth.te b/policy/modules/services/bluetooth.te
index 162b3bcf..a06d0412 100644
--- a/policy/modules/services/bluetooth.te
+++ b/policy/modules/services/bluetooth.te
@@ -157,7 +157,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(bluetooth_t)
+	udev_read_pid_files(bluetooth_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/services/canna.te b/policy/modules/services/canna.te
index a0b89da4..cf555af4 100644
--- a/policy/modules/services/canna.te
+++ b/policy/modules/services/canna.te
@@ -91,5 +91,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(canna_t)
+	udev_read_pid_files(canna_t)
 ')
diff --git a/policy/modules/services/cipe.te b/policy/modules/services/cipe.te
index 4cedadf0..dd489cb2 100644
--- a/policy/modules/services/cipe.te
+++ b/policy/modules/services/cipe.te
@@ -67,5 +67,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(ciped_t)
+	udev_read_pid_files(ciped_t)
 ')
diff --git a/policy/modules/services/colord.te b/policy/modules/services/colord.te
index 521308ac..69ed768e 100644
--- a/policy/modules/services/colord.te
+++ b/policy/modules/services/colord.te
@@ -133,7 +133,6 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(colord_t)
 	udev_read_pid_files(colord_t)
 ')
 
diff --git a/policy/modules/services/consolekit.te b/policy/modules/services/consolekit.te
index b1a68f9f..d5bff20b 100644
--- a/policy/modules/services/consolekit.te
+++ b/policy/modules/services/consolekit.te
@@ -165,7 +165,6 @@ optional_policy(`
 
 optional_policy(`
 	udev_domtrans(consolekit_t)
-	udev_read_db(consolekit_t)
 	udev_read_pid_files(consolekit_t)
 	udev_signal(consolekit_t)
 ')
diff --git a/policy/modules/services/courier.te b/policy/modules/services/courier.te
index a9b09a8d..3992e80c 100644
--- a/policy/modules/services/courier.te
+++ b/policy/modules/services/courier.te
@@ -76,7 +76,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(courier_domain)
+	udev_read_pid_files(courier_domain)
 ')
 
 ########################################
diff --git a/policy/modules/services/cpucontrol.te b/policy/modules/services/cpucontrol.te
index 555e7a45..97f5e085 100644
--- a/policy/modules/services/cpucontrol.te
+++ b/policy/modules/services/cpucontrol.te
@@ -55,7 +55,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(cpucontrol_domain)
+	udev_read_pid_files(cpucontrol_domain)
 ')
 
 ########################################
diff --git a/policy/modules/services/cron.te b/policy/modules/services/cron.te
index 34654f1a..6f9ea95e 100644
--- a/policy/modules/services/cron.te
+++ b/policy/modules/services/cron.te
@@ -442,7 +442,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(crond_t)
+	udev_read_pid_files(crond_t)
 ')
 
 ########################################
diff --git a/policy/modules/services/cups.te b/policy/modules/services/cups.te
index bdaedf3f..ae6a89f6 100644
--- a/policy/modules/services/cups.te
+++ b/policy/modules/services/cups.te
@@ -343,7 +343,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(cupsd_t)
+	udev_read_pid_files(cupsd_t)
 ')
 
 optional_policy(`
@@ -485,7 +485,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(cupsd_config_t)
+	udev_read_pid_files(cupsd_config_t)
 ')
 
 optional_policy(`
@@ -722,7 +722,6 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(hplip_t)
 	udev_read_pid_files(hplip_t)
 ')
 
@@ -787,5 +786,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(ptal_t)
+	udev_read_pid_files(ptal_t)
 ')
diff --git a/policy/modules/services/cyrus.te b/policy/modules/services/cyrus.te
index dbd1b99d..02d1b539 100644
--- a/policy/modules/services/cyrus.te
+++ b/policy/modules/services/cyrus.te
@@ -140,5 +140,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(cyrus_t)
+	udev_read_pid_files(cyrus_t)
 ')
diff --git a/policy/modules/services/dante.te b/policy/modules/services/dante.te
index 0a1d9831..a80dece6 100644
--- a/policy/modules/services/dante.te
+++ b/policy/modules/services/dante.te
@@ -74,5 +74,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(dante_t)
+	udev_read_pid_files(dante_t)
 ')
diff --git a/policy/modules/services/dbus.te b/policy/modules/services/dbus.te
index 74e25786..95dee008 100644
--- a/policy/modules/services/dbus.te
+++ b/policy/modules/services/dbus.te
@@ -206,7 +206,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(system_dbusd_t)
+	udev_read_pid_files(system_dbusd_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/services/dcc.te b/policy/modules/services/dcc.te
index cd708772..b32d0a46 100644
--- a/policy/modules/services/dcc.te
+++ b/policy/modules/services/dcc.te
@@ -236,7 +236,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(dccd_t)
+	udev_read_pid_files(dccd_t)
 ')
 
 ########################################
@@ -291,7 +291,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(dccifd_t)
+	udev_read_pid_files(dccifd_t)
 ')
 
 ########################################
@@ -346,5 +346,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(dccm_t)
+	udev_read_pid_files(dccm_t)
 ')
diff --git a/policy/modules/services/ddclient.te b/policy/modules/services/ddclient.te
index 7b42eec7..558bb122 100644
--- a/policy/modules/services/ddclient.te
+++ b/policy/modules/services/ddclient.te
@@ -112,5 +112,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(ddclient_t)
+	udev_read_pid_files(ddclient_t)
 ')
diff --git a/policy/modules/services/devicekit.te b/policy/modules/services/devicekit.te
index 258b56b4..ebc2ca23 100644
--- a/policy/modules/services/devicekit.te
+++ b/policy/modules/services/devicekit.te
@@ -57,7 +57,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(devicekit_t)
+	udev_read_pid_files(devicekit_t)
 ')
 
 optional_policy(`
@@ -202,7 +202,6 @@ optional_policy(`
 
 optional_policy(`
 	udev_domtrans(devicekit_disk_t)
-	udev_read_db(devicekit_disk_t)
 	udev_read_pid_files(devicekit_disk_t)
 ')
 
@@ -363,7 +362,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(devicekit_power_t)
+	udev_read_pid_files(devicekit_power_t)
 	udev_manage_pid_files(devicekit_power_t)
 ')
 
diff --git a/policy/modules/services/dhcp.te b/policy/modules/services/dhcp.te
index debfa171..92245607 100644
--- a/policy/modules/services/dhcp.te
+++ b/policy/modules/services/dhcp.te
@@ -129,5 +129,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(dhcpd_t)
+	udev_read_pid_files(dhcpd_t)
 ')
diff --git a/policy/modules/services/dictd.te b/policy/modules/services/dictd.te
index 538c488e..9e1a60b6 100644
--- a/policy/modules/services/dictd.te
+++ b/policy/modules/services/dictd.te
@@ -81,5 +81,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(dictd_t)
+	udev_read_pid_files(dictd_t)
 ')
diff --git a/policy/modules/services/distcc.te b/policy/modules/services/distcc.te
index eaeb6843..f8a6ab16 100644
--- a/policy/modules/services/distcc.te
+++ b/policy/modules/services/distcc.te
@@ -83,5 +83,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(distccd_t)
+	udev_read_pid_files(distccd_t)
 ')
diff --git a/policy/modules/services/dnsmasq.te b/policy/modules/services/dnsmasq.te
index 7d4a6cae..a29c57cc 100644
--- a/policy/modules/services/dnsmasq.te
+++ b/policy/modules/services/dnsmasq.te
@@ -124,7 +124,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(dnsmasq_t)
+	udev_read_pid_files(dnsmasq_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/services/dovecot.te b/policy/modules/services/dovecot.te
index 94e2bcfa..a5bcbb8d 100644
--- a/policy/modules/services/dovecot.te
+++ b/policy/modules/services/dovecot.te
@@ -235,7 +235,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(dovecot_t)
+	udev_read_pid_files(dovecot_t)
 ')
 
 ########################################
diff --git a/policy/modules/services/entropyd.te b/policy/modules/services/entropyd.te
index b29b01c7..cade687e 100644
--- a/policy/modules/services/entropyd.te
+++ b/policy/modules/services/entropyd.te
@@ -88,5 +88,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(entropyd_t)
+	udev_read_pid_files(entropyd_t)
 ')
diff --git a/policy/modules/services/fetchmail.te b/policy/modules/services/fetchmail.te
index a2c6bed2..323b0715 100644
--- a/policy/modules/services/fetchmail.te
+++ b/policy/modules/services/fetchmail.te
@@ -109,5 +109,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(fetchmail_t)
+	udev_read_pid_files(fetchmail_t)
 ')
diff --git a/policy/modules/services/finger.te b/policy/modules/services/finger.te
index 570c230b..14ecc268 100644
--- a/policy/modules/services/finger.te
+++ b/policy/modules/services/finger.te
@@ -99,5 +99,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(fingerd_t)
+	udev_read_pid_files(fingerd_t)
 ')
diff --git a/policy/modules/services/ftp.te b/policy/modules/services/ftp.te
index 1e7cae94..4a357ebe 100644
--- a/policy/modules/services/ftp.te
+++ b/policy/modules/services/ftp.te
@@ -407,7 +407,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(ftpd_t)
+	udev_read_pid_files(ftpd_t)
 ')
 
 ########################################
diff --git a/policy/modules/services/gatekeeper.te b/policy/modules/services/gatekeeper.te
index f105d9b2..60885c90 100644
--- a/policy/modules/services/gatekeeper.te
+++ b/policy/modules/services/gatekeeper.te
@@ -98,5 +98,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(gatekeeper_t)
+	udev_read_pid_files(gatekeeper_t)
 ')
diff --git a/policy/modules/services/gpm.te b/policy/modules/services/gpm.te
index 74bba824..bf81f70e 100644
--- a/policy/modules/services/gpm.te
+++ b/policy/modules/services/gpm.te
@@ -79,5 +79,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(gpm_t)
+	udev_read_pid_files(gpm_t)
 ')
diff --git a/policy/modules/services/hal.te b/policy/modules/services/hal.te
index 9379b794..c7ed2b40 100644
--- a/policy/modules/services/hal.te
+++ b/policy/modules/services/hal.te
@@ -314,7 +314,7 @@ optional_policy(`
 
 optional_policy(`
 	udev_domtrans(hald_t)
-	udev_read_db(hald_t)
+	udev_read_pid_files(hald_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/services/howl.te b/policy/modules/services/howl.te
index 8025ae68..ee2249ed 100644
--- a/policy/modules/services/howl.te
+++ b/policy/modules/services/howl.te
@@ -73,5 +73,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(howl_t)
+	udev_read_pid_files(howl_t)
 ')
diff --git a/policy/modules/services/i18n_input.te b/policy/modules/services/i18n_input.te
index 35038096..6a6f3d82 100644
--- a/policy/modules/services/i18n_input.te
+++ b/policy/modules/services/i18n_input.te
@@ -121,5 +121,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(i18n_input_t)
+	udev_read_pid_files(i18n_input_t)
 ')
diff --git a/policy/modules/services/imaze.te b/policy/modules/services/imaze.te
index 52c3d80b..cdc987af 100644
--- a/policy/modules/services/imaze.te
+++ b/policy/modules/services/imaze.te
@@ -79,5 +79,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(imazesrv_t)
+	udev_read_pid_files(imazesrv_t)
 ')
diff --git a/policy/modules/services/inetd.te b/policy/modules/services/inetd.te
index f4bf29a6..93a55545 100644
--- a/policy/modules/services/inetd.te
+++ b/policy/modules/services/inetd.te
@@ -191,7 +191,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(inetd_t)
+	udev_read_pid_files(inetd_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/services/inn.te b/policy/modules/services/inn.te
index 773bf749..add8b9f9 100644
--- a/policy/modules/services/inn.te
+++ b/policy/modules/services/inn.te
@@ -118,5 +118,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(innd_t)
+	udev_read_pid_files(innd_t)
 ')
diff --git a/policy/modules/services/ircd.te b/policy/modules/services/ircd.te
index 7db83f3f..e5b359fc 100644
--- a/policy/modules/services/ircd.te
+++ b/policy/modules/services/ircd.te
@@ -84,5 +84,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(ircd_t)
+	udev_read_pid_files(ircd_t)
 ')
diff --git a/policy/modules/services/irqbalance.te b/policy/modules/services/irqbalance.te
index 6217e0f0..41c4573a 100644
--- a/policy/modules/services/irqbalance.te
+++ b/policy/modules/services/irqbalance.te
@@ -58,5 +58,5 @@ userdom_dontaudit_use_unpriv_user_fds(irqbalance_t)
 userdom_dontaudit_search_user_home_dirs(irqbalance_t)
 
 optional_policy(`
-	udev_read_db(irqbalance_t)
+	udev_read_pid_files(irqbalance_t)
 ')
diff --git a/policy/modules/services/jabber.te b/policy/modules/services/jabber.te
index 183a1d32..e609b056 100644
--- a/policy/modules/services/jabber.te
+++ b/policy/modules/services/jabber.te
@@ -121,7 +121,7 @@ userdom_dontaudit_use_unpriv_user_fds(jabberd_t)
 userdom_dontaudit_search_user_home_dirs(jabberd_t)
 
 optional_policy(`
-	udev_read_db(jabberd_t)
+	udev_read_pid_files(jabberd_t)
 ')
 
 ########################################
diff --git a/policy/modules/services/kerberos.te b/policy/modules/services/kerberos.te
index a76016ca..d7449123 100644
--- a/policy/modules/services/kerberos.te
+++ b/policy/modules/services/kerberos.te
@@ -164,7 +164,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(kadmind_t)
+	udev_read_pid_files(kadmind_t)
 ')
 
 ########################################
@@ -268,7 +268,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(krb5kdc_t)
+	udev_read_pid_files(krb5kdc_t)
 ')
 
 ########################################
diff --git a/policy/modules/services/ldap.te b/policy/modules/services/ldap.te
index 98a718e2..6cc600a9 100644
--- a/policy/modules/services/ldap.te
+++ b/policy/modules/services/ldap.te
@@ -149,5 +149,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(slapd_t)
+	udev_read_pid_files(slapd_t)
 ')
diff --git a/policy/modules/services/lpd.te b/policy/modules/services/lpd.te
index a71cfbdd..bf364a16 100644
--- a/policy/modules/services/lpd.te
+++ b/policy/modules/services/lpd.te
@@ -198,7 +198,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(lpd_t)
+	udev_read_pid_files(lpd_t)
 ')
 
 ##############################
diff --git a/policy/modules/services/modemmanager.te b/policy/modules/services/modemmanager.te
index 4875d041..745ef71d 100644
--- a/policy/modules/services/modemmanager.te
+++ b/policy/modules/services/modemmanager.te
@@ -55,6 +55,6 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(modemmanager_t)
+	udev_read_pid_files(modemmanager_t)
 	udev_manage_pid_files(modemmanager_t)
 ')
diff --git a/policy/modules/services/monop.te b/policy/modules/services/monop.te
index b82d8aeb..68f29a56 100644
--- a/policy/modules/services/monop.te
+++ b/policy/modules/services/monop.te
@@ -79,5 +79,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(monopd_t)
+	udev_read_pid_files(monopd_t)
 ')
diff --git a/policy/modules/services/mpd.te b/policy/modules/services/mpd.te
index 784fe528..6a97b218 100644
--- a/policy/modules/services/mpd.te
+++ b/policy/modules/services/mpd.te
@@ -195,7 +195,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(mpd_t)
+	udev_read_pid_files(mpd_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/services/munin.te b/policy/modules/services/munin.te
index 8a703083..db48db0d 100644
--- a/policy/modules/services/munin.te
+++ b/policy/modules/services/munin.te
@@ -231,7 +231,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(munin_t)
+	udev_read_pid_files(munin_t)
 ')
 
 ###################################
diff --git a/policy/modules/services/mysql.te b/policy/modules/services/mysql.te
index 922c8b8f..6beed823 100644
--- a/policy/modules/services/mysql.te
+++ b/policy/modules/services/mysql.te
@@ -152,7 +152,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(mysqld_t)
+	udev_read_pid_files(mysqld_t)
 ')
 
 #######################################
diff --git a/policy/modules/services/nagios.te b/policy/modules/services/nagios.te
index 6b893802..8b8ba847 100644
--- a/policy/modules/services/nagios.te
+++ b/policy/modules/services/nagios.te
@@ -172,7 +172,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(nagios_t)
+	udev_read_pid_files(nagios_t)
 ')
 
 ########################################
@@ -284,7 +284,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(nrpe_t)
+	udev_read_pid_files(nrpe_t)
 ')
 
 #####################################
diff --git a/policy/modules/services/nessus.te b/policy/modules/services/nessus.te
index 82398b9d..04a126ee 100644
--- a/policy/modules/services/nessus.te
+++ b/policy/modules/services/nessus.te
@@ -104,5 +104,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(nessusd_t)
+	udev_read_pid_files(nessusd_t)
 ')
diff --git a/policy/modules/services/networkmanager.te b/policy/modules/services/networkmanager.te
index 6fa85ba9..11fc8e26 100644
--- a/policy/modules/services/networkmanager.te
+++ b/policy/modules/services/networkmanager.te
@@ -359,7 +359,6 @@ optional_policy(`
 
 optional_policy(`
 	udev_exec(NetworkManager_t)
-	udev_read_db(NetworkManager_t)
 	udev_read_pid_files(NetworkManager_t)
 ')
 
diff --git a/policy/modules/services/nis.te b/policy/modules/services/nis.te
index cad73924..12111fa5 100644
--- a/policy/modules/services/nis.te
+++ b/policy/modules/services/nis.te
@@ -141,7 +141,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(ypbind_t)
+	udev_read_pid_files(ypbind_t)
 ')
 
 ########################################
@@ -225,7 +225,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(yppasswdd_t)
+	udev_read_pid_files(yppasswdd_t)
 ')
 
 ########################################
@@ -302,7 +302,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(ypserv_t)
+	udev_read_pid_files(ypserv_t)
 ')
 
 ########################################
diff --git a/policy/modules/services/nscd.te b/policy/modules/services/nscd.te
index 61430216..0f169de4 100644
--- a/policy/modules/services/nscd.te
+++ b/policy/modules/services/nscd.te
@@ -133,7 +133,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(nscd_t)
+	udev_read_pid_files(nscd_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/services/nsd.te b/policy/modules/services/nsd.te
index 4dae39f7..708e47c0 100644
--- a/policy/modules/services/nsd.te
+++ b/policy/modules/services/nsd.te
@@ -99,7 +99,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(nsd_t)
+	udev_read_pid_files(nsd_t)
 ')
 
 ########################################
diff --git a/policy/modules/services/ntop.te b/policy/modules/services/ntop.te
index 0a188e30..20b3dc6e 100644
--- a/policy/modules/services/ntop.te
+++ b/policy/modules/services/ntop.te
@@ -103,5 +103,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(ntop_t)
+	udev_read_pid_files(ntop_t)
 ')
diff --git a/policy/modules/services/ntp.te b/policy/modules/services/ntp.te
index e05b06ed..7aa4bf58 100644
--- a/policy/modules/services/ntp.te
+++ b/policy/modules/services/ntp.te
@@ -200,5 +200,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(ntpd_t)
+	udev_read_pid_files(ntpd_t)
 ')
diff --git a/policy/modules/services/oav.te b/policy/modules/services/oav.te
index 59ec0f6c..a7fd6fa9 100644
--- a/policy/modules/services/oav.te
+++ b/policy/modules/services/oav.te
@@ -121,5 +121,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(scannerdaemon_t)
+	udev_read_pid_files(scannerdaemon_t)
 ')
diff --git a/policy/modules/services/openct.te b/policy/modules/services/openct.te
index ae0ba0c5..2ad1d579 100644
--- a/policy/modules/services/openct.te
+++ b/policy/modules/services/openct.te
@@ -63,5 +63,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(openct_t)
+	udev_read_pid_files(openct_t)
 ')
diff --git a/policy/modules/services/pcscd.te b/policy/modules/services/pcscd.te
index c8780b8a..f97a4c00 100644
--- a/policy/modules/services/pcscd.te
+++ b/policy/modules/services/pcscd.te
@@ -89,5 +89,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(pcscd_t)
+	udev_read_pid_files(pcscd_t)
 ')
diff --git a/policy/modules/services/pegasus.te b/policy/modules/services/pegasus.te
index 09231d54..df02730a 100644
--- a/policy/modules/services/pegasus.te
+++ b/policy/modules/services/pegasus.te
@@ -175,7 +175,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(pegasus_t)
+	udev_read_pid_files(pegasus_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/services/perdition.te b/policy/modules/services/perdition.te
index 4d3b1c0a..c4b75e50 100644
--- a/policy/modules/services/perdition.te
+++ b/policy/modules/services/perdition.te
@@ -79,5 +79,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(perdition_t)
+	udev_read_pid_files(perdition_t)
 ')
diff --git a/policy/modules/services/portmap.te b/policy/modules/services/portmap.te
index 23a7353d..e205d6cd 100644
--- a/policy/modules/services/portmap.te
+++ b/policy/modules/services/portmap.te
@@ -90,7 +90,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(portmap_t)
+	udev_read_pid_files(portmap_t)
 ')
 
 ########################################
diff --git a/policy/modules/services/portslave.te b/policy/modules/services/portslave.te
index 1c04aff5..03231b3c 100644
--- a/policy/modules/services/portslave.te
+++ b/policy/modules/services/portslave.te
@@ -105,5 +105,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(portslave_t)
+	udev_read_pid_files(portslave_t)
 ')
diff --git a/policy/modules/services/postfix.te b/policy/modules/services/postfix.te
index 7c9928b4..9f50b58d 100644
--- a/policy/modules/services/postfix.te
+++ b/policy/modules/services/postfix.te
@@ -164,7 +164,7 @@ miscfiles_read_generic_tls_privkey(postfix_domain)
 userdom_dontaudit_use_unpriv_user_fds(postfix_domain)
 
 optional_policy(`
-	udev_read_db(postfix_domain)
+	udev_read_pid_files(postfix_domain)
 ')
 
 ########################################
diff --git a/policy/modules/services/postgresql.te b/policy/modules/services/postgresql.te
index d42f1fd0..b024336d 100644
--- a/policy/modules/services/postgresql.te
+++ b/policy/modules/services/postgresql.te
@@ -386,7 +386,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(postgresql_t)
+	udev_read_pid_files(postgresql_t)
 ')
 
 ########################################
diff --git a/policy/modules/services/postgrey.te b/policy/modules/services/postgrey.te
index c4c3e10d..b6b46c95 100644
--- a/policy/modules/services/postgrey.te
+++ b/policy/modules/services/postgrey.te
@@ -105,5 +105,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(postgrey_t)
+	udev_read_pid_files(postgrey_t)
 ')
diff --git a/policy/modules/services/ppp.te b/policy/modules/services/ppp.te
index cdb73f7b..881dfb01 100644
--- a/policy/modules/services/ppp.te
+++ b/policy/modules/services/ppp.te
@@ -214,7 +214,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(pppd_t)
+	udev_read_pid_files(pppd_t)
 ')
 
 ########################################
@@ -314,7 +314,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(pptp_t)
+	udev_read_pid_files(pptp_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/services/privoxy.te b/policy/modules/services/privoxy.te
index 54664a87..54662f13 100644
--- a/policy/modules/services/privoxy.te
+++ b/policy/modules/services/privoxy.te
@@ -105,5 +105,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(privoxy_t)
+	udev_read_pid_files(privoxy_t)
 ')
diff --git a/policy/modules/services/pxe.te b/policy/modules/services/pxe.te
index 5e1d8e7d..8ea3d5a5 100644
--- a/policy/modules/services/pxe.te
+++ b/policy/modules/services/pxe.te
@@ -66,5 +66,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(pxe_t)
+	udev_read_pid_files(pxe_t)
 ')
diff --git a/policy/modules/services/radius.te b/policy/modules/services/radius.te
index 82c6721d..53272d61 100644
--- a/policy/modules/services/radius.te
+++ b/policy/modules/services/radius.te
@@ -139,5 +139,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(radiusd_t)
+	udev_read_pid_files(radiusd_t)
 ')
diff --git a/policy/modules/services/radvd.te b/policy/modules/services/radvd.te
index af505f9c..284ac238 100644
--- a/policy/modules/services/radvd.te
+++ b/policy/modules/services/radvd.te
@@ -73,5 +73,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(radvd_t)
+	udev_read_pid_files(radvd_t)
 ')
diff --git a/policy/modules/services/rdisc.te b/policy/modules/services/rdisc.te
index b44a0265..d87da1a5 100644
--- a/policy/modules/services/rdisc.te
+++ b/policy/modules/services/rdisc.te
@@ -53,5 +53,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(rdisc_t)
+	udev_read_pid_files(rdisc_t)
 ')
diff --git a/policy/modules/services/resmgr.te b/policy/modules/services/resmgr.te
index 01fbbc5e..e90c79db 100644
--- a/policy/modules/services/resmgr.te
+++ b/policy/modules/services/resmgr.te
@@ -63,5 +63,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(resmgrd_t)
+	udev_read_pid_files(resmgrd_t)
 ')
diff --git a/policy/modules/services/rgmanager.te b/policy/modules/services/rgmanager.te
index c4339fe9..c20b2a22 100644
--- a/policy/modules/services/rgmanager.te
+++ b/policy/modules/services/rgmanager.te
@@ -192,7 +192,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(rgmanager_t)
+	udev_read_pid_files(rgmanager_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/services/rhcs.te b/policy/modules/services/rhcs.te
index 7283b9e3..1002a77a 100644
--- a/policy/modules/services/rhcs.te
+++ b/policy/modules/services/rhcs.te
@@ -320,5 +320,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(qdiskd_t)
+	udev_read_pid_files(qdiskd_t)
 ')
diff --git a/policy/modules/services/rhgb.te b/policy/modules/services/rhgb.te
index 944288bd..5fc6e1c5 100644
--- a/policy/modules/services/rhgb.te
+++ b/policy/modules/services/rhgb.te
@@ -122,5 +122,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(rhgb_t)
+	udev_read_pid_files(rhgb_t)
 ')
diff --git a/policy/modules/services/roundup.te b/policy/modules/services/roundup.te
index 32216133..bc03d46b 100644
--- a/policy/modules/services/roundup.te
+++ b/policy/modules/services/roundup.te
@@ -83,5 +83,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(roundup_t)
+	udev_read_pid_files(roundup_t)
 ')
diff --git a/policy/modules/services/rpc.te b/policy/modules/services/rpc.te
index 00b2793f..8930b64c 100644
--- a/policy/modules/services/rpc.te
+++ b/policy/modules/services/rpc.te
@@ -135,7 +135,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(rpc_domain)
+	udev_read_pid_files(rpc_domain)
 ')
 
 ########################################
diff --git a/policy/modules/services/samba.te b/policy/modules/services/samba.te
index e4853f5f..19adfe1e 100644
--- a/policy/modules/services/samba.te
+++ b/policy/modules/services/samba.te
@@ -504,7 +504,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(smbd_t)
+	udev_read_pid_files(smbd_t)
 ')
 
 ########################################
@@ -609,7 +609,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(nmbd_t)
+	udev_read_pid_files(nmbd_t)
 ')
 
 ########################################
@@ -955,7 +955,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(winbind_t)
+	udev_read_pid_files(winbind_t)
 ')
 
 ########################################
diff --git a/policy/modules/services/sasl.te b/policy/modules/services/sasl.te
index 640d2937..b9caec7b 100644
--- a/policy/modules/services/sasl.te
+++ b/policy/modules/services/sasl.te
@@ -111,5 +111,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(saslauthd_t)
+	udev_read_pid_files(saslauthd_t)
 ')
diff --git a/policy/modules/services/sendmail.te b/policy/modules/services/sendmail.te
index 9806c963..ee4ccbd3 100644
--- a/policy/modules/services/sendmail.te
+++ b/policy/modules/services/sendmail.te
@@ -194,7 +194,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(sendmail_t)
+	udev_read_pid_files(sendmail_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/services/slrnpull.te b/policy/modules/services/slrnpull.te
index 0a81906c..40d006c2 100644
--- a/policy/modules/services/slrnpull.te
+++ b/policy/modules/services/slrnpull.te
@@ -66,5 +66,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(slrnpull_t)
+	udev_read_pid_files(slrnpull_t)
 ')
diff --git a/policy/modules/services/smartmon.te b/policy/modules/services/smartmon.te
index 5477e936..583bb200 100644
--- a/policy/modules/services/smartmon.te
+++ b/policy/modules/services/smartmon.te
@@ -121,5 +121,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(fsdaemon_t)
+	udev_read_pid_files(fsdaemon_t)
 ')
diff --git a/policy/modules/services/snmp.te b/policy/modules/services/snmp.te
index 7f949088..d087e439 100644
--- a/policy/modules/services/snmp.te
+++ b/policy/modules/services/snmp.te
@@ -165,7 +165,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(snmpd_t)
+	udev_read_pid_files(snmpd_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/services/snort.te b/policy/modules/services/snort.te
index 4b6db4ea..5d5c3728 100644
--- a/policy/modules/services/snort.te
+++ b/policy/modules/services/snort.te
@@ -109,5 +109,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(snort_t)
+	udev_read_pid_files(snort_t)
 ')
diff --git a/policy/modules/services/soundserver.te b/policy/modules/services/soundserver.te
index 7c508a97..774ef409 100644
--- a/policy/modules/services/soundserver.te
+++ b/policy/modules/services/soundserver.te
@@ -104,5 +104,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(soundd_t)
+	udev_read_pid_files(soundd_t)
 ')
diff --git a/policy/modules/services/spamassassin.te b/policy/modules/services/spamassassin.te
index e4c9210f..34858b5a 100644
--- a/policy/modules/services/spamassassin.te
+++ b/policy/modules/services/spamassassin.te
@@ -471,7 +471,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(spamd_t)
+	udev_read_pid_files(spamd_t)
 ')
 
 ########################################
diff --git a/policy/modules/services/speedtouch.te b/policy/modules/services/speedtouch.te
index e7bad7d5..1f209e5f 100644
--- a/policy/modules/services/speedtouch.te
+++ b/policy/modules/services/speedtouch.te
@@ -57,5 +57,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(speedmgmt_t)
+	udev_read_pid_files(speedmgmt_t)
 ')
diff --git a/policy/modules/services/squid.te b/policy/modules/services/squid.te
index 2082a6d4..5396f193 100644
--- a/policy/modules/services/squid.te
+++ b/policy/modules/services/squid.te
@@ -235,5 +235,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(squid_t)
+	udev_read_pid_files(squid_t)
 ')
diff --git a/policy/modules/services/ssh.te b/policy/modules/services/ssh.te
index 53261e9a..4c1b5d49 100644
--- a/policy/modules/services/ssh.te
+++ b/policy/modules/services/ssh.te
@@ -367,5 +367,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(ssh_keygen_t)
+	udev_read_pid_files(ssh_keygen_t)
 ')
diff --git a/policy/modules/services/stunnel.te b/policy/modules/services/stunnel.te
index e9a07bc8..ff0ad302 100644
--- a/policy/modules/services/stunnel.te
+++ b/policy/modules/services/stunnel.te
@@ -97,7 +97,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(stunnel_t)
+	udev_read_pid_files(stunnel_t)
 ')
 
 # hack since this port has no interfaces since it doesnt
diff --git a/policy/modules/services/tftp.te b/policy/modules/services/tftp.te
index e1bbc6ac..442347e4 100644
--- a/policy/modules/services/tftp.te
+++ b/policy/modules/services/tftp.te
@@ -135,5 +135,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(tftpd_t)
+	udev_read_pid_files(tftpd_t)
 ')
diff --git a/policy/modules/services/timidity.te b/policy/modules/services/timidity.te
index b88138b7..fe05d453 100644
--- a/policy/modules/services/timidity.te
+++ b/policy/modules/services/timidity.te
@@ -69,5 +69,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(timidity_t)
+	udev_read_pid_files(timidity_t)
 ')
diff --git a/policy/modules/services/transproxy.te b/policy/modules/services/transproxy.te
index 91b9c2d7..f6d5b5fc 100644
--- a/policy/modules/services/transproxy.te
+++ b/policy/modules/services/transproxy.te
@@ -64,5 +64,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(transproxy_t)
+	udev_read_pid_files(transproxy_t)
 ')
diff --git a/policy/modules/services/uptime.te b/policy/modules/services/uptime.te
index da62e535..c39489ef 100644
--- a/policy/modules/services/uptime.te
+++ b/policy/modules/services/uptime.te
@@ -69,5 +69,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(uptimed_t)
+	udev_read_pid_files(uptimed_t)
 ')
diff --git a/policy/modules/services/uwimap.te b/policy/modules/services/uwimap.te
index fc84f52b..12a1d2d4 100644
--- a/policy/modules/services/uwimap.te
+++ b/policy/modules/services/uwimap.te
@@ -102,5 +102,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(imapd_t)
+	udev_read_pid_files(imapd_t)
 ')
diff --git a/policy/modules/services/virt.te b/policy/modules/services/virt.te
index 6d154d64..edb4e59c 100644
--- a/policy/modules/services/virt.te
+++ b/policy/modules/services/virt.te
@@ -824,7 +824,6 @@ optional_policy(`
 
 optional_policy(`
 	udev_domtrans(virtd_t)
-	udev_read_db(virtd_t)
 	udev_read_pid_files(virtd_t)
 ')
 
diff --git a/policy/modules/services/watchdog.te b/policy/modules/services/watchdog.te
index d206136d..f2ace35d 100644
--- a/policy/modules/services/watchdog.te
+++ b/policy/modules/services/watchdog.te
@@ -97,5 +97,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(watchdog_t)
+	udev_read_pid_files(watchdog_t)
 ')
diff --git a/policy/modules/services/xfs.te b/policy/modules/services/xfs.te
index 6f1eb97f..cfc77517 100644
--- a/policy/modules/services/xfs.te
+++ b/policy/modules/services/xfs.te
@@ -81,5 +81,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(xfs_t)
+	udev_read_pid_files(xfs_t)
 ')
diff --git a/policy/modules/services/xprint.te b/policy/modules/services/xprint.te
index a9b5f371..37737d7d 100644
--- a/policy/modules/services/xprint.te
+++ b/policy/modules/services/xprint.te
@@ -76,5 +76,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(xprint_t)
+	udev_read_pid_files(xprint_t)
 ')
diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
index abaccb33..20c0efd7 100644
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@@ -591,7 +591,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(xdm_t)
+	udev_read_pid_files(xdm_t)
 ')
 
 optional_policy(`
@@ -819,7 +819,6 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(xserver_t)
 	udev_read_pid_files(xserver_t)
 ')
 
diff --git a/policy/modules/services/zebra.te b/policy/modules/services/zebra.te
index 1ad2a2a5..b009352b 100644
--- a/policy/modules/services/zebra.te
+++ b/policy/modules/services/zebra.te
@@ -134,5 +134,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(zebra_t)
+	udev_read_pid_files(zebra_t)
 ')
diff --git a/policy/modules/system/authlogin.te b/policy/modules/system/authlogin.te
index 604cf27e..7bc66d2b 100644
--- a/policy/modules/system/authlogin.te
+++ b/policy/modules/system/authlogin.te
@@ -327,7 +327,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(pam_console_t)
+	udev_read_pid_files(pam_console_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/system/clock.te b/policy/modules/system/clock.te
index bbd9d64b..3b981000 100644
--- a/policy/modules/system/clock.te
+++ b/policy/modules/system/clock.te
@@ -73,7 +73,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(hwclock_t)
+	udev_read_pid_files(hwclock_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/system/fstools.te b/policy/modules/system/fstools.te
index 71722180..0b2a5315 100644
--- a/policy/modules/system/fstools.te
+++ b/policy/modules/system/fstools.te
@@ -213,7 +213,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(fsadm_t)
+	udev_read_pid_files(fsadm_t)
 
 	# Xen causes losetup to run with a presumably accidentally inherited
 	# file handle for /run/xen-hotplug/block
diff --git a/policy/modules/system/getty.te b/policy/modules/system/getty.te
index b77c9c24..bb000ed0 100644
--- a/policy/modules/system/getty.te
+++ b/policy/modules/system/getty.te
@@ -128,5 +128,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(getty_t)
+	udev_read_pid_files(getty_t)
 ')
diff --git a/policy/modules/system/hotplug.te b/policy/modules/system/hotplug.te
index 2af9c850..5526587c 100644
--- a/policy/modules/system/hotplug.te
+++ b/policy/modules/system/hotplug.te
@@ -189,7 +189,7 @@ optional_policy(`
 optional_policy(`
 	udev_domtrans(hotplug_t)
 	udev_helper_domtrans(hotplug_t)
-	udev_read_db(hotplug_t)
+	udev_read_pid_files(hotplug_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index 765dcc7b..650424df 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -555,7 +555,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(init_t)
+	udev_read_pid_files(init_t)
 	udev_relabelto_db(init_t)
 ')
 
diff --git a/policy/modules/system/ipsec.te b/policy/modules/system/ipsec.te
index 2d530a1a..0f28c580 100644
--- a/policy/modules/system/ipsec.te
+++ b/policy/modules/system/ipsec.te
@@ -191,7 +191,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(ipsec_t)
+	udev_read_pid_files(ipsec_t)
 ')
 
 ########################################
diff --git a/policy/modules/system/iptables.te b/policy/modules/system/iptables.te
index 0386dc5a..46a3e82c 100644
--- a/policy/modules/system/iptables.te
+++ b/policy/modules/system/iptables.te
@@ -145,7 +145,6 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(iptables_t)
 	# this is for iptables_t to inherit a file hande from xen vif-bridge
 	udev_manage_pid_files(iptables_t)
 ')
diff --git a/policy/modules/system/logging.te b/policy/modules/system/logging.te
index 24adb26c..98ffbea5 100644
--- a/policy/modules/system/logging.te
+++ b/policy/modules/system/logging.te
@@ -238,7 +238,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(auditd_t)
+	udev_read_pid_files(auditd_t)
 ')
 
 ########################################
@@ -366,7 +366,7 @@ ifdef(`distro_ubuntu',`
 ')
 
 optional_policy(`
-	udev_read_db(klogd_t)
+	udev_read_pid_files(klogd_t)
 ')
 
 optional_policy(`
@@ -607,7 +607,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(syslogd_t)
+	udev_read_pid_files(syslogd_t)
 	# for systemd-journal to read seat data from /run/udev/data
 	udev_read_pid_files(syslogd_t)
 ')
diff --git a/policy/modules/system/lvm.te b/policy/modules/system/lvm.te
index 967341f9..8d065b72 100644
--- a/policy/modules/system/lvm.te
+++ b/policy/modules/system/lvm.te
@@ -155,7 +155,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(clvmd_t)
+	udev_read_pid_files(clvmd_t)
 ')
 
 ########################################
@@ -369,7 +369,6 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(lvm_t)
 	udev_read_pid_files(lvm_t)
 ')
 
diff --git a/policy/modules/system/pcmcia.te b/policy/modules/system/pcmcia.te
index 946b88fd..f4751a5c 100644
--- a/policy/modules/system/pcmcia.te
+++ b/policy/modules/system/pcmcia.te
@@ -117,5 +117,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(cardmgr_t)
+	udev_read_pid_files(cardmgr_t)
 ')
diff --git a/policy/modules/system/raid.te b/policy/modules/system/raid.te
index 363c3706..2d3748cd 100644
--- a/policy/modules/system/raid.te
+++ b/policy/modules/system/raid.te
@@ -105,5 +105,5 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(mdadm_t)
+	udev_read_pid_files(mdadm_t)
 ')
diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te
index f95e1387..17e79011 100644
--- a/policy/modules/system/sysnetwork.te
+++ b/policy/modules/system/sysnetwork.te
@@ -253,7 +253,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(dhcpc_t)
+	udev_read_pid_files(dhcpc_t)
 ')
 
 optional_policy(`
diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
index 285cc665..c2894e8a 100644
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@@ -623,7 +623,6 @@ systemd_log_parse_environment(systemd_logind_t)
 systemd_start_power_units(systemd_logind_t)
 
 udev_list_pids(systemd_logind_t)
-udev_read_db(systemd_logind_t)
 udev_read_pid_files(systemd_logind_t)
 
 userdom_delete_all_user_runtime_dirs(systemd_logind_t)
@@ -829,7 +828,6 @@ optional_policy(`
 ')
 
 optional_policy(`
-	udev_read_db(systemd_networkd_t)
 	udev_read_pid_files(systemd_networkd_t)
 ')
 
diff --git a/policy/modules/system/udev.fc b/policy/modules/system/udev.fc
index 0ae7571c..f02e8195 100644
--- a/policy/modules/system/udev.fc
+++ b/policy/modules/system/udev.fc
@@ -1,7 +1,3 @@
-/dev/\.udev(/.*)? --	gen_context(system_u:object_r:udev_tbl_t,s0)
-/dev/\.udevdb	--	gen_context(system_u:object_r:udev_tbl_t,s0)
-/dev/udev\.tbl	--	gen_context(system_u:object_r:udev_tbl_t,s0)
-
 /etc/dev\.d/.+	--	gen_context(system_u:object_r:udev_helper_exec_t,s0)
 
 /etc/hotplug\.d/default/udev.* -- gen_context(system_u:object_r:udev_helper_exec_t,s0)
diff --git a/policy/modules/system/udev.if b/policy/modules/system/udev.if
index b736fcfd..53e764ce 100644
--- a/policy/modules/system/udev.if
+++ b/policy/modules/system/udev.if
@@ -214,10 +214,10 @@ interface(`udev_manage_rules_files',`
 #
 interface(`udev_dontaudit_search_db',`
 	gen_require(`
-		type udev_tbl_t;
+		type udev_runtime_t;
 	')
 
-	dontaudit $1 udev_tbl_t:dir search_dir_perms;
+	dontaudit $1 udev_runtime_t:dir search_dir_perms;
 ')
 
 ########################################
@@ -237,20 +237,9 @@ interface(`udev_dontaudit_search_db',`
 ## <infoflow type="read" weight="10"/>
 #
 interface(`udev_read_db',`
-	gen_require(`
-		type udev_tbl_t;
-	')
-
-	allow $1 udev_tbl_t:dir list_dir_perms;
-
-	read_files_pattern($1, udev_tbl_t, udev_tbl_t)
-	read_lnk_files_pattern($1, udev_tbl_t, udev_tbl_t)
-
-	dev_list_all_dev_nodes($1)
+	refpolicywarn(`$0($*) has been deprecated, please use udev_read_pid_files() instead.')
 
-	files_search_etc($1)
-
-	udev_search_pids($1)
+	udev_read_pid_files($1)
 ')
 
 ########################################
@@ -265,11 +254,11 @@ interface(`udev_read_db',`
 #
 interface(`udev_rw_db',`
 	gen_require(`
-		type udev_tbl_t;
+		type udev_runtime_t;
 	')
 
-	dev_list_all_dev_nodes($1)
-	allow $1 udev_tbl_t:file rw_file_perms;
+	files_search_pids($1)
+	allow $1 udev_runtime_t:file rw_file_perms;
 ')
 
 ########################################
diff --git a/policy/modules/system/udev.te b/policy/modules/system/udev.te
index 18d1f8cb..b0f5c370 100644
--- a/policy/modules/system/udev.te
+++ b/policy/modules/system/udev.te
@@ -28,13 +28,10 @@ files_config_file(udev_etc_t)
 type udev_rules_t;
 files_type(udev_rules_t)
 
-type udev_runtime_t alias udev_var_run_t;
+type udev_runtime_t alias {udev_tbl_t udev_var_run_t};
 files_pid_file(udev_runtime_t)
 init_daemon_pid_file(udev_runtime_t, dir, "udev")
 
-type udev_tbl_t alias udev_tdb_t;
-files_type(udev_tbl_t)
-
 ifdef(`enable_mcs',`
 	kernel_ranged_domtrans_to(udev_t, udev_exec_t, s0 - mcs_systemhigh)
 	init_ranged_daemon_domain(udev_t, udev_exec_t, s0 - mcs_systemhigh)
@@ -74,9 +71,6 @@ can_exec(udev_t, udev_helper_exec_t)
 # read udev config
 allow udev_t udev_etc_t:file read_file_perms;
 
-allow udev_t udev_tbl_t:file manage_file_perms;
-dev_filetrans(udev_t, udev_tbl_t, file)
-
 list_dirs_pattern(udev_t, udev_rules_t, udev_rules_t)
 manage_files_pattern(udev_t, udev_rules_t, udev_rules_t)
 manage_lnk_files_pattern(udev_t, udev_rules_t, udev_rules_t)
@@ -403,12 +397,9 @@ delete_files_pattern(udevadm_t, udev_runtime_t, udev_runtime_t)
 delete_lnk_files_pattern(udevadm_t, udev_runtime_t, udev_runtime_t)
 list_dirs_pattern(udevadm_t, udev_runtime_t, udev_runtime_t)
 read_files_pattern(udevadm_t, udev_runtime_t, udev_runtime_t)
+read_lnk_files_pattern(udevadm_t, udev_runtime_t, udev_runtime_t)
 allow udevadm_t udev_runtime_t:dir watch;
 
-list_dirs_pattern(udevadm_t, udev_tbl_t, udev_tbl_t)
-read_files_pattern(udevadm_t, udev_tbl_t, udev_tbl_t)
-read_lnk_files_pattern(udevadm_t, udev_tbl_t, udev_tbl_t)
-
 dev_rw_sysfs(udevadm_t)
 dev_read_urand(udevadm_t)
 
-- 
2.26.1