Signed-off-by: Dominick Grift <[email protected]>
---
:100644 100644 db570f6... f294491... M policy/modules/apps/evolution.te
:100644 100644 4204eec... 5bb9e30... M policy/modules/apps/gift.te
:100644 100644 62631ec... ebcd681... M policy/modules/apps/mozilla.te
:100644 100644 da32014... 82c4a54... M policy/modules/apps/mplayer.te
:100644 100644 c4e581e... 6f08115... M policy/modules/apps/thunderbird.te
:100644 100644 acc7244... d736572... M policy/modules/apps/tvtime.te
:100644 100644 3c43106... 31bbf17... M policy/modules/apps/wireshark.te
:100644 100644 7629cf8... e4ecbbd... M policy/modules/services/razor.te
:100644 100644 438dab7... b6a8919... M policy/modules/services/spamassassin.te
:100644 100644 4566008... d2b2626... M policy/modules/services/xserver.te
:100644 100644 c7c83c4... a3135e6... M policy/modules/system/userdomain.if
policy/modules/apps/evolution.te | 1 -
policy/modules/apps/gift.te | 1 -
policy/modules/apps/mozilla.te | 1 -
policy/modules/apps/mplayer.te | 1 -
policy/modules/apps/thunderbird.te | 1 -
policy/modules/apps/tvtime.te | 1 -
policy/modules/apps/wireshark.te | 1 -
policy/modules/services/razor.te | 1 -
policy/modules/services/spamassassin.te | 1 -
policy/modules/services/xserver.te | 2 --
policy/modules/system/userdomain.if | 1 +
11 files changed, 1 insertions(+), 11 deletions(-)
diff --git a/policy/modules/apps/evolution.te b/policy/modules/apps/evolution.te
index db570f6..f294491 100644
--- a/policy/modules/apps/evolution.te
+++ b/policy/modules/apps/evolution.te
@@ -59,7 +59,6 @@ ubac_constrained(evolution_exchange_orbit_tmp_t)
type evolution_home_t;
typealias evolution_home_t alias { user_evolution_home_t staff_evolution_home_t sysadm_evolution_home_t };
typealias evolution_home_t alias { auditadm_evolution_home_t secadm_evolution_home_t };
-files_poly_member(evolution_home_t)
userdom_user_home_content(evolution_home_t)
type evolution_orbit_tmp_t;
diff --git a/policy/modules/apps/gift.te b/policy/modules/apps/gift.te
index 4204eec..5bb9e30 100644
--- a/policy/modules/apps/gift.te
+++ b/policy/modules/apps/gift.te
@@ -15,7 +15,6 @@ ubac_constrained(gift_t)
type gift_home_t;
typealias gift_home_t alias { user_gift_home_t staff_gift_home_t sysadm_gift_home_t };
typealias gift_home_t alias { auditadm_gift_home_t secadm_gift_home_t };
-files_poly_member(gift_home_t)
userdom_user_home_content(gift_home_t)
type gift_tmpfs_t;
diff --git a/policy/modules/apps/mozilla.te b/policy/modules/apps/mozilla.te
index 62631ec..ebcd681 100644
--- a/policy/modules/apps/mozilla.te
+++ b/policy/modules/apps/mozilla.te
@@ -25,7 +25,6 @@ files_config_file(mozilla_conf_t)
type mozilla_home_t;
typealias mozilla_home_t alias { user_mozilla_home_t staff_mozilla_home_t sysadm_mozilla_home_t };
typealias mozilla_home_t alias { auditadm_mozilla_home_t secadm_mozilla_home_t };
-files_poly_member(mozilla_home_t)
userdom_user_home_content(mozilla_home_t)
type mozilla_tmpfs_t;
diff --git a/policy/modules/apps/mplayer.te b/policy/modules/apps/mplayer.te
index da32014..82c4a54 100644
--- a/policy/modules/apps/mplayer.te
+++ b/policy/modules/apps/mplayer.te
@@ -32,7 +32,6 @@ files_config_file(mplayer_etc_t)
type mplayer_home_t;
typealias mplayer_home_t alias { user_mplayer_home_t staff_mplayer_home_t sysadm_mplayer_home_t };
typealias mplayer_home_t alias { auditadm_mplayer_home_t secadm_mplayer_home_t };
-files_poly_member(mplayer_home_t)
userdom_user_home_content(mplayer_home_t)
type mplayer_tmpfs_t;
diff --git a/policy/modules/apps/thunderbird.te b/policy/modules/apps/thunderbird.te
index c4e581e..6f08115 100644
--- a/policy/modules/apps/thunderbird.te
+++ b/policy/modules/apps/thunderbird.te
@@ -15,7 +15,6 @@ ubac_constrained(thunderbird_t)
type thunderbird_home_t;
typealias thunderbird_home_t alias { user_thunderbird_home_t staff_thunderbird_home_t sysadm_thunderbird_home_t };
typealias thunderbird_home_t alias { auditadm_thunderbird_home_t secadm_thunderbird_home_t };
-files_poly_member(thunderbird_home_t)
userdom_user_home_content(thunderbird_home_t)
type thunderbird_tmpfs_t;
diff --git a/policy/modules/apps/tvtime.te b/policy/modules/apps/tvtime.te
index acc7244..d736572 100644
--- a/policy/modules/apps/tvtime.te
+++ b/policy/modules/apps/tvtime.te
@@ -16,7 +16,6 @@ type tvtime_home_t alias tvtime_rw_t;
typealias tvtime_home_t alias { user_tvtime_home_t staff_tvtime_home_t sysadm_tvtime_home_t };
typealias tvtime_home_t alias { auditadm_tvtime_home_t secadm_tvtime_home_t };
userdom_user_home_content(tvtime_home_t)
-files_poly_member(tvtime_home_t)
type tvtime_tmp_t;
typealias tvtime_tmp_t alias { user_tvtime_tmp_t staff_tvtime_tmp_t sysadm_tvtime_tmp_t };
diff --git a/policy/modules/apps/wireshark.te b/policy/modules/apps/wireshark.te
index 3c43106..31bbf17 100644
--- a/policy/modules/apps/wireshark.te
+++ b/policy/modules/apps/wireshark.te
@@ -15,7 +15,6 @@ ubac_constrained(wireshark_t)
type wireshark_home_t;
typealias wireshark_home_t alias { user_wireshark_home_t staff_wireshark_home_t sysadm_wireshark_home_t };
typealias wireshark_home_t alias { auditadm_wireshark_home_t secadm_wireshark_home_t };
-files_poly_member(wireshark_home_t)
userdom_user_home_content(wireshark_home_t)
type wireshark_tmp_t;
diff --git a/policy/modules/services/razor.te b/policy/modules/services/razor.te
index 7629cf8..e4ecbbd 100644
--- a/policy/modules/services/razor.te
+++ b/policy/modules/services/razor.te
@@ -14,7 +14,6 @@ files_config_file(razor_etc_t)
type razor_home_t;
typealias razor_home_t alias { user_razor_home_t staff_razor_home_t sysadm_razor_home_t };
typealias razor_home_t alias { auditadm_razor_home_t secadm_razor_home_t };
-files_poly_member(razor_home_t)
userdom_user_home_content(razor_home_t)
type razor_log_t;
diff --git a/policy/modules/services/spamassassin.te b/policy/modules/services/spamassassin.te
index 438dab7..b6a8919 100644
--- a/policy/modules/services/spamassassin.te
+++ b/policy/modules/services/spamassassin.te
@@ -30,7 +30,6 @@ type spamassassin_home_t;
typealias spamassassin_home_t alias { user_spamassassin_home_t staff_spamassassin_home_t sysadm_spamassassin_home_t };
typealias spamassassin_home_t alias { auditadm_spamassassin_home_t secadm_spamassassin_home_t };
userdom_user_home_content(spamassassin_home_t)
-files_poly_member(spamassassin_home_t)
type spamassassin_tmp_t;
typealias spamassassin_tmp_t alias { user_spamassassin_tmp_t staff_spamassassin_tmp_t sysadm_spamassassin_tmp_t };
diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
index 4566008..d2b2626 100644
--- a/policy/modules/services/xserver.te
+++ b/policy/modules/services/xserver.te
@@ -131,7 +131,6 @@ ubac_constrained(iceauth_t)
type iceauth_home_t;
typealias iceauth_home_t alias { user_iceauth_home_t staff_iceauth_home_t sysadm_iceauth_home_t };
typealias iceauth_home_t alias { auditadm_iceauth_home_t secadm_iceauth_home_t };
-files_poly_member(iceauth_home_t)
userdom_user_home_content(iceauth_home_t)
type xauth_t;
@@ -144,7 +143,6 @@ ubac_constrained(xauth_t)
type xauth_home_t;
typealias xauth_home_t alias { user_xauth_home_t staff_xauth_home_t sysadm_xauth_home_t };
typealias xauth_home_t alias { auditadm_xauth_home_t secadm_xauth_home_t };
-files_poly_member(xauth_home_t)
userdom_user_home_content(xauth_home_t)
type xauth_tmp_t;
diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index c7c83c4..a3135e6 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -1280,6 +1280,7 @@ interface(`userdom_user_home_content',`
allow $1 user_home_t:filesystem associate;
files_type($1)
+ files_poly_member($1)
ubac_constrained($1)
')
--
1.7.1.1
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100709/e72b0f9e/attachment-0001.bin
On 07/09/10 09:29, Dominick Grift wrote:
> Signed-off-by: Dominick Grift<[email protected]>
Merged.
> ---
> :100644 100644 db570f6... f294491... M policy/modules/apps/evolution.te
> :100644 100644 4204eec... 5bb9e30... M policy/modules/apps/gift.te
> :100644 100644 62631ec... ebcd681... M policy/modules/apps/mozilla.te
> :100644 100644 da32014... 82c4a54... M policy/modules/apps/mplayer.te
> :100644 100644 c4e581e... 6f08115... M policy/modules/apps/thunderbird.te
> :100644 100644 acc7244... d736572... M policy/modules/apps/tvtime.te
> :100644 100644 3c43106... 31bbf17... M policy/modules/apps/wireshark.te
> :100644 100644 7629cf8... e4ecbbd... M policy/modules/services/razor.te
> :100644 100644 438dab7... b6a8919... M policy/modules/services/spamassassin.te
> :100644 100644 4566008... d2b2626... M policy/modules/services/xserver.te
> :100644 100644 c7c83c4... a3135e6... M policy/modules/system/userdomain.if
> policy/modules/apps/evolution.te | 1 -
> policy/modules/apps/gift.te | 1 -
> policy/modules/apps/mozilla.te | 1 -
> policy/modules/apps/mplayer.te | 1 -
> policy/modules/apps/thunderbird.te | 1 -
> policy/modules/apps/tvtime.te | 1 -
> policy/modules/apps/wireshark.te | 1 -
> policy/modules/services/razor.te | 1 -
> policy/modules/services/spamassassin.te | 1 -
> policy/modules/services/xserver.te | 2 --
> policy/modules/system/userdomain.if | 1 +
> 11 files changed, 1 insertions(+), 11 deletions(-)
>
> diff --git a/policy/modules/apps/evolution.te b/policy/modules/apps/evolution.te
> index db570f6..f294491 100644
> --- a/policy/modules/apps/evolution.te
> +++ b/policy/modules/apps/evolution.te
> @@ -59,7 +59,6 @@ ubac_constrained(evolution_exchange_orbit_tmp_t)
> type evolution_home_t;
> typealias evolution_home_t alias { user_evolution_home_t staff_evolution_home_t sysadm_evolution_home_t };
> typealias evolution_home_t alias { auditadm_evolution_home_t secadm_evolution_home_t };
> -files_poly_member(evolution_home_t)
> userdom_user_home_content(evolution_home_t)
>
> type evolution_orbit_tmp_t;
> diff --git a/policy/modules/apps/gift.te b/policy/modules/apps/gift.te
> index 4204eec..5bb9e30 100644
> --- a/policy/modules/apps/gift.te
> +++ b/policy/modules/apps/gift.te
> @@ -15,7 +15,6 @@ ubac_constrained(gift_t)
> type gift_home_t;
> typealias gift_home_t alias { user_gift_home_t staff_gift_home_t sysadm_gift_home_t };
> typealias gift_home_t alias { auditadm_gift_home_t secadm_gift_home_t };
> -files_poly_member(gift_home_t)
> userdom_user_home_content(gift_home_t)
>
> type gift_tmpfs_t;
> diff --git a/policy/modules/apps/mozilla.te b/policy/modules/apps/mozilla.te
> index 62631ec..ebcd681 100644
> --- a/policy/modules/apps/mozilla.te
> +++ b/policy/modules/apps/mozilla.te
> @@ -25,7 +25,6 @@ files_config_file(mozilla_conf_t)
> type mozilla_home_t;
> typealias mozilla_home_t alias { user_mozilla_home_t staff_mozilla_home_t sysadm_mozilla_home_t };
> typealias mozilla_home_t alias { auditadm_mozilla_home_t secadm_mozilla_home_t };
> -files_poly_member(mozilla_home_t)
> userdom_user_home_content(mozilla_home_t)
>
> type mozilla_tmpfs_t;
> diff --git a/policy/modules/apps/mplayer.te b/policy/modules/apps/mplayer.te
> index da32014..82c4a54 100644
> --- a/policy/modules/apps/mplayer.te
> +++ b/policy/modules/apps/mplayer.te
> @@ -32,7 +32,6 @@ files_config_file(mplayer_etc_t)
> type mplayer_home_t;
> typealias mplayer_home_t alias { user_mplayer_home_t staff_mplayer_home_t sysadm_mplayer_home_t };
> typealias mplayer_home_t alias { auditadm_mplayer_home_t secadm_mplayer_home_t };
> -files_poly_member(mplayer_home_t)
> userdom_user_home_content(mplayer_home_t)
>
> type mplayer_tmpfs_t;
> diff --git a/policy/modules/apps/thunderbird.te b/policy/modules/apps/thunderbird.te
> index c4e581e..6f08115 100644
> --- a/policy/modules/apps/thunderbird.te
> +++ b/policy/modules/apps/thunderbird.te
> @@ -15,7 +15,6 @@ ubac_constrained(thunderbird_t)
> type thunderbird_home_t;
> typealias thunderbird_home_t alias { user_thunderbird_home_t staff_thunderbird_home_t sysadm_thunderbird_home_t };
> typealias thunderbird_home_t alias { auditadm_thunderbird_home_t secadm_thunderbird_home_t };
> -files_poly_member(thunderbird_home_t)
> userdom_user_home_content(thunderbird_home_t)
>
> type thunderbird_tmpfs_t;
> diff --git a/policy/modules/apps/tvtime.te b/policy/modules/apps/tvtime.te
> index acc7244..d736572 100644
> --- a/policy/modules/apps/tvtime.te
> +++ b/policy/modules/apps/tvtime.te
> @@ -16,7 +16,6 @@ type tvtime_home_t alias tvtime_rw_t;
> typealias tvtime_home_t alias { user_tvtime_home_t staff_tvtime_home_t sysadm_tvtime_home_t };
> typealias tvtime_home_t alias { auditadm_tvtime_home_t secadm_tvtime_home_t };
> userdom_user_home_content(tvtime_home_t)
> -files_poly_member(tvtime_home_t)
>
> type tvtime_tmp_t;
> typealias tvtime_tmp_t alias { user_tvtime_tmp_t staff_tvtime_tmp_t sysadm_tvtime_tmp_t };
> diff --git a/policy/modules/apps/wireshark.te b/policy/modules/apps/wireshark.te
> index 3c43106..31bbf17 100644
> --- a/policy/modules/apps/wireshark.te
> +++ b/policy/modules/apps/wireshark.te
> @@ -15,7 +15,6 @@ ubac_constrained(wireshark_t)
> type wireshark_home_t;
> typealias wireshark_home_t alias { user_wireshark_home_t staff_wireshark_home_t sysadm_wireshark_home_t };
> typealias wireshark_home_t alias { auditadm_wireshark_home_t secadm_wireshark_home_t };
> -files_poly_member(wireshark_home_t)
> userdom_user_home_content(wireshark_home_t)
>
> type wireshark_tmp_t;
> diff --git a/policy/modules/services/razor.te b/policy/modules/services/razor.te
> index 7629cf8..e4ecbbd 100644
> --- a/policy/modules/services/razor.te
> +++ b/policy/modules/services/razor.te
> @@ -14,7 +14,6 @@ files_config_file(razor_etc_t)
> type razor_home_t;
> typealias razor_home_t alias { user_razor_home_t staff_razor_home_t sysadm_razor_home_t };
> typealias razor_home_t alias { auditadm_razor_home_t secadm_razor_home_t };
> -files_poly_member(razor_home_t)
> userdom_user_home_content(razor_home_t)
>
> type razor_log_t;
> diff --git a/policy/modules/services/spamassassin.te b/policy/modules/services/spamassassin.te
> index 438dab7..b6a8919 100644
> --- a/policy/modules/services/spamassassin.te
> +++ b/policy/modules/services/spamassassin.te
> @@ -30,7 +30,6 @@ type spamassassin_home_t;
> typealias spamassassin_home_t alias { user_spamassassin_home_t staff_spamassassin_home_t sysadm_spamassassin_home_t };
> typealias spamassassin_home_t alias { auditadm_spamassassin_home_t secadm_spamassassin_home_t };
> userdom_user_home_content(spamassassin_home_t)
> -files_poly_member(spamassassin_home_t)
>
> type spamassassin_tmp_t;
> typealias spamassassin_tmp_t alias { user_spamassassin_tmp_t staff_spamassassin_tmp_t sysadm_spamassassin_tmp_t };
> diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te
> index 4566008..d2b2626 100644
> --- a/policy/modules/services/xserver.te
> +++ b/policy/modules/services/xserver.te
> @@ -131,7 +131,6 @@ ubac_constrained(iceauth_t)
> type iceauth_home_t;
> typealias iceauth_home_t alias { user_iceauth_home_t staff_iceauth_home_t sysadm_iceauth_home_t };
> typealias iceauth_home_t alias { auditadm_iceauth_home_t secadm_iceauth_home_t };
> -files_poly_member(iceauth_home_t)
> userdom_user_home_content(iceauth_home_t)
>
> type xauth_t;
> @@ -144,7 +143,6 @@ ubac_constrained(xauth_t)
> type xauth_home_t;
> typealias xauth_home_t alias { user_xauth_home_t staff_xauth_home_t sysadm_xauth_home_t };
> typealias xauth_home_t alias { auditadm_xauth_home_t secadm_xauth_home_t };
> -files_poly_member(xauth_home_t)
> userdom_user_home_content(xauth_home_t)
>
> type xauth_tmp_t;
> diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
> index c7c83c4..a3135e6 100644
> --- a/policy/modules/system/userdomain.if
> +++ b/policy/modules/system/userdomain.if
> @@ -1280,6 +1280,7 @@ interface(`userdom_user_home_content',`
>
> allow $1 user_home_t:filesystem associate;
> files_type($1)
> + files_poly_member($1)
> ubac_constrained($1)
> ')
>
>
>
>
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com