LinuxLists.cc - [refpolicy] [ admin layer patch 1/1] admin: domain { allowed to transition, allowed access, to not audit }.

2010-08-03 13:42:13

Subject: [refpolicy] [ admin layer patch 1/1] admin: domain { allowed to transition, allowed access, to not audit }.

Signed-off-by: Dominick Grift <[email protected]>
---
:100644 100644 d73c515... e66c296... M policy/modules/admin/acct.if
:100644 100644 b4c78c7... fe09bea... M policy/modules/admin/alsa.if
:100644 100644 d99f058... 00bdbe1... M policy/modules/admin/amanda.if
:100644 100644 18e3bc6... 870fd88... M policy/modules/admin/amtu.if
:100644 100644 84668f1... e696b80... M policy/modules/admin/apt.if
:100644 100644 c0b4205... 1b3a4c5... M policy/modules/admin/backup.if
:100644 100644 da8b00b... de17569... M policy/modules/admin/bootloader.if
:100644 100644 3f45dfe... 26a3834... M policy/modules/admin/certwatch.if
:100644 100644 daa6eb3... b0b47d4... M policy/modules/admin/consoletype.if
:100644 100644 1a43194... 9868652... M policy/modules/admin/ddcprobe.if
:100644 100644 4035397... e1973c7... M policy/modules/admin/dmesg.if
:100644 100644 331ff4c... 7264af0... M policy/modules/admin/dmidecode.if
:100644 100644 633495b... 9317171... M policy/modules/admin/dpkg.if
:100644 100644 83512c9... d391174... M policy/modules/admin/firstboot.if
:100644 100644 b630279... fc1beda... M policy/modules/admin/kismet.if
:100644 100644 1aeff55... b7370bb... M policy/modules/admin/kudzu.if
:100644 100644 b3aa19e... d82fcdc... M policy/modules/admin/logrotate.if
:100644 100644 0ab5f13... 525bdd5... M policy/modules/admin/netutils.if
:100644 100644 35161b2... 8aaa46d... M policy/modules/admin/portage.if
:100644 100644 89e8209... 93ec175... M policy/modules/admin/prelink.if
:100644 100644 d50f2f5... 793ba70... M policy/modules/admin/quota.if
:100644 100644 2514ed5... 86463e3... M policy/modules/admin/rpm.if
:100644 100644 efb18c0... e1c295c... M policy/modules/admin/shutdown.if
:100644 100644 d23d02a... 8bec1bc... M policy/modules/admin/tripwire.if
:100644 100644 b873388... 7747b16... M policy/modules/admin/tzdata.if
:100644 100644 6a4f564... 4d4b60e... M policy/modules/admin/updfstab.if
:100644 100644 d673f10... 7962e2b... M policy/modules/admin/usbmodules.if
:100644 100644 8702699... ca23168... M policy/modules/admin/usermanage.if
:100644 100644 2dc9f53... f365a0d... M policy/modules/admin/vbetool.if
:100644 100644 ccda6e4... d24ac85... M policy/modules/admin/vpn.if
policy/modules/admin/acct.if | 2 +-
policy/modules/admin/alsa.if | 2 +-
policy/modules/admin/amanda.if | 8 ++++----
policy/modules/admin/amtu.if | 4 ++--
policy/modules/admin/apt.if | 7 +++----
policy/modules/admin/backup.if | 4 ++--
policy/modules/admin/bootloader.if | 4 ++--
policy/modules/admin/certwatch.if | 6 +++---
policy/modules/admin/consoletype.if | 4 ++--
policy/modules/admin/ddcprobe.if | 4 ++--
policy/modules/admin/dmesg.if | 2 +-
policy/modules/admin/dmidecode.if | 4 ++--
policy/modules/admin/dpkg.if | 6 +++---
policy/modules/admin/firstboot.if | 4 ++--
policy/modules/admin/kismet.if | 6 +++---
policy/modules/admin/kudzu.if | 4 ++--
policy/modules/admin/logrotate.if | 8 ++++----
policy/modules/admin/netutils.if | 16 ++++++++--------
policy/modules/admin/portage.if | 12 ++++++------
policy/modules/admin/prelink.if | 4 ++--
policy/modules/admin/quota.if | 6 +++---
policy/modules/admin/rpm.if | 10 +++++-----
policy/modules/admin/shutdown.if | 2 +-
policy/modules/admin/tripwire.if | 16 ++++++++--------
policy/modules/admin/tzdata.if | 2 +-
policy/modules/admin/updfstab.if | 2 +-
policy/modules/admin/usbmodules.if | 4 ++--
policy/modules/admin/usermanage.if | 22 +++++++++++-----------
policy/modules/admin/vbetool.if | 4 ++--
policy/modules/admin/vpn.if | 4 ++--
30 files changed, 91 insertions(+), 92 deletions(-)

diff --git a/policy/modules/admin/acct.if b/policy/modules/admin/acct.if
index d73c515..e66c296 100644
--- a/policy/modules/admin/acct.if
+++ b/policy/modules/admin/acct.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
diff --git a/policy/modules/admin/alsa.if b/policy/modules/admin/alsa.if
index b4c78c7..fe09bea 100644
--- a/policy/modules/admin/alsa.if
+++ b/policy/modules/admin/alsa.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
diff --git a/policy/modules/admin/amanda.if b/policy/modules/admin/amanda.if
index d99f058..00bdbe1 100644
--- a/policy/modules/admin/amanda.if
+++ b/policy/modules/admin/amanda.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -25,7 +25,7 @@ interface(`amanda_domtrans_recover',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -87,7 +87,7 @@ interface(`amanda_dontaudit_read_dumpdates',`
## </summary>
## <param name="domain">
## <summary>
-## Domain to allow
+## Domain allowed access.
## </summary>
## </param>
#
@@ -124,7 +124,7 @@ interface(`amanda_manage_lib',`
## </summary>
## <param name="domain">
## <summary>
-## Domain to allow
+## Domain allowed access.
## </summary>
## </param>
#
diff --git a/policy/modules/admin/amtu.if b/policy/modules/admin/amtu.if
index 18e3bc6..870fd88 100644
--- a/policy/modules/admin/amtu.if
+++ b/policy/modules/admin/amtu.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -26,7 +26,7 @@ interface(`amtu_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/apt.if b/policy/modules/admin/apt.if
index 84668f1..e696b80 100644
--- a/policy/modules/admin/apt.if
+++ b/policy/modules/admin/apt.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -26,7 +26,7 @@ interface(`apt_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -71,8 +71,7 @@ interface(`apt_use_fds',`
## </summary>
## <param name="domain">
## <summary>
-## The type of the process attempting performing this action
-## which should not be audited.
+## Domain to not audit.
## </summary>
## </param>
#
diff --git a/policy/modules/admin/backup.if b/policy/modules/admin/backup.if
index c0b4205..1b3a4c5 100644
--- a/policy/modules/admin/backup.if
+++ b/policy/modules/admin/backup.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -25,7 +25,7 @@ interface(`backup_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/bootloader.if b/policy/modules/admin/bootloader.if
index da8b00b..de17569 100644
--- a/policy/modules/admin/bootloader.if
+++ b/policy/modules/admin/bootloader.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -25,7 +25,7 @@ interface(`bootloader_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/certwatch.if b/policy/modules/admin/certwatch.if
index 3f45dfe..26a3834 100644
--- a/policy/modules/admin/certwatch.if
+++ b/policy/modules/admin/certwatch.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -29,7 +29,7 @@ interface(`certwatch_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -57,7 +57,7 @@ interface(`certwatch_run',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/consoletype.if b/policy/modules/admin/consoletype.if
index daa6eb3..b0b47d4 100644
--- a/policy/modules/admin/consoletype.if
+++ b/policy/modules/admin/consoletype.if
@@ -8,7 +8,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -32,7 +32,7 @@ interface(`consoletype_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/ddcprobe.if b/policy/modules/admin/ddcprobe.if
index 1a43194..9868652 100644
--- a/policy/modules/admin/ddcprobe.if
+++ b/policy/modules/admin/ddcprobe.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -25,7 +25,7 @@ interface(`ddcprobe_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/dmesg.if b/policy/modules/admin/dmesg.if
index 4035397..e1973c7 100644
--- a/policy/modules/admin/dmesg.if
+++ b/policy/modules/admin/dmesg.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
diff --git a/policy/modules/admin/dmidecode.if b/policy/modules/admin/dmidecode.if
index 331ff4c..7264af0 100644
--- a/policy/modules/admin/dmidecode.if
+++ b/policy/modules/admin/dmidecode.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -30,7 +30,7 @@ interface(`dmidecode_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/dpkg.if b/policy/modules/admin/dpkg.if
index 633495b..9317171 100644
--- a/policy/modules/admin/dpkg.if
+++ b/policy/modules/admin/dpkg.if
@@ -8,7 +8,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -28,7 +28,7 @@ interface(`dpkg_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -50,7 +50,7 @@ interface(`dpkg_domtrans_script',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/firstboot.if b/policy/modules/admin/firstboot.if
index 83512c9..d391174 100644
--- a/policy/modules/admin/firstboot.if
+++ b/policy/modules/admin/firstboot.if
@@ -9,7 +9,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -28,7 +28,7 @@ interface(`firstboot_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/kismet.if b/policy/modules/admin/kismet.if
index b630279..fc1beda 100644
--- a/policy/modules/admin/kismet.if
+++ b/policy/modules/admin/kismet.if
@@ -26,7 +26,7 @@ interface(`kismet_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -188,7 +188,7 @@ interface(`kismet_read_log',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed to transition.
+## Domain allowed access.
## </summary>
## </param>
#
@@ -207,7 +207,7 @@ interface(`kismet_append_log',`
## </summary>
## <param name="domain">
## <summary>
-## Domain to not audit.
+## Domain allowed access.
## </summary>
## </param>
#
diff --git a/policy/modules/admin/kudzu.if b/policy/modules/admin/kudzu.if
index 1aeff55..b7370bb 100644
--- a/policy/modules/admin/kudzu.if
+++ b/policy/modules/admin/kudzu.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -25,7 +25,7 @@ interface(`kudzu_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/logrotate.if b/policy/modules/admin/logrotate.if
index b3aa19e..d82fcdc 100644
--- a/policy/modules/admin/logrotate.if
+++ b/policy/modules/admin/logrotate.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -25,7 +25,7 @@ interface(`logrotate_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -86,7 +86,7 @@ interface(`logrotate_use_fds',`
## </summary>
## <param name="domain">
## <summary>
-## Domain to not audit
+## Domain to not audit.
## </summary>
## </param>
#
@@ -104,7 +104,7 @@ interface(`logrotate_dontaudit_use_fds',`
## </summary>
## <param name="domain">
## <summary>
-## Domain to not audit
+## Domain allowed access.
## </summary>
## </param>
#
diff --git a/policy/modules/admin/netutils.if b/policy/modules/admin/netutils.if
index 0ab5f13..525bdd5 100644
--- a/policy/modules/admin/netutils.if
+++ b/policy/modules/admin/netutils.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -25,7 +25,7 @@ interface(`netutils_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -86,7 +86,7 @@ interface(`netutils_signal',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -141,7 +141,7 @@ interface(`netutils_signal_ping',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -167,7 +167,7 @@ interface(`netutils_run_ping',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -214,7 +214,7 @@ interface(`netutils_exec_ping',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -233,7 +233,7 @@ interface(`netutils_domtrans_traceroute',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -259,7 +259,7 @@ interface(`netutils_run_traceroute',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/portage.if b/policy/modules/admin/portage.if
index 35161b2..8aaa46d 100644
--- a/policy/modules/admin/portage.if
+++ b/policy/modules/admin/portage.if
@@ -9,7 +9,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -32,7 +32,7 @@ interface(`portage_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -203,7 +203,7 @@ interface(`portage_compile_domain',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -225,7 +225,7 @@ interface(`portage_domtrans_gcc_config',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -251,7 +251,7 @@ interface(`portage_run_gcc_config',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain to not audit.
## </summary>
## </param>
#
@@ -270,7 +270,7 @@ interface(`portage_dontaudit_search_tmp',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain to not audit.
## </summary>
## </param>
#
diff --git a/policy/modules/admin/prelink.if b/policy/modules/admin/prelink.if
index 89e8209..93ec175 100644
--- a/policy/modules/admin/prelink.if
+++ b/policy/modules/admin/prelink.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -49,7 +49,7 @@ interface(`prelink_exec',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/quota.if b/policy/modules/admin/quota.if
index d50f2f5..793ba70 100644
--- a/policy/modules/admin/quota.if
+++ b/policy/modules/admin/quota.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -25,7 +25,7 @@ interface(`quota_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -70,7 +70,7 @@ interface(`quota_dontaudit_getattr_db',`
## </summary>
## <param name="domain">
## <summary>
-## Domain to not audit.
+## Domain allowed access.
## </summary>
## </param>
#
diff --git a/policy/modules/admin/rpm.if b/policy/modules/admin/rpm.if
index 2514ed5..86463e3 100644
--- a/policy/modules/admin/rpm.if
+++ b/policy/modules/admin/rpm.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -26,7 +26,7 @@ interface(`rpm_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -47,7 +47,7 @@ interface(`rpm_debuginfo_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -69,7 +69,7 @@ interface(`rpm_domtrans_script',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -211,7 +211,7 @@ interface(`rpm_dbus_chat',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain to not audit.
## </summary>
## </param>
#
diff --git a/policy/modules/admin/shutdown.if b/policy/modules/admin/shutdown.if
index efb18c0..e1c295c 100644
--- a/policy/modules/admin/shutdown.if
+++ b/policy/modules/admin/shutdown.if
@@ -30,7 +30,7 @@ interface(`shutdown_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/tripwire.if b/policy/modules/admin/tripwire.if
index d23d02a..8bec1bc 100644
--- a/policy/modules/admin/tripwire.if
+++ b/policy/modules/admin/tripwire.if
@@ -19,7 +19,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -38,7 +38,7 @@ interface(`tripwire_domtrans_tripwire',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -63,7 +63,7 @@ interface(`tripwire_run_tripwire',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -82,7 +82,7 @@ interface(`tripwire_domtrans_twadmin',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -107,7 +107,7 @@ interface(`tripwire_run_twadmin',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -126,7 +126,7 @@ interface(`tripwire_domtrans_twprint',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -151,7 +151,7 @@ interface(`tripwire_run_twprint',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -170,7 +170,7 @@ interface(`tripwire_domtrans_siggen',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/tzdata.if b/policy/modules/admin/tzdata.if
index b873388..7747b16 100644
--- a/policy/modules/admin/tzdata.if
+++ b/policy/modules/admin/tzdata.if
@@ -24,7 +24,7 @@ interface(`tzdata_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/updfstab.if b/policy/modules/admin/updfstab.if
index 6a4f564..4d4b60e 100644
--- a/policy/modules/admin/updfstab.if
+++ b/policy/modules/admin/updfstab.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
diff --git a/policy/modules/admin/usbmodules.if b/policy/modules/admin/usbmodules.if
index d673f10..7962e2b 100644
--- a/policy/modules/admin/usbmodules.if
+++ b/policy/modules/admin/usbmodules.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -26,7 +26,7 @@ interface(`usbmodules_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/usermanage.if b/policy/modules/admin/usermanage.if
index 8702699..ca23168 100644
--- a/policy/modules/admin/usermanage.if
+++ b/policy/modules/admin/usermanage.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -31,7 +31,7 @@ interface(`usermanage_domtrans_chfn',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -55,7 +55,7 @@ interface(`usermanage_run_chfn',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -80,7 +80,7 @@ interface(`usermanage_domtrans_groupadd',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -109,7 +109,7 @@ interface(`usermanage_run_groupadd',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -152,7 +152,7 @@ interface(`usermanage_kill_passwd',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -178,7 +178,7 @@ interface(`usermanage_run_passwd',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -200,7 +200,7 @@ interface(`usermanage_domtrans_admin_passwd',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
@@ -229,7 +229,7 @@ interface(`usermanage_run_admin_passwd',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain to not audit.
## </summary>
## </param>
#
@@ -247,7 +247,7 @@ interface(`usermanage_dontaudit_use_useradd_fds',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -272,7 +272,7 @@ interface(`usermanage_domtrans_useradd',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/vbetool.if b/policy/modules/admin/vbetool.if
index 2dc9f53..f365a0d 100644
--- a/policy/modules/admin/vbetool.if
+++ b/policy/modules/admin/vbetool.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -26,7 +26,7 @@ interface(`vbetool_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
diff --git a/policy/modules/admin/vpn.if b/policy/modules/admin/vpn.if
index ccda6e4..d24ac85 100644
--- a/policy/modules/admin/vpn.if
+++ b/policy/modules/admin/vpn.if
@@ -6,7 +6,7 @@
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
#
@@ -25,7 +25,7 @@ interface(`vpn_domtrans',`
## </summary>
## <param name="domain">
## <summary>
-## Domain allowed access.
+## Domain allowed to transition.
## </summary>
## </param>
## <param name="role">
--
1.7.2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100803/4c4e393e/attachment-0001.bin