From: domg472@gmail.com (Dominick Grift)
Date: Wed, 3 Mar 2010 17:08:44 +0100
Subject: [refpolicy] [ userdomain patch 1/1] Fix various interfaces to use
 permission sets for compatiblity with open permission.
Message-ID: <20100303160816.GA22737@localhost.localdomain>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Signed-off-by: Dominick Grift <domg472@gmail.com>
---
:100644 100644 b18abce... 7e541ef... M	policy/modules/system/userdomain.if
 policy/modules/system/userdomain.if |   20 ++++++++++----------
 1 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index b18abce..7e541ef 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -1313,7 +1313,7 @@ interface(`userdom_setattr_user_ptys',`
 		type user_devpts_t;
 	')
 
-	allow $1 user_devpts_t:chr_file setattr;
+	allow $1 user_devpts_t:chr_file setattr_chr_file_perms;
 ')
 
 ########################################
@@ -1655,7 +1655,7 @@ interface(`userdom_dontaudit_setattr_user_home_content_files',`
 		type user_home_t;
 	')
 
-	dontaudit $1 user_home_t:file setattr;
+	dontaudit $1 user_home_t:file setattr_file_perms;
 ')
 
 ########################################
@@ -1730,7 +1730,7 @@ interface(`userdom_dontaudit_append_user_home_content_files',`
 		type user_home_t;
 	')
 
-	dontaudit $1 user_home_t:file append;
+	dontaudit $1 user_home_t:file append_file_perms;
 ')
 
 ########################################
@@ -1748,7 +1748,7 @@ interface(`userdom_dontaudit_write_user_home_content_files',`
 		type user_home_t;
 	')
 
-	dontaudit $1 user_home_t:file write;
+	dontaudit $1 user_home_t:file write_file_perms;
 ')
 
 ########################################
@@ -1849,7 +1849,7 @@ interface(`userdom_dontaudit_exec_user_home_content_files',`
 		type user_home_t;
 	')
 
-	dontaudit $1 user_home_t:file execute;
+	dontaudit $1 user_home_t:file exec_file_perms;
 ')
 
 ########################################
@@ -2193,7 +2193,7 @@ interface(`userdom_dontaudit_append_user_tmp_files',`
 		type user_tmp_t;
 	')
 
-	dontaudit $1 user_tmp_t:file append;
+	dontaudit $1 user_tmp_t:file append_file_perms;
 ')
 
 ########################################
@@ -2467,7 +2467,7 @@ interface(`userdom_getattr_user_ttys',`
 		type user_tty_device_t;
 	')
 
-	allow $1 user_tty_device_t:chr_file getattr;
+	allow $1 user_tty_device_t:chr_file getattr_chr_file_perms;
 ')
 
 ########################################
@@ -2485,7 +2485,7 @@ interface(`userdom_dontaudit_getattr_user_ttys',`
 		type user_tty_device_t;
 	')
 
-	dontaudit $1 user_tty_device_t:chr_file getattr;
+	dontaudit $1 user_tty_device_t:chr_file getattr_chr_file_perms;
 ')
 
 ########################################
@@ -2503,7 +2503,7 @@ interface(`userdom_setattr_user_ttys',`
 		type user_tty_device_t;
 	')
 
-	allow $1 user_tty_device_t:chr_file setattr;
+	allow $1 user_tty_device_t:chr_file setattr_chr_file_perms;
 ')
 
 ########################################
@@ -2521,7 +2521,7 @@ interface(`userdom_dontaudit_setattr_user_ttys',`
 		type user_tty_device_t;
 	')
 
-	dontaudit $1 user_tty_device_t:chr_file setattr;
+	dontaudit $1 user_tty_device_t:chr_file setattr_chr_file_perms;
 ')
 
 ########################################
-- 
1.6.6.1

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100303/55c5961d/attachment.bin