From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Mon, 19 Jul 2010 13:36:46 -0400
Subject: [refpolicy] [ userdom_user_tmp_content patch 1/1] Create
 userdom_user_tmp_content,
 and replace existing user tmp content type declarations by it.
In-Reply-To: <4C3B6C6E.80601@gmail.com>
References: <20100709143453.GA9716@localhost.localdomain>
	<4C3B5A49.6030004@tresys.com> <4C3B6C6E.80601@gmail.com>
Message-ID: <4C448D2E.1020503@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 07/12/10 15:26, Dominick Grift wrote:
> On 07/12/2010 08:09 PM, Christopher J. PeBenito wrote:
> <snip>
>>>
>>>    ########################################
>>>    ##<summary>
>>> +##    Make the specified type usable user
>>> +##    temporary content.
>>> +##</summary>
>>> +##<param name="domain">
>>> +##<summary>
>>> +##    Domain using the user temporary
>>> +##    content.
>>> +##</summary>
>>> +##</param>
>>> +##<param name="file_type">
>>> +##<summary>
>>> +##    Type to be used for user temporary
>>> +##    content.
>>> +##</summary>
>>> +##</param>
>>> +#
>>> +interface(`userdom_user_tmp_content',`
>>> +    files_tmp_file($2)
>>> +    files_poly_member_tmp($1, $2)
>>> +    ubac_constrained($2)
>>> +')
>>
>> Why do we have files_poly_member_tmp()?  I didn't see any places where
>> it was removed above.
>
> I guess there aren't any in refpolicy (except userdom_manage_tmp_role).
> Does that mean there should not be any?

Since we're just starting this change, I'd like not to add anything yet. 
  So since the files_poly_member_tmp() isn't used commonly it shouldn't 
be added to userdom_user_tmp_content().

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com