From: domg472@gmail.com (Dominick Grift)
Date: Tue, 3 Aug 2010 15:42:13 +0200
Subject: [refpolicy] [ admin layer patch 1/1] admin: domain { allowed to
 transition, allowed access, to not audit }.
Message-ID: <20100803134209.GA32496@localhost.localdomain>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Signed-off-by: Dominick Grift <domg472@gmail.com>
---
:100644 100644 d73c515... e66c296... M	policy/modules/admin/acct.if
:100644 100644 b4c78c7... fe09bea... M	policy/modules/admin/alsa.if
:100644 100644 d99f058... 00bdbe1... M	policy/modules/admin/amanda.if
:100644 100644 18e3bc6... 870fd88... M	policy/modules/admin/amtu.if
:100644 100644 84668f1... e696b80... M	policy/modules/admin/apt.if
:100644 100644 c0b4205... 1b3a4c5... M	policy/modules/admin/backup.if
:100644 100644 da8b00b... de17569... M	policy/modules/admin/bootloader.if
:100644 100644 3f45dfe... 26a3834... M	policy/modules/admin/certwatch.if
:100644 100644 daa6eb3... b0b47d4... M	policy/modules/admin/consoletype.if
:100644 100644 1a43194... 9868652... M	policy/modules/admin/ddcprobe.if
:100644 100644 4035397... e1973c7... M	policy/modules/admin/dmesg.if
:100644 100644 331ff4c... 7264af0... M	policy/modules/admin/dmidecode.if
:100644 100644 633495b... 9317171... M	policy/modules/admin/dpkg.if
:100644 100644 83512c9... d391174... M	policy/modules/admin/firstboot.if
:100644 100644 b630279... fc1beda... M	policy/modules/admin/kismet.if
:100644 100644 1aeff55... b7370bb... M	policy/modules/admin/kudzu.if
:100644 100644 b3aa19e... d82fcdc... M	policy/modules/admin/logrotate.if
:100644 100644 0ab5f13... 525bdd5... M	policy/modules/admin/netutils.if
:100644 100644 35161b2... 8aaa46d... M	policy/modules/admin/portage.if
:100644 100644 89e8209... 93ec175... M	policy/modules/admin/prelink.if
:100644 100644 d50f2f5... 793ba70... M	policy/modules/admin/quota.if
:100644 100644 2514ed5... 86463e3... M	policy/modules/admin/rpm.if
:100644 100644 efb18c0... e1c295c... M	policy/modules/admin/shutdown.if
:100644 100644 d23d02a... 8bec1bc... M	policy/modules/admin/tripwire.if
:100644 100644 b873388... 7747b16... M	policy/modules/admin/tzdata.if
:100644 100644 6a4f564... 4d4b60e... M	policy/modules/admin/updfstab.if
:100644 100644 d673f10... 7962e2b... M	policy/modules/admin/usbmodules.if
:100644 100644 8702699... ca23168... M	policy/modules/admin/usermanage.if
:100644 100644 2dc9f53... f365a0d... M	policy/modules/admin/vbetool.if
:100644 100644 ccda6e4... d24ac85... M	policy/modules/admin/vpn.if
 policy/modules/admin/acct.if        |    2 +-
 policy/modules/admin/alsa.if        |    2 +-
 policy/modules/admin/amanda.if      |    8 ++++----
 policy/modules/admin/amtu.if        |    4 ++--
 policy/modules/admin/apt.if         |    7 +++----
 policy/modules/admin/backup.if      |    4 ++--
 policy/modules/admin/bootloader.if  |    4 ++--
 policy/modules/admin/certwatch.if   |    6 +++---
 policy/modules/admin/consoletype.if |    4 ++--
 policy/modules/admin/ddcprobe.if    |    4 ++--
 policy/modules/admin/dmesg.if       |    2 +-
 policy/modules/admin/dmidecode.if   |    4 ++--
 policy/modules/admin/dpkg.if        |    6 +++---
 policy/modules/admin/firstboot.if   |    4 ++--
 policy/modules/admin/kismet.if      |    6 +++---
 policy/modules/admin/kudzu.if       |    4 ++--
 policy/modules/admin/logrotate.if   |    8 ++++----
 policy/modules/admin/netutils.if    |   16 ++++++++--------
 policy/modules/admin/portage.if     |   12 ++++++------
 policy/modules/admin/prelink.if     |    4 ++--
 policy/modules/admin/quota.if       |    6 +++---
 policy/modules/admin/rpm.if         |   10 +++++-----
 policy/modules/admin/shutdown.if    |    2 +-
 policy/modules/admin/tripwire.if    |   16 ++++++++--------
 policy/modules/admin/tzdata.if      |    2 +-
 policy/modules/admin/updfstab.if    |    2 +-
 policy/modules/admin/usbmodules.if  |    4 ++--
 policy/modules/admin/usermanage.if  |   22 +++++++++++-----------
 policy/modules/admin/vbetool.if     |    4 ++--
 policy/modules/admin/vpn.if         |    4 ++--
 30 files changed, 91 insertions(+), 92 deletions(-)

diff --git a/policy/modules/admin/acct.if b/policy/modules/admin/acct.if
index d73c515..e66c296 100644
--- a/policy/modules/admin/acct.if
+++ b/policy/modules/admin/acct.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/admin/alsa.if b/policy/modules/admin/alsa.if
index b4c78c7..fe09bea 100644
--- a/policy/modules/admin/alsa.if
+++ b/policy/modules/admin/alsa.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/admin/amanda.if b/policy/modules/admin/amanda.if
index d99f058..00bdbe1 100644
--- a/policy/modules/admin/amanda.if
+++ b/policy/modules/admin/amanda.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`amanda_domtrans_recover',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -87,7 +87,7 @@ interface(`amanda_dontaudit_read_dumpdates',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain to allow
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -124,7 +124,7 @@ interface(`amanda_manage_lib',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain to allow
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/admin/amtu.if b/policy/modules/admin/amtu.if
index 18e3bc6..870fd88 100644
--- a/policy/modules/admin/amtu.if
+++ b/policy/modules/admin/amtu.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`amtu_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/apt.if b/policy/modules/admin/apt.if
index 84668f1..e696b80 100644
--- a/policy/modules/admin/apt.if
+++ b/policy/modules/admin/apt.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`apt_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -71,8 +71,7 @@ interface(`apt_use_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process attempting performing this action
-##	which should not be audited.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/admin/backup.if b/policy/modules/admin/backup.if
index c0b4205..1b3a4c5 100644
--- a/policy/modules/admin/backup.if
+++ b/policy/modules/admin/backup.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`backup_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/bootloader.if b/policy/modules/admin/bootloader.if
index da8b00b..de17569 100644
--- a/policy/modules/admin/bootloader.if
+++ b/policy/modules/admin/bootloader.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`bootloader_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/certwatch.if b/policy/modules/admin/certwatch.if
index 3f45dfe..26a3834 100644
--- a/policy/modules/admin/certwatch.if
+++ b/policy/modules/admin/certwatch.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -29,7 +29,7 @@ interface(`certwatch_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -57,7 +57,7 @@ interface(`certwatch_run',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/consoletype.if b/policy/modules/admin/consoletype.if
index daa6eb3..b0b47d4 100644
--- a/policy/modules/admin/consoletype.if
+++ b/policy/modules/admin/consoletype.if
@@ -8,7 +8,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -32,7 +32,7 @@ interface(`consoletype_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/ddcprobe.if b/policy/modules/admin/ddcprobe.if
index 1a43194..9868652 100644
--- a/policy/modules/admin/ddcprobe.if
+++ b/policy/modules/admin/ddcprobe.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`ddcprobe_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/dmesg.if b/policy/modules/admin/dmesg.if
index 4035397..e1973c7 100644
--- a/policy/modules/admin/dmesg.if
+++ b/policy/modules/admin/dmesg.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/admin/dmidecode.if b/policy/modules/admin/dmidecode.if
index 331ff4c..7264af0 100644
--- a/policy/modules/admin/dmidecode.if
+++ b/policy/modules/admin/dmidecode.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -30,7 +30,7 @@ interface(`dmidecode_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/dpkg.if b/policy/modules/admin/dpkg.if
index 633495b..9317171 100644
--- a/policy/modules/admin/dpkg.if
+++ b/policy/modules/admin/dpkg.if
@@ -8,7 +8,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -28,7 +28,7 @@ interface(`dpkg_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -50,7 +50,7 @@ interface(`dpkg_domtrans_script',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/firstboot.if b/policy/modules/admin/firstboot.if
index 83512c9..d391174 100644
--- a/policy/modules/admin/firstboot.if
+++ b/policy/modules/admin/firstboot.if
@@ -9,7 +9,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -28,7 +28,7 @@ interface(`firstboot_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/kismet.if b/policy/modules/admin/kismet.if
index b630279..fc1beda 100644
--- a/policy/modules/admin/kismet.if
+++ b/policy/modules/admin/kismet.if
@@ -26,7 +26,7 @@ interface(`kismet_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -188,7 +188,7 @@ interface(`kismet_read_log',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed to transition.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -207,7 +207,7 @@ interface(`kismet_append_log',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain to not audit.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/admin/kudzu.if b/policy/modules/admin/kudzu.if
index 1aeff55..b7370bb 100644
--- a/policy/modules/admin/kudzu.if
+++ b/policy/modules/admin/kudzu.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`kudzu_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/logrotate.if b/policy/modules/admin/logrotate.if
index b3aa19e..d82fcdc 100644
--- a/policy/modules/admin/logrotate.if
+++ b/policy/modules/admin/logrotate.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`logrotate_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -86,7 +86,7 @@ interface(`logrotate_use_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain to not audit
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -104,7 +104,7 @@ interface(`logrotate_dontaudit_use_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain to not audit
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/admin/netutils.if b/policy/modules/admin/netutils.if
index 0ab5f13..525bdd5 100644
--- a/policy/modules/admin/netutils.if
+++ b/policy/modules/admin/netutils.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`netutils_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -86,7 +86,7 @@ interface(`netutils_signal',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -141,7 +141,7 @@ interface(`netutils_signal_ping',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -167,7 +167,7 @@ interface(`netutils_run_ping',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -214,7 +214,7 @@ interface(`netutils_exec_ping',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -233,7 +233,7 @@ interface(`netutils_domtrans_traceroute',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -259,7 +259,7 @@ interface(`netutils_run_traceroute',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/portage.if b/policy/modules/admin/portage.if
index 35161b2..8aaa46d 100644
--- a/policy/modules/admin/portage.if
+++ b/policy/modules/admin/portage.if
@@ -9,7 +9,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -32,7 +32,7 @@ interface(`portage_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -203,7 +203,7 @@ interface(`portage_compile_domain',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -225,7 +225,7 @@ interface(`portage_domtrans_gcc_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -251,7 +251,7 @@ interface(`portage_run_gcc_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -270,7 +270,7 @@ interface(`portage_dontaudit_search_tmp',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/admin/prelink.if b/policy/modules/admin/prelink.if
index 89e8209..93ec175 100644
--- a/policy/modules/admin/prelink.if
+++ b/policy/modules/admin/prelink.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -49,7 +49,7 @@ interface(`prelink_exec',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/quota.if b/policy/modules/admin/quota.if
index d50f2f5..793ba70 100644
--- a/policy/modules/admin/quota.if
+++ b/policy/modules/admin/quota.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`quota_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -70,7 +70,7 @@ interface(`quota_dontaudit_getattr_db',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain to not audit.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/admin/rpm.if b/policy/modules/admin/rpm.if
index 2514ed5..86463e3 100644
--- a/policy/modules/admin/rpm.if
+++ b/policy/modules/admin/rpm.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`rpm_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -47,7 +47,7 @@ interface(`rpm_debuginfo_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -69,7 +69,7 @@ interface(`rpm_domtrans_script',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -211,7 +211,7 @@ interface(`rpm_dbus_chat',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/admin/shutdown.if b/policy/modules/admin/shutdown.if
index efb18c0..e1c295c 100644
--- a/policy/modules/admin/shutdown.if
+++ b/policy/modules/admin/shutdown.if
@@ -30,7 +30,7 @@ interface(`shutdown_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/tripwire.if b/policy/modules/admin/tripwire.if
index d23d02a..8bec1bc 100644
--- a/policy/modules/admin/tripwire.if
+++ b/policy/modules/admin/tripwire.if
@@ -19,7 +19,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -38,7 +38,7 @@ interface(`tripwire_domtrans_tripwire',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -63,7 +63,7 @@ interface(`tripwire_run_tripwire',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -82,7 +82,7 @@ interface(`tripwire_domtrans_twadmin',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -107,7 +107,7 @@ interface(`tripwire_run_twadmin',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -126,7 +126,7 @@ interface(`tripwire_domtrans_twprint',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -151,7 +151,7 @@ interface(`tripwire_run_twprint',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -170,7 +170,7 @@ interface(`tripwire_domtrans_siggen',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/tzdata.if b/policy/modules/admin/tzdata.if
index b873388..7747b16 100644
--- a/policy/modules/admin/tzdata.if
+++ b/policy/modules/admin/tzdata.if
@@ -24,7 +24,7 @@ interface(`tzdata_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/updfstab.if b/policy/modules/admin/updfstab.if
index 6a4f564..4d4b60e 100644
--- a/policy/modules/admin/updfstab.if
+++ b/policy/modules/admin/updfstab.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/admin/usbmodules.if b/policy/modules/admin/usbmodules.if
index d673f10..7962e2b 100644
--- a/policy/modules/admin/usbmodules.if
+++ b/policy/modules/admin/usbmodules.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`usbmodules_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/usermanage.if b/policy/modules/admin/usermanage.if
index 8702699..ca23168 100644
--- a/policy/modules/admin/usermanage.if
+++ b/policy/modules/admin/usermanage.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -31,7 +31,7 @@ interface(`usermanage_domtrans_chfn',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -55,7 +55,7 @@ interface(`usermanage_run_chfn',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -80,7 +80,7 @@ interface(`usermanage_domtrans_groupadd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -109,7 +109,7 @@ interface(`usermanage_run_groupadd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -152,7 +152,7 @@ interface(`usermanage_kill_passwd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -178,7 +178,7 @@ interface(`usermanage_run_passwd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -200,7 +200,7 @@ interface(`usermanage_domtrans_admin_passwd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -229,7 +229,7 @@ interface(`usermanage_run_admin_passwd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -247,7 +247,7 @@ interface(`usermanage_dontaudit_use_useradd_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -272,7 +272,7 @@ interface(`usermanage_domtrans_useradd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/vbetool.if b/policy/modules/admin/vbetool.if
index 2dc9f53..f365a0d 100644
--- a/policy/modules/admin/vbetool.if
+++ b/policy/modules/admin/vbetool.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`vbetool_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/admin/vpn.if b/policy/modules/admin/vpn.if
index ccda6e4..d24ac85 100644
--- a/policy/modules/admin/vpn.if
+++ b/policy/modules/admin/vpn.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`vpn_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
-- 
1.7.2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100803/4c4e393e/attachment-0001.bin