From: domg472@gmail.com (Dominick Grift)
Date: Wed, 4 Aug 2010 11:22:55 +0200
Subject: [refpolicy] [ system layer patch 1/1] system: domain { allowed to
 transition, allowed access, to not audit }.
Message-ID: <20100804092250.GA15656@localhost.localdomain>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Signed-off-by: Dominick Grift <domg472@gmail.com>
---
:100644 100644 54b9826... 7fddc24... M	policy/modules/system/authlogin.if
:100644 100644 4cf09f6... 31853d4... M	policy/modules/system/clock.if
:100644 100644 feef778... 89cc088... M	policy/modules/system/daemontools.if
:100644 100644 1c51b4b... 6bc7ca0... M	policy/modules/system/fstools.if
:100644 100644 b2b003d... e4376aa... M	policy/modules/system/getty.if
:100644 100644 8fdea3b... 1ef2854... M	policy/modules/system/hostname.if
:100644 100644 321d2e6... 40eb10c... M	policy/modules/system/hotplug.if
:100644 100644 59f9068... f6aafe7... M	policy/modules/system/init.if
:100644 100644 e0f0224... ce48e44... M	policy/modules/system/ipsec.if
:100644 100644 6aca04d... 34335ce... M	policy/modules/system/iptables.if
:100644 100644 88e3b32... 663a47b... M	policy/modules/system/iscsi.if
:100644 100644 19e65b8... 4198ff5... M	policy/modules/system/kdump.if
:100644 100644 33ffdb6... d97d16d... M	policy/modules/system/libraries.if
:100644 100644 37292fd... 0e3c2a9... M	policy/modules/system/locallogin.if
:100644 100644 fa5684a... 07af21c... M	policy/modules/system/logging.if
:100644 100644 779cc29... 58bc27f... M	policy/modules/system/lvm.if
:100644 100644 a70ed72... 17de283... M	policy/modules/system/miscfiles.if
:100644 100644 e1057e3... 6075331... M	policy/modules/system/modutils.if
:100644 100644 d7e78ad... 66caf37... M	policy/modules/system/mount.if
:100644 100644 b37cd5b... 5dccc0a... M	policy/modules/system/netlabel.if
:100644 100644 ac2b18b... fa701e9... M	policy/modules/system/pcmcia.if
:100644 100644 b3c7bfb... c817fda... M	policy/modules/system/raid.if
:100644 100644 d37974c... 9b75ca1... M	policy/modules/system/selinuxutil.if
:100644 100644 8de660e... efa9c27... M	policy/modules/system/setrans.if
:100644 100644 938f800... e1f9e5f... M	policy/modules/system/sysnetwork.if
:100644 100644 bfc4c75... 025348a... M	policy/modules/system/udev.if
:100644 100644 c11cb30... 416e668... M	policy/modules/system/unconfined.if
:100644 100644 fafdd3d... 42ef0e1... M	policy/modules/system/userdomain.if
:100644 100644 086e8c6... 77d41b6... M	policy/modules/system/xen.if
 policy/modules/system/authlogin.if   |   40 +++++++++++++++++-----------------
 policy/modules/system/clock.if       |    6 ++--
 policy/modules/system/daemontools.if |    8 +++---
 policy/modules/system/fstools.if     |   12 +++++-----
 policy/modules/system/getty.if       |    2 +-
 policy/modules/system/hostname.if    |    4 +-
 policy/modules/system/hotplug.if     |    4 +-
 policy/modules/system/init.if        |   34 ++++++++++++++--------------
 policy/modules/system/ipsec.if       |   22 +++++++++---------
 policy/modules/system/iptables.if    |    8 +++---
 policy/modules/system/iscsi.if       |    2 +-
 policy/modules/system/kdump.if       |    4 +-
 policy/modules/system/libraries.if   |    6 ++--
 policy/modules/system/locallogin.if  |    6 ++--
 policy/modules/system/logging.if     |   22 +++++++++---------
 policy/modules/system/lvm.if         |    8 +++---
 policy/modules/system/miscfiles.if   |   10 ++++----
 policy/modules/system/modutils.if    |   14 ++++++------
 policy/modules/system/mount.if       |   10 ++++----
 policy/modules/system/netlabel.if    |    4 +-
 policy/modules/system/pcmcia.if      |    6 ++--
 policy/modules/system/raid.if        |    4 +-
 policy/modules/system/selinuxutil.if |   36 +++++++++++++++---------------
 policy/modules/system/setrans.if     |    2 +-
 policy/modules/system/sysnetwork.if  |   32 +++++++++++++-------------
 policy/modules/system/udev.if        |    6 ++--
 policy/modules/system/unconfined.if  |    8 +++---
 policy/modules/system/userdomain.if  |   32 +++++++++++++-------------
 policy/modules/system/xen.if         |    6 ++--
 29 files changed, 179 insertions(+), 179 deletions(-)

diff --git a/policy/modules/system/authlogin.if b/policy/modules/system/authlogin.if
index 54b9826..7fddc24 100644
--- a/policy/modules/system/authlogin.if
+++ b/policy/modules/system/authlogin.if
@@ -162,7 +162,7 @@ interface(`auth_login_pgm_domain',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of process using the login program as entry point.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -180,7 +180,7 @@ interface(`auth_login_entry_type',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="target_domain">
@@ -205,7 +205,7 @@ interface(`auth_domtrans_login_program',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="target_domain">
@@ -332,7 +332,7 @@ interface(`auth_var_filetrans_cache',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -381,7 +381,7 @@ interface(`auth_domtrans_chk_passwd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -402,7 +402,7 @@ interface(`auth_domtrans_chkpwd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -446,7 +446,7 @@ interface(`auth_domtrans_upd_passwd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -582,7 +582,7 @@ interface(`auth_tunable_read_shadow',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the domain to not audit.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -800,7 +800,7 @@ interface(`auth_rw_lastlog',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -836,7 +836,7 @@ interface(`auth_signal_pam',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -978,7 +978,7 @@ interface(`auth_manage_pam_pid',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -1098,7 +1098,7 @@ interface(`auth_delete_pam_console_data',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the domain perfoming this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="exception_types" optional="true">
@@ -1123,7 +1123,7 @@ interface(`auth_read_all_dirs_except_shadow',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the domain perfoming this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="exception_types" optional="true">
@@ -1149,7 +1149,7 @@ interface(`auth_read_all_files_except_shadow',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the domain perfoming this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="exception_types" optional="true">
@@ -1174,7 +1174,7 @@ interface(`auth_read_all_symlinks_except_shadow',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the domain perfoming this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="exception_types" optional="true">
@@ -1200,7 +1200,7 @@ interface(`auth_relabel_all_files_except_shadow',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the domain perfoming this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="exception_types" optional="true">
@@ -1226,7 +1226,7 @@ interface(`auth_rw_all_files_except_shadow',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the domain perfoming this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="exception_types" optional="true">
@@ -1251,7 +1251,7 @@ interface(`auth_manage_all_files_except_shadow',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -1269,7 +1269,7 @@ interface(`auth_domtrans_utempter',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -1351,7 +1351,7 @@ interface(`auth_read_login_records',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 ## <rolecap/>
diff --git a/policy/modules/system/clock.if b/policy/modules/system/clock.if
index 4cf09f6..31853d4 100644
--- a/policy/modules/system/clock.if
+++ b/policy/modules/system/clock.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`clock_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -50,7 +50,7 @@ interface(`clock_run',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-## 	The type of the process performing this action.
+## 	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/daemontools.if b/policy/modules/system/daemontools.if
index feef778..89cc088 100644
--- a/policy/modules/system/daemontools.if
+++ b/policy/modules/system/daemontools.if
@@ -11,7 +11,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access to svc_start_t.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -59,7 +59,7 @@ interface(`daemontools_service_domain',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -77,7 +77,7 @@ interface(`daemontools_domtrans_start',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -95,7 +95,7 @@ interface(`daemontools_domtrans_run',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/fstools.if b/policy/modules/system/fstools.if
index 1c51b4b..6bc7ca0 100644
--- a/policy/modules/system/fstools.if
+++ b/policy/modules/system/fstools.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`fstools_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -51,7 +51,7 @@ interface(`fstools_run',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -106,7 +106,7 @@ interface(`fstools_read_pipes',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -125,7 +125,7 @@ interface(`fstools_relabelto_entry_files',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -143,7 +143,7 @@ interface(`fstools_manage_entry_files',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/getty.if b/policy/modules/system/getty.if
index b2b003d..e4376aa 100644
--- a/policy/modules/system/getty.if
+++ b/policy/modules/system/getty.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/hostname.if b/policy/modules/system/hostname.if
index 8fdea3b..1ef2854 100644
--- a/policy/modules/system/hostname.if
+++ b/policy/modules/system/hostname.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`hostname_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/system/hotplug.if b/policy/modules/system/hotplug.if
index 321d2e6..40eb10c 100644
--- a/policy/modules/system/hotplug.if
+++ b/policy/modules/system/hotplug.if
@@ -9,7 +9,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -139,7 +139,7 @@ interface(`hotplug_search_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
diff --git a/policy/modules/system/init.if b/policy/modules/system/init.if
index 59f9068..f6aafe7 100644
--- a/policy/modules/system/init.if
+++ b/policy/modules/system/init.if
@@ -420,7 +420,7 @@ interface(`init_ranged_system_domain',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -571,7 +571,7 @@ interface(`init_use_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -730,7 +730,7 @@ interface(`init_dontaudit_rw_initctl',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain for which init scripts are an entrypoint.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 # cjp: added for gentoo integrated run_init
@@ -748,7 +748,7 @@ interface(`init_script_file_entry_type',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -775,7 +775,7 @@ interface(`init_spec_domtrans_script',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -812,7 +812,7 @@ interface(`init_domtrans_script',`
 ## </desc>
 ## <param name="source_domain">
 ##	<summary>
-##	Domain to transition from.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="target_domain">
@@ -837,7 +837,7 @@ interface(`init_script_file_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="init_script_file">
@@ -862,7 +862,7 @@ interface(`init_labeled_script_domtrans',`
 ## </summary>
 ## <param name="domain">
 ## 	<summary>
-##		Domain allowed access
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -1064,7 +1064,7 @@ interface(`init_read_all_script_files',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1144,7 +1144,7 @@ interface(`init_use_script_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1305,7 +1305,7 @@ interface(`init_rw_script_stream_sockets',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1429,7 +1429,7 @@ interface(`init_getattr_script_status_files',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1553,7 +1553,7 @@ interface(`init_read_utmp',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1591,7 +1591,7 @@ interface(`init_write_utmp',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1628,7 +1628,7 @@ interface(`init_rw_utmp',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1646,7 +1646,7 @@ interface(`init_dontaudit_rw_utmp',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain access allowed.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -1666,7 +1666,7 @@ interface(`init_manage_utmp',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain access allowed.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/ipsec.if b/policy/modules/system/ipsec.if
index e0f0224..ce48e44 100644
--- a/policy/modules/system/ipsec.if
+++ b/policy/modules/system/ipsec.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -24,7 +24,7 @@ interface(`ipsec_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -43,7 +43,7 @@ interface(`ipsec_stream_connect',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -62,7 +62,7 @@ interface(`ipsec_stream_connect_racoon',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -80,7 +80,7 @@ interface(`ipsec_getattr_key_sockets',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -98,7 +98,7 @@ interface(`ipsec_exec_mgmt',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -175,7 +175,7 @@ interface(`ipsec_write_pid',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -194,7 +194,7 @@ interface(`ipsec_manage_pid',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -212,7 +212,7 @@ interface(`ipsec_domtrans_racoon',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -237,7 +237,7 @@ interface(`ipsec_run_racoon',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -255,7 +255,7 @@ interface(`ipsec_domtrans_setkey',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/system/iptables.if b/policy/modules/system/iptables.if
index 6aca04d..34335ce 100644
--- a/policy/modules/system/iptables.if
+++ b/policy/modules/system/iptables.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`iptables_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -76,7 +76,7 @@ interface(`iptables_exec',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -134,7 +134,7 @@ interface(`iptables_read_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/iscsi.if b/policy/modules/system/iscsi.if
index 88e3b32..663a47b 100644
--- a/policy/modules/system/iscsi.if
+++ b/policy/modules/system/iscsi.if
@@ -24,7 +24,7 @@ interface(`iscsid_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/kdump.if b/policy/modules/system/kdump.if
index 19e65b8..4198ff5 100644
--- a/policy/modules/system/kdump.if
+++ b/policy/modules/system/kdump.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`kdump_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/libraries.if b/policy/modules/system/libraries.if
index 33ffdb6..d97d16d 100644
--- a/policy/modules/system/libraries.if
+++ b/policy/modules/system/libraries.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`libs_domtrans_ldconfig',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -201,7 +201,7 @@ interface(`libs_search_lib',`
 ## </desc>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/locallogin.if b/policy/modules/system/locallogin.if
index 37292fd..0e3c2a9 100644
--- a/policy/modules/system/locallogin.if
+++ b/policy/modules/system/locallogin.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -28,7 +28,7 @@ interface(`locallogin_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -118,7 +118,7 @@ interface(`locallogin_link_keys',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/logging.if b/policy/modules/system/logging.if
index fa5684a..07af21c 100644
--- a/policy/modules/system/logging.if
+++ b/policy/modules/system/logging.if
@@ -70,7 +70,7 @@ interface(`logging_send_audit_msgs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -150,7 +150,7 @@ interface(`logging_read_audit_log',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -169,7 +169,7 @@ interface(`logging_domtrans_auditctl',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -194,7 +194,7 @@ interface(`logging_run_auditctl',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -213,7 +213,7 @@ interface(`logging_domtrans_auditd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -270,7 +270,7 @@ interface(`logging_domtrans_dispatcher',`
 ## </summary>
 ## <param name="domain">
 ## <summary>
-##	Domain allowed to transition.
+##	Domain allowed access.
 ## </summary>
 ## </param>
 #
@@ -382,7 +382,7 @@ interface(`logging_manage_audit_log',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -421,7 +421,7 @@ interface(`logging_check_exec_syslog',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -570,7 +570,7 @@ interface(`logging_read_audit_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -686,7 +686,7 @@ interface(`logging_rw_generic_log_dirs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -848,7 +848,7 @@ interface(`logging_write_generic_logs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/lvm.if b/policy/modules/system/lvm.if
index 779cc29..58bc27f 100644
--- a/policy/modules/system/lvm.if
+++ b/policy/modules/system/lvm.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`lvm_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -44,7 +44,7 @@ interface(`lvm_exec',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -69,7 +69,7 @@ interface(`lvm_run',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
diff --git a/policy/modules/system/miscfiles.if b/policy/modules/system/miscfiles.if
index a70ed72..17de283 100644
--- a/policy/modules/system/miscfiles.if
+++ b/policy/modules/system/miscfiles.if
@@ -115,7 +115,7 @@ interface(`miscfiles_setattr_fonts_dirs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -134,7 +134,7 @@ interface(`miscfiles_dontaudit_setattr_fonts_dirs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -198,7 +198,7 @@ interface(`miscfiles_setattr_fonts_cache_dirs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -374,7 +374,7 @@ interface(`miscfiles_legacy_read_localization',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain to not audit.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -573,7 +573,7 @@ interface(`miscfiles_exec_tetex_data',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain to be entered.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/modutils.if b/policy/modules/system/modutils.if
index e1057e3..6075331 100644
--- a/policy/modules/system/modutils.if
+++ b/policy/modules/system/modutils.if
@@ -126,7 +126,7 @@ interface(`modutils_manage_module_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -147,7 +147,7 @@ interface(`modutils_domtrans_insmod_uncond',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -170,7 +170,7 @@ interface(`modutils_domtrans_insmod',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -214,7 +214,7 @@ interface(`modutils_exec_insmod',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -233,7 +233,7 @@ interface(`modutils_domtrans_depmod',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -277,7 +277,7 @@ interface(`modutils_exec_depmod',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -296,7 +296,7 @@ interface(`modutils_domtrans_update_mods',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/system/mount.if b/policy/modules/system/mount.if
index d7e78ad..66caf37 100644
--- a/policy/modules/system/mount.if
+++ b/policy/modules/system/mount.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`mount_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -55,7 +55,7 @@ interface(`mount_run',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -139,7 +139,7 @@ interface(`mount_send_nfs_client_request',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -159,7 +159,7 @@ interface(`mount_domtrans_unconfined',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/system/netlabel.if b/policy/modules/system/netlabel.if
index b37cd5b..5dccc0a 100644
--- a/policy/modules/system/netlabel.if
+++ b/policy/modules/system/netlabel.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`netlabel_domtrans_mgmt',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/system/pcmcia.if b/policy/modules/system/pcmcia.if
index ac2b18b..fa701e9 100644
--- a/policy/modules/system/pcmcia.if
+++ b/policy/modules/system/pcmcia.if
@@ -22,7 +22,7 @@ interface(`pcmcia_stub',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -58,7 +58,7 @@ interface(`pcmcia_use_cardmgr_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -77,7 +77,7 @@ interface(`pcmcia_domtrans_cardctl',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/system/raid.if b/policy/modules/system/raid.if
index b3c7bfb..c817fda 100644
--- a/policy/modules/system/raid.if
+++ b/policy/modules/system/raid.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -33,7 +33,7 @@ interface(`raid_domtrans_mdadm',`
 ## </desc>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/selinuxutil.if b/policy/modules/system/selinuxutil.if
index d37974c..9b75ca1 100644
--- a/policy/modules/system/selinuxutil.if
+++ b/policy/modules/system/selinuxutil.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -28,7 +28,7 @@ interface(`seutil_domtrans_checkpolicy',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -74,7 +74,7 @@ interface(`seutil_exec_checkpolicy',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -95,7 +95,7 @@ interface(`seutil_domtrans_loadpolicy',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -158,7 +158,7 @@ interface(`seutil_read_loadpolicy',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -180,7 +180,7 @@ interface(`seutil_domtrans_newrole',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -228,7 +228,7 @@ interface(`seutil_exec_newrole',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -311,7 +311,7 @@ interface(`seutil_dontaudit_use_newrole_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -328,7 +328,7 @@ interface(`seutil_domtrans_restorecon',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -365,7 +365,7 @@ interface(`seutil_exec_restorecon',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -391,7 +391,7 @@ interface(`seutil_domtrans_runinit',`
 ## </desc>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -415,7 +415,7 @@ interface(`seutil_init_script_domtrans_runinit',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -456,7 +456,7 @@ interface(`seutil_run_runinit',`
 ## </desc>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -502,7 +502,7 @@ interface(`seutil_use_runinit_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -524,7 +524,7 @@ interface(`seutil_domtrans_setfiles',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -803,7 +803,7 @@ interface(`seutil_read_file_contexts',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -1015,7 +1015,7 @@ interface(`seutil_domtrans_semanage',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -1141,7 +1141,7 @@ interface(`seutil_libselinux_linked',`
 ## </desc>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/setrans.if b/policy/modules/system/setrans.if
index 8de660e..efa9c27 100644
--- a/policy/modules/system/setrans.if
+++ b/policy/modules/system/setrans.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/sysnetwork.if b/policy/modules/system/sysnetwork.if
index 938f800..e1f9e5f 100644
--- a/policy/modules/system/sysnetwork.if
+++ b/policy/modules/system/sysnetwork.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`sysnet_domtrans_dhcpc',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -69,7 +69,7 @@ interface(`sysnet_run_dhcpc',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain sending the SIGCHLD.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -87,7 +87,7 @@ interface(`sysnet_dontaudit_use_dhcpc_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain sending the SIGCHLD.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -105,7 +105,7 @@ interface(`sysnet_sigchld_dhcpc',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain sending the SIGKILL.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -124,7 +124,7 @@ interface(`sysnet_kill_dhcpc',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain sending the SIGSTOP.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -142,7 +142,7 @@ interface(`sysnet_sigstop_dhcpc',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain sending the null signal.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -160,7 +160,7 @@ interface(`sysnet_signull_dhcpc',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain sending the signal.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -200,7 +200,7 @@ interface(`sysnet_dbus_chat_dhcpc',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -219,7 +219,7 @@ interface(`sysnet_rw_dhcp_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -376,7 +376,7 @@ interface(`sysnet_create_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -394,7 +394,7 @@ interface(`sysnet_etc_filetrans_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -416,7 +416,7 @@ interface(`sysnet_manage_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -435,7 +435,7 @@ interface(`sysnet_read_dhcpc_pid',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -453,7 +453,7 @@ interface(`sysnet_delete_dhcpc_pid',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -474,7 +474,7 @@ interface(`sysnet_domtrans_ifconfig',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/system/udev.if b/policy/modules/system/udev.if
index bfc4c75..025348a 100644
--- a/policy/modules/system/udev.if
+++ b/policy/modules/system/udev.if
@@ -24,7 +24,7 @@ interface(`udev_signal',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -60,7 +60,7 @@ interface(`udev_exec',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -199,7 +199,7 @@ interface(`udev_read_db',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/unconfined.if b/policy/modules/system/unconfined.if
index c11cb30..416e668 100644
--- a/policy/modules/system/unconfined.if
+++ b/policy/modules/system/unconfined.if
@@ -185,7 +185,7 @@ interface(`unconfined_execmem_alias_program',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -203,7 +203,7 @@ interface(`unconfined_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -227,7 +227,7 @@ interface(`unconfined_run',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -413,7 +413,7 @@ interface(`unconfined_read_pipes',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index fafdd3d..42ef0e1 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -1356,7 +1356,7 @@ interface(`userdom_getattr_user_home_dirs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1543,7 +1543,7 @@ interface(`userdom_home_filetrans_user_home_dir',`
 ## </desc>
 ## <param name="source_domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="target_domain">
@@ -1568,7 +1568,7 @@ interface(`userdom_user_home_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain to not audit
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1643,7 +1643,7 @@ interface(`userdom_delete_user_home_content_dirs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1837,7 +1837,7 @@ interface(`userdom_exec_user_home_content_files',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1877,7 +1877,7 @@ interface(`userdom_manage_user_home_content_files',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -2493,7 +2493,7 @@ interface(`userdom_getattr_user_ttys',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -2529,7 +2529,7 @@ interface(`userdom_setattr_user_ttys',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -2620,7 +2620,7 @@ interface(`userdom_use_user_terminals',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -2641,7 +2641,7 @@ interface(`userdom_dontaudit_use_user_terminals',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -2664,7 +2664,7 @@ interface(`userdom_spec_domtrans_all_users',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -2687,7 +2687,7 @@ interface(`userdom_xsession_spec_domtrans_all_users',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -2710,7 +2710,7 @@ interface(`userdom_spec_domtrans_unpriv_users',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -2770,7 +2770,7 @@ interface(`userdom_manage_unpriv_user_shared_mem',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -2934,7 +2934,7 @@ interface(`userdom_relabelto_user_ptys',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -2970,7 +2970,7 @@ interface(`userdom_write_user_tmp_files',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/xen.if b/policy/modules/system/xen.if
index 086e8c6..77d41b6 100644
--- a/policy/modules/system/xen.if
+++ b/policy/modules/system/xen.if
@@ -24,7 +24,7 @@ interface(`xen_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain to not audit.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -83,7 +83,7 @@ interface(`xen_read_image_files',`
 ## </summary>
 ## <param name="domain">
 ## 	<summary>
-##	Domain allowed to transition.
+##	Domain allowed access.
 ## 	</summary>
 ## </param>
 #
@@ -104,7 +104,7 @@ interface(`xen_rw_image_files',`
 ## </summary>
 ## <param name="domain">
 ## 	<summary>
-##	Domain allowed to transition.
+##	Domain allowed access.
 ## 	</summary>
 ## </param>
 #
-- 
1.7.2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100804/158d027a/attachment-0001.bin