From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Wed, 20 Mar 2013 09:53:26 +0100
Subject: [refpolicy] [PATCH 1/1] Remove pulseaudio filename_trans conflict
Message-ID: <20130320085326.GA11555@siphos.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

The pulseaudio_role() interface currently defines explicit filename transitions
for three files/directories. However, these are already in effect as the domain
is assigned the pulseaudio_client attribute through the following:

pulseaudio_role()
-> pulseaudio_run
   -> pulseaudio_domtrans
      -> typeattribute $1 pulseaudio_client

The pulseaudio_client has these file name transitions already (cfr
pulseaudio.te).

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
---
 pulseaudio.if | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/pulseaudio.if b/pulseaudio.if
index fa3dc8e..45843b5 100644
--- a/pulseaudio.if
+++ b/pulseaudio.if
@@ -31,10 +31,6 @@ interface(`pulseaudio_role',`
 	allow $2 pulseaudio_home_t:file { manage_file_perms relabel_file_perms };
 	allow $2 pulseaudio_home_t:lnk_file { manage_lnk_file_perms relabel_lnk_file_perms };
 
-	userdom_user_home_dir_filetrans($2, pulseaudio_home_t, dir, ".pulse")
-	userdom_user_home_dir_filetrans($2, pulseaudio_home_t, file, ".esd_auth")
-	userdom_user_home_dir_filetrans($2, pulseaudio_home_t, file, ".pulse-cookie")
-
 	allow $2 { pulseaudio_tmpfs_t pulseaudio_tmpfsfile }:dir { manage_dir_perms relabel_dir_perms };
 	allow $2 { pulseaudio_tmpfs_t pulseaudio_tmpfsfile }:file { manage_file_perms relabel_file_perms };
 
-- 
1.8.1.5