From: jason@perfinion.com (Jason Zaman)
Date: Mon, 25 May 2015 13:33:55 +0400
Subject: [refpolicy] [PATCH 1/2] logging: use init_startstop_service in
	_admin interface
Message-ID: <1432546436-17885-1-git-send-email-jason@perfinion.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

The logging_admin interfaces had rules for RedHat sysvinit. This
replaces them with the interface init_startstop_service which can
easily be changed for other init systems.
---
 policy/modules/system/logging.if | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/policy/modules/system/logging.if b/policy/modules/system/logging.if
index a40714e..7fd0c41 100644
--- a/policy/modules/system/logging.if
+++ b/policy/modules/system/logging.if
@@ -1003,10 +1003,7 @@ interface(`logging_admin_audit',`
 
 	logging_run_auditctl($1, $2)
 
-	init_labeled_script_domtrans($1, auditd_initrc_exec_t)
-	domain_system_change_exemption($1)
-	role_transition $2 auditd_initrc_exec_t system_r;
-	allow $2 system_r;
+	init_startstop_service($1, $2, auditd_t, auditd_initrc_exec_t)
 ')
 
 ########################################
@@ -1061,10 +1058,7 @@ interface(`logging_admin_syslog',`
 
 	logging_manage_all_logs($1)
 
-	init_labeled_script_domtrans($1, syslogd_initrc_exec_t)
-	domain_system_change_exemption($1)
-	role_transition $2 syslogd_initrc_exec_t system_r;
-	allow $2 system_r;
+	init_startstop_service($1, $2, syslogd_t, syslogd_initrc_exec_t)
 ')
 
 ########################################
-- 
2.3.6