From: jwcart2@tycho.nsa.gov (James Carter)
Date: Wed, 11 Apr 2018 14:56:55 -0400
Subject: [refpolicy] [PATCH 11/13] Remove undeclared identifiers from
	interfaces
Message-ID: <20180411185655.23611-1-jwcart2@tycho.nsa.gov>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

All the interfaces below were always being removed because of unmet
requires.

cups.if:cups_admin()
  Remove references to undeclared type cupsd_spool_t.
  Called in roles/sysadm.te

dspam.if:dspam_stream_connect()
  Remove references to undeclared type dspam_tmp_t.
  Called in contrib/postfix.te

samba.if:samba_admin()
  Remove references to undeclared type smbd_spool_t.
  Called in roles/sysadm.te

Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
---
 cups.if  | 3 +--
 dspam.if | 4 ++--
 samba.if | 3 +--
 3 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/cups.if b/cups.if
index 73887e5..e268b96 100644
--- a/cups.if
+++ b/cups.if
@@ -352,7 +352,7 @@ interface(`cups_domtrans_hplip',`
 interface(`cups_admin',`
 	gen_require(`
 		type cupsd_t, cupsd_tmp_t, cupsd_lpd_tmp_t;
-		type cupsd_etc_t, cupsd_log_t, cupsd_spool_t;
+		type cupsd_etc_t, cupsd_log_t;
 		type cupsd_config_var_run_t, cupsd_lpd_var_run_t;
 		type cupsd_var_run_t, ptal_etc_t, cupsd_rw_etc_t;
 		type ptal_var_run_t, hplip_var_run_t, cupsd_initrc_exec_t;
@@ -374,7 +374,6 @@ interface(`cups_admin',`
 	admin_pattern($1, cupsd_log_t)
 
 	files_list_spool($1)
-	admin_pattern($1, cupsd_spool_t)
 
 	files_list_tmp($1)
 	admin_pattern($1, { cupsd_tmp_t  cupsd_lpd_tmp_t })
diff --git a/dspam.if b/dspam.if
index a8cd028..969fd89 100644
--- a/dspam.if
+++ b/dspam.if
@@ -32,12 +32,12 @@ interface(`dspam_domtrans',`
 #
 interface(`dspam_stream_connect',`
 	gen_require(`
-		type dspam_t, dspam_var_run_t, dspam_tmp_t;
+		type dspam_t, dspam_var_run_t;
 	')
 
 	files_search_pids($1)
 	files_search_tmp($1)
-	stream_connect_pattern($1, { dspam_tmp_t dspam_var_run_t }, { dspam_tmp_t dspam_var_run_t }, dspam_t)
+	stream_connect_pattern($1, dspam_var_run_t, dspam_var_run_t, dspam_t)
 ')
 
 ########################################
diff --git a/samba.if b/samba.if
index f863af8..3d729f0 100644
--- a/samba.if
+++ b/samba.if
@@ -684,7 +684,7 @@ interface(`samba_stream_connect_winbind',`
 interface(`samba_admin',`
 	gen_require(`
 		type nmbd_t, nmbd_var_run_t, smbd_var_run_t;
-		type smbd_t, smbd_tmp_t, smbd_spool_t;
+		type smbd_t, smbd_tmp_t;
 		type samba_log_t, samba_var_t, samba_secrets_t;
 		type samba_etc_t, samba_share_t, samba_initrc_exec_t;
 		type swat_var_run_t, swat_tmp_t, winbind_log_t;
@@ -707,7 +707,6 @@ interface(`samba_admin',`
 	admin_pattern($1, { samba_share_t samba_var_t samba_secrets_t })
 
 	files_list_spool($1)
-	admin_pattern($1, smbd_spool_t)
 
 	files_list_pids($1)
 	admin_pattern($1, { winbind_var_run_t smbd_var_run_t swat_var_run_t nmbd_var_run_t })
-- 
2.13.6