[selinux-policy: 170/3172] change read_shared_libraries to use_shared_libraries, since the execute permission is checked when u
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 19:19:42 UTC 2010
commit dd14d0d8920040c11399bf0b6c82d4bdb7f5667b
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Tue May 17 15:32:52 2005 +0000
change read_shared_libraries to use_shared_libraries, since the execute
permission is checked when using shared libs to execute code in them, which
is not the same as just reading the shared libs.
refpolicy/policy/modules/admin/consoletype.te | 2 +-
refpolicy/policy/modules/admin/netutils.te | 6 +++---
refpolicy/policy/modules/admin/usermanage.te | 12 ++++++------
refpolicy/policy/modules/apps/gpg.if | 10 +++++-----
refpolicy/policy/modules/kernel/bootloader.te | 2 +-
refpolicy/policy/modules/kernel/kernel.te | 2 +-
refpolicy/policy/modules/services/cron.if | 4 ++--
refpolicy/policy/modules/services/cron.te | 4 ++--
refpolicy/policy/modules/services/mta.if | 2 +-
refpolicy/policy/modules/services/mta.te | 4 ++--
refpolicy/policy/modules/services/remotelogin.te | 2 +-
refpolicy/policy/modules/services/sendmail.te | 2 +-
refpolicy/policy/modules/system/audit.te | 2 +-
refpolicy/policy/modules/system/authlogin.if | 2 +-
refpolicy/policy/modules/system/authlogin.te | 8 ++++----
refpolicy/policy/modules/system/clock.te | 2 +-
refpolicy/policy/modules/system/hostname.te | 2 +-
refpolicy/policy/modules/system/hotplug.te | 2 +-
refpolicy/policy/modules/system/init.te | 6 +++---
refpolicy/policy/modules/system/iptables.te | 2 +-
refpolicy/policy/modules/system/libraries.if | 14 +++++++-------
refpolicy/policy/modules/system/locallogin.te | 4 ++--
refpolicy/policy/modules/system/logging.te | 4 ++--
refpolicy/policy/modules/system/lvm.te | 2 +-
refpolicy/policy/modules/system/modutils.te | 6 +++---
refpolicy/policy/modules/system/mount.te | 2 +-
refpolicy/policy/modules/system/selinux.te | 10 +++++-----
refpolicy/policy/modules/system/selinuxutil.te | 10 +++++-----
refpolicy/policy/modules/system/sysnetwork.te | 4 ++--
refpolicy/policy/modules/system/userdomain.if | 2 +-
30 files changed, 68 insertions(+), 68 deletions(-)
---
diff --git a/refpolicy/policy/modules/admin/consoletype.te b/refpolicy/policy/modules/admin/consoletype.te
index e7ab89a..f6ab7d2 100644
--- a/refpolicy/policy/modules/admin/consoletype.te
+++ b/refpolicy/policy/modules/admin/consoletype.te
@@ -49,7 +49,7 @@ domain_use_widely_inheritable_file_descriptors(consoletype_t)
files_ignore_read_rootfs_file(consoletype_t)
libraries_use_dynamic_loader(consoletype_t)
-libraries_read_shared_libraries(consoletype_t)
+libraries_use_shared_libraries(consoletype_t)
optional_policy(`authlogin.te', `
authlogin_pam_read_runtime_data(consoletype_t)
diff --git a/refpolicy/policy/modules/admin/netutils.te b/refpolicy/policy/modules/admin/netutils.te
index 835f332..64c82d7 100644
--- a/refpolicy/policy/modules/admin/netutils.te
+++ b/refpolicy/policy/modules/admin/netutils.te
@@ -70,7 +70,7 @@ files_read_general_system_config(netutils_t)
files_ignore_search_system_state_data_directory(netutils_t)
libraries_use_dynamic_loader(netutils_t)
-libraries_read_shared_libraries(netutils_t)
+libraries_use_shared_libraries(netutils_t)
logging_send_system_log_message(netutils_t)
@@ -124,7 +124,7 @@ files_read_general_system_config(ping_t)
files_ignore_search_system_state_data_directory(ping_t)
libraries_use_dynamic_loader(ping_t)
-libraries_read_shared_libraries(ping_t)
+libraries_use_shared_libraries(ping_t)
sysnetwork_read_network_config(ping_t)
@@ -182,7 +182,7 @@ files_read_general_system_config(traceroute_t)
files_ignore_search_system_state_data_directory(traceroute_t)
libraries_use_dynamic_loader(traceroute_t)
-libraries_read_shared_libraries(traceroute_t)
+libraries_use_shared_libraries(traceroute_t)
logging_send_system_log_message(traceroute_t)
diff --git a/refpolicy/policy/modules/admin/usermanage.te b/refpolicy/policy/modules/admin/usermanage.te
index d36f8a0..3f26371 100644
--- a/refpolicy/policy/modules/admin/usermanage.te
+++ b/refpolicy/policy/modules/admin/usermanage.te
@@ -103,7 +103,7 @@ files_manage_general_system_config(chfn_t)
files_read_runtime_system_config(chfn_t)
libraries_use_dynamic_loader(chfn_t)
-libraries_read_shared_libraries(chfn_t)
+libraries_use_shared_libraries(chfn_t)
miscfiles_read_localization(chfn_t)
@@ -174,7 +174,7 @@ files_read_general_application_resources(crack_t)
corecommands_execute_general_programs(crack_t)
libraries_use_dynamic_loader(crack_t)
-libraries_read_shared_libraries(crack_t)
+libraries_use_shared_libraries(crack_t)
logging_send_system_log_message(crack_t)
@@ -231,7 +231,7 @@ domain_use_widely_inheritable_file_descriptors(groupadd_t)
files_manage_general_system_config(groupadd_t)
libraries_use_dynamic_loader(groupadd_t)
-libraries_read_shared_libraries(groupadd_t)
+libraries_use_shared_libraries(groupadd_t)
# Execute /usr/bin/{passwd,chfn,chsh} and /usr/sbin/{useradd,vipw}.
corecommands_execute_general_programs(groupadd_t)
@@ -311,7 +311,7 @@ files_read_runtime_system_config(passwd_t)
files_manage_general_system_config(passwd_t)
libraries_use_dynamic_loader(passwd_t)
-libraries_read_shared_libraries(passwd_t)
+libraries_use_shared_libraries(passwd_t)
logging_send_system_log_message(passwd_t)
@@ -416,7 +416,7 @@ corecommands_execute_shell(sysadm_passwd_t)
files_read_general_application_resources(sysadm_passwd_t)
libraries_use_dynamic_loader(sysadm_passwd_t)
-libraries_read_shared_libraries(sysadm_passwd_t)
+libraries_use_shared_libraries(sysadm_passwd_t)
miscfiles_read_localization(sysadm_passwd_t)
@@ -498,7 +498,7 @@ domain_use_widely_inheritable_file_descriptors(useradd_t)
files_manage_general_system_config(useradd_t)
libraries_use_dynamic_loader(useradd_t)
-libraries_read_shared_libraries(useradd_t)
+libraries_use_shared_libraries(useradd_t)
corecommands_execute_shell(useradd_t)
# Execute /usr/bin/{passwd,chfn,chsh} and /usr/sbin/{useradd,vipw}.
diff --git a/refpolicy/policy/modules/apps/gpg.if b/refpolicy/policy/modules/apps/gpg.if
index ca83e74..7e0737c 100644
--- a/refpolicy/policy/modules/apps/gpg.if
+++ b/refpolicy/policy/modules/apps/gpg.if
@@ -79,7 +79,7 @@ filesystem_get_persistent_filesystem_attributes($1_gpg_t)
files_read_general_system_config($1_gpg_t)
files_read_general_application_resources($1_gpg_t)
-libraries_read_shared_libraries($1_gpg_t)
+libraries_use_shared_libraries($1_gpg_t)
libraries_use_dynamic_loader($1_gpg_t)
miscfiles_read_localization($1_gpg_t)
@@ -91,7 +91,7 @@ sysnetwork_read_network_config($1_gpg_t)
# Legacy
if (allow_gpg_execstack) {
allow $1_gpg_t self:process execmem;
-libraries_legacy_read_shared_libraries($1_gpg_t)
+libraries_legacy_use_shared_libraries($1_gpg_t)
libraries_legacy_use_dynamic_loader($1_gpg_t)
miscfiles_legacy_read_localization($1_gpg_t)
# Not quite sure why this is needed...
@@ -182,7 +182,7 @@ files_read_general_system_config($1_gpg_helper_t)
files_ignore_search_system_state_data_directory($1_gpg_helper_t)
libraries_use_dynamic_loader($1_gpg_helper_t)
-libraries_read_shared_libraries($1_gpg_helper_t)
+libraries_use_shared_libraries($1_gpg_helper_t)
sysnetwork_read_network_config($1_gpg_helper_t)
@@ -224,7 +224,7 @@ files_create_private_tmp_data($1_gpg_agent_t, $1_gpg_agent_tmp_t, { file sock_fi
domain_use_widely_inheritable_file_descriptors($1_gpg_agent_t)
libraries_use_dynamic_loader($1_gpg_agent_t)
-libraries_read_shared_libraries($1_gpg_agent_t)
+libraries_use_shared_libraries($1_gpg_agent_t)
miscfiles_read_localization($1_gpg_agent_t)
@@ -285,7 +285,7 @@ files_read_general_application_resources($1_gpg_pinentry_t)
files_read_general_system_config($1_gpg_pinentry_t)
libraries_use_dynamic_loader($1_gpg_pinentry_t)
-libraries_read_shared_libraries($1_gpg_pinentry_t)
+libraries_use_shared_libraries($1_gpg_pinentry_t)
miscfiles_read_fonts($1_gpg_pinentry_t)
miscfiles_read_localization($1_gpg_pinentry_t)
diff --git a/refpolicy/policy/modules/kernel/bootloader.te b/refpolicy/policy/modules/kernel/bootloader.te
index 1ab29ce..a5e9bbc 100644
--- a/refpolicy/policy/modules/kernel/bootloader.te
+++ b/refpolicy/policy/modules/kernel/bootloader.te
@@ -118,7 +118,7 @@ init_script_use_file_descriptors(bootloader_t)
domain_use_widely_inheritable_file_descriptors(bootloader_t)
libraries_use_dynamic_loader(bootloader_t)
-libraries_read_shared_libraries(bootloader_t)
+libraries_use_shared_libraries(bootloader_t)
libraries_read_library_resources(bootloader_t)
files_read_general_system_config(bootloader_t)
diff --git a/refpolicy/policy/modules/kernel/kernel.te b/refpolicy/policy/modules/kernel/kernel.te
index 8c8a3b8..8a2637c 100644
--- a/refpolicy/policy/modules/kernel/kernel.te
+++ b/refpolicy/policy/modules/kernel/kernel.te
@@ -177,7 +177,7 @@ allow kernel_t security_t:security load_policy;
auditallow kernel_t security_t:security load_policy;
libraries_use_dynamic_loader(kernel_t)
-libraries_read_shared_libraries(kernel_t)
+libraries_use_shared_libraries(kernel_t)
corecommands_execute_shell(kernel_t)
diff --git a/refpolicy/policy/modules/services/cron.if b/refpolicy/policy/modules/services/cron.if
index d104aa8..dadf9ec 100644
--- a/refpolicy/policy/modules/services/cron.if
+++ b/refpolicy/policy/modules/services/cron.if
@@ -80,7 +80,7 @@ corecommands_execute_general_programs($1_crond_t)
corecommands_execute_system_programs($1_crond_t)
libraries_use_dynamic_loader($1_crond_t)
-libraries_read_shared_libraries($1_crond_t)
+libraries_use_shared_libraries($1_crond_t)
libraries_execute_library_scripts($1_crond_t)
libraries_execute_dynamic_loader($1_crond_t)
@@ -157,7 +157,7 @@ domain_use_widely_inheritable_file_descriptors($1_crontab_t)
files_read_general_system_config($1_crontab_t)
libraries_use_dynamic_loader($1_crontab_t)
-libraries_read_shared_libraries($1_crontab_t)
+libraries_use_shared_libraries($1_crontab_t)
logging_send_system_log_message($1_crontab_t)
diff --git a/refpolicy/policy/modules/services/cron.te b/refpolicy/policy/modules/services/cron.te
index 05939c0..b960cbd 100644
--- a/refpolicy/policy/modules/services/cron.te
+++ b/refpolicy/policy/modules/services/cron.te
@@ -105,7 +105,7 @@ corecommands_execute_shell(crond_t)
corecommands_read_system_programs_directory(crond_t)
libraries_use_dynamic_loader(crond_t)
-libraries_read_shared_libraries(crond_t)
+libraries_use_shared_libraries(crond_t)
logging_send_system_log_message(crond_t)
@@ -274,7 +274,7 @@ corecommands_execute_general_programs(system_crond_t)
corecommands_execute_system_programs(system_crond_t)
libraries_use_dynamic_loader(system_crond_t)
-libraries_read_shared_libraries(system_crond_t)
+libraries_use_shared_libraries(system_crond_t)
libraries_execute_library_scripts(system_crond_t)
libraries_execute_dynamic_loader(system_crond_t)
diff --git a/refpolicy/policy/modules/services/mta.if b/refpolicy/policy/modules/services/mta.if
index 5a53119..ff41a42 100644
--- a/refpolicy/policy/modules/services/mta.if
+++ b/refpolicy/policy/modules/services/mta.if
@@ -49,7 +49,7 @@ corenetwork_bind_tcp_on_all_nodes($1_mail_t)
domain_use_widely_inheritable_file_descriptors($1_mail_t)
libraries_use_dynamic_loader($1_mail_t)
-libraries_read_shared_libraries($1_mail_t)
+libraries_use_shared_libraries($1_mail_t)
corecommands_execute_general_programs($1_mail_t)
diff --git a/refpolicy/policy/modules/services/mta.te b/refpolicy/policy/modules/services/mta.te
index f187620..2f4ee19 100644
--- a/refpolicy/policy/modules/services/mta.te
+++ b/refpolicy/policy/modules/services/mta.te
@@ -75,7 +75,7 @@ files_ignore_search_runtime_data_directory(system_mail_t)
corecommands_execute_general_programs(system_mail_t)
libraries_use_dynamic_loader(system_mail_t)
-libraries_read_shared_libraries(system_mail_t)
+libraries_use_shared_libraries(system_mail_t)
logging_send_system_log_message(system_mail_t)
@@ -150,7 +150,7 @@ files_execute_system_config_script(system_mail_t)
corecommands_execute_general_programs(system_mail_t)
corecommands_execute_system_programs(system_mail_t)
libraries_use_dynamic_loader(system_mail_t)
-libraries_read_shared_libraries(system_mail_t)
+libraries_use_shared_libraries(system_mail_t)
libraries_execute_dynamic_loader(system_mail_t)
libraries_execute_library_scripts(system_mail_t)
')
diff --git a/refpolicy/policy/modules/services/remotelogin.te b/refpolicy/policy/modules/services/remotelogin.te
index 14cbadc..1955937 100644
--- a/refpolicy/policy/modules/services/remotelogin.te
+++ b/refpolicy/policy/modules/services/remotelogin.te
@@ -66,7 +66,7 @@ files_list_home_directories(remote_login_t)
files_read_general_application_resources(remote_login_t)
libraries_use_dynamic_loader(remote_login_t)
-libraries_read_shared_libraries(remote_login_t)
+libraries_use_shared_libraries(remote_login_t)
logging_send_system_log_message(remote_login_t)
diff --git a/refpolicy/policy/modules/services/sendmail.te b/refpolicy/policy/modules/services/sendmail.te
index 701d270..847c244 100644
--- a/refpolicy/policy/modules/services/sendmail.te
+++ b/refpolicy/policy/modules/services/sendmail.te
@@ -75,7 +75,7 @@ files_search_system_spool_directory(sendmail_t)
logging_send_system_log_message(sendmail_t)
libraries_use_dynamic_loader(sendmail_t)
-libraries_read_shared_libraries(sendmail_t)
+libraries_use_shared_libraries(sendmail_t)
# Read /usr/lib/sasl2/.*
libraries_read_library_resources(sendmail_t)
diff --git a/refpolicy/policy/modules/system/audit.te b/refpolicy/policy/modules/system/audit.te
index b240562..25eb3da 100644
--- a/refpolicy/policy/modules/system/audit.te
+++ b/refpolicy/policy/modules/system/audit.te
@@ -48,7 +48,7 @@ files_read_general_system_config(auditd_t)
logging_send_system_log_message(auditd_t)
libraries_use_dynamic_loader(auditd_t)
-libraries_read_shared_libraries(auditd_t)
+libraries_use_shared_libraries(auditd_t)
miscfiles_read_localization(auditd_t)
diff --git a/refpolicy/policy/modules/system/authlogin.if b/refpolicy/policy/modules/system/authlogin.if
index 142c0d0..01cfa5e 100644
--- a/refpolicy/policy/modules/system/authlogin.if
+++ b/refpolicy/policy/modules/system/authlogin.if
@@ -29,7 +29,7 @@ filesystem_ignore_get_persistent_filesystem_attributes($1_chkpwd_t)
domain_use_widely_inheritable_file_descriptors($1_chkpwd_t)
libraries_use_dynamic_loader($1_chkpwd_t)
-libraries_read_shared_libraries($1_chkpwd_t)
+libraries_use_shared_libraries($1_chkpwd_t)
files_read_general_system_config($1_chkpwd_t)
# for nscd
diff --git a/refpolicy/policy/modules/system/authlogin.te b/refpolicy/policy/modules/system/authlogin.te
index e4f7b7e..7b7f227 100644
--- a/refpolicy/policy/modules/system/authlogin.te
+++ b/refpolicy/policy/modules/system/authlogin.te
@@ -103,7 +103,7 @@ files_read_general_system_config(pam_t)
files_read_runtime_data_directory(pam_t)
libraries_use_dynamic_loader(pam_t)
-libraries_read_shared_libraries(pam_t)
+libraries_use_shared_libraries(pam_t)
logging_send_system_log_message(pam_t)
@@ -163,7 +163,7 @@ files_read_general_system_config(pam_console_t)
files_search_runtime_data_directory(pam_console_t)
libraries_use_dynamic_loader(pam_console_t)
-libraries_read_shared_libraries(pam_console_t)
+libraries_use_shared_libraries(pam_console_t)
logging_send_system_log_message(pam_console_t)
@@ -251,7 +251,7 @@ files_read_general_system_config(system_chkpwd_t)
files_ignore_search_system_state_data_directory(system_chkpwd_t)
libraries_use_dynamic_loader(system_chkpwd_t)
-libraries_read_shared_libraries(system_chkpwd_t)
+libraries_use_shared_libraries(system_chkpwd_t)
logging_send_system_log_message(system_chkpwd_t)
@@ -301,7 +301,7 @@ files_read_general_system_config(utempter_t)
domain_use_widely_inheritable_file_descriptors(utempter_t)
libraries_use_dynamic_loader(utempter_t)
-libraries_read_shared_libraries(utempter_t)
+libraries_use_shared_libraries(utempter_t)
logging_search_system_log_directory(utempter_t)
diff --git a/refpolicy/policy/modules/system/clock.te b/refpolicy/policy/modules/system/clock.te
index 2d7cb75..041fcf1 100644
--- a/refpolicy/policy/modules/system/clock.te
+++ b/refpolicy/policy/modules/system/clock.te
@@ -48,7 +48,7 @@ init_script_use_pseudoterminal(hwclock_t)
domain_use_widely_inheritable_file_descriptors(hwclock_t)
libraries_use_dynamic_loader(hwclock_t)
-libraries_read_shared_libraries(hwclock_t)
+libraries_use_shared_libraries(hwclock_t)
logging_send_system_log_message(hwclock_t)
diff --git a/refpolicy/policy/modules/system/hostname.te b/refpolicy/policy/modules/system/hostname.te
index 7f40975..8ba8291 100644
--- a/refpolicy/policy/modules/system/hostname.te
+++ b/refpolicy/policy/modules/system/hostname.te
@@ -44,7 +44,7 @@ init_script_use_pseudoterminal(hostname_t)
domain_use_widely_inheritable_file_descriptors(hostname_t)
libraries_use_dynamic_loader(hostname_t)
-libraries_read_shared_libraries(hostname_t)
+libraries_use_shared_libraries(hostname_t)
logging_send_system_log_message(hostname_t)
diff --git a/refpolicy/policy/modules/system/hotplug.te b/refpolicy/policy/modules/system/hotplug.te
index cad4a31..57fb357 100644
--- a/refpolicy/policy/modules/system/hotplug.te
+++ b/refpolicy/policy/modules/system/hotplug.te
@@ -81,7 +81,7 @@ corecommands_execute_system_programs(hotplug_t)
logging_send_system_log_message(hotplug_t)
libraries_use_dynamic_loader(hotplug_t)
-libraries_read_shared_libraries(hotplug_t)
+libraries_use_shared_libraries(hotplug_t)
# Read /usr/lib/gconv/.*
libraries_read_library_resources(hotplug_t)
diff --git a/refpolicy/policy/modules/system/init.te b/refpolicy/policy/modules/system/init.te
index c697722..22ce48d 100644
--- a/refpolicy/policy/modules/system/init.te
+++ b/refpolicy/policy/modules/system/init.te
@@ -108,7 +108,7 @@ files_ignore_modify_rootfs_file(init_t)
files_ignore_modify_rootfs_device(init_t)
libraries_use_dynamic_loader(init_t)
-libraries_read_shared_libraries(init_t)
+libraries_use_shared_libraries(init_t)
corecommands_chroot(init_t)
corecommands_execute_general_programs(init_t)
@@ -236,7 +236,7 @@ domain_use_widely_inheritable_file_descriptors(initrc_t)
libraries_modify_dynamic_loader_cache(initrc_t)
libraries_use_dynamic_loader(initrc_t)
-libraries_read_shared_libraries(initrc_t)
+libraries_use_shared_libraries(initrc_t)
libraries_execute_library_scripts(initrc_t)
files_get_all_file_attributes(initrc_t)
@@ -410,7 +410,7 @@ corecommands_execute_shell(run_init_t)
files_read_general_system_config(run_init_t)
libraries_use_dynamic_loader(run_init_t)
-libraries_read_shared_libraries(run_init_t)
+libraries_use_shared_libraries(run_init_t)
selinux_read_config(run_init_t)
selinux_read_default_contexts(run_init_t)
diff --git a/refpolicy/policy/modules/system/iptables.te b/refpolicy/policy/modules/system/iptables.te
index 065686e..d48f9f3 100644
--- a/refpolicy/policy/modules/system/iptables.te
+++ b/refpolicy/policy/modules/system/iptables.te
@@ -57,7 +57,7 @@ domain_use_widely_inheritable_file_descriptors(iptables_t)
files_read_general_system_config(iptables_t)
libraries_use_dynamic_loader(iptables_t)
-libraries_read_shared_libraries(iptables_t)
+libraries_use_shared_libraries(iptables_t)
logging_send_system_log_message(iptables_t)
# system-config-network appends to /var/log
diff --git a/refpolicy/policy/modules/system/libraries.if b/refpolicy/policy/modules/system/libraries.if
index 5c58f11..08f0d9b 100644
--- a/refpolicy/policy/modules/system/libraries.if
+++ b/refpolicy/policy/modules/system/libraries.if
@@ -72,9 +72,9 @@ class file { getattr read write };
########################################
#
-# libraries_read_shared_libraries(domain)
+# libraries_use_shared_libraries(domain)
#
-define(`libraries_read_shared_libraries',`
+define(`libraries_use_shared_libraries',`
requires_block_template(`$0'_depend)
allow $1 lib_t:dir { getattr read search };
allow $1 lib_t:lnk_file { getattr read };
@@ -82,7 +82,7 @@ allow $1 { shlib_t texrel_shlib_t }:lnk_file { getattr read };
allow $1 { shlib_t texrel_shlib_t }:file { getattr read execute };
')
-define(`libraries_read_shared_libraries_depend',`
+define(`libraries_use_shared_libraries_depend',`
type lib_t, shlib_t, texrel_shlib_t;
class dir { getattr read search };
class lnk_file { getattr read };
@@ -91,15 +91,15 @@ class file { getattr read execute };
########################################
#
-# libraries_legacy_read_shared_libraries(domain)
+# libraries_legacy_use_shared_libraries(domain)
#
-define(`libraries_legacy_read_shared_libraries',`
+define(`libraries_legacy_use_shared_libraries',`
requires_block_template(`$0'_depend)
-libraries_read_shared_libraries($1)
+libraries_use_shared_libraries($1)
allow $1 { shlib_t texrel_shlib_t }:file execmod;
')
-define(`libraries_legacy_read_shared_libraries_depend',`
+define(`libraries_legacy_use_shared_libraries_depend',`
type shlib_t, texrel_shlib_t;
class file execmod;
')
diff --git a/refpolicy/policy/modules/system/locallogin.te b/refpolicy/policy/modules/system/locallogin.te
index 7446423..2e2281f 100644
--- a/refpolicy/policy/modules/system/locallogin.te
+++ b/refpolicy/policy/modules/system/locallogin.te
@@ -79,7 +79,7 @@ files_list_home_directories(local_login_t)
files_read_general_application_resources(local_login_t)
libraries_use_dynamic_loader(local_login_t)
-libraries_read_shared_libraries(local_login_t)
+libraries_use_shared_libraries(local_login_t)
logging_send_system_log_message(local_login_t)
@@ -231,7 +231,7 @@ init_script_get_process_group(sulogin_t)
files_read_general_system_config(sulogin_t)
libraries_use_dynamic_loader(sulogin_t)
-libraries_read_shared_libraries(sulogin_t)
+libraries_use_shared_libraries(sulogin_t)
logging_send_system_log_message(sulogin_t)
diff --git a/refpolicy/policy/modules/system/logging.te b/refpolicy/policy/modules/system/logging.te
index b7e3700..28cc0e4 100644
--- a/refpolicy/policy/modules/system/logging.te
+++ b/refpolicy/policy/modules/system/logging.te
@@ -53,7 +53,7 @@ filesystem_get_all_filesystems_attributes(klogd_t)
bootloader_read_kernel_symbol_table(klogd_t)
libraries_use_dynamic_loader(klogd_t)
-libraries_read_shared_libraries(klogd_t)
+libraries_use_shared_libraries(klogd_t)
files_create_daemon_runtime_data(klogd_t,klogd_var_run_t)
files_create_private_tmp_data(klogd_t,klogd_tmp_t)
@@ -126,7 +126,7 @@ files_create_daemon_runtime_data(syslogd_t,devlog_t,sock_file)
files_create_private_tmp_data(syslogd_t,syslogd_tmp_t)
libraries_use_dynamic_loader(syslogd_t)
-libraries_read_shared_libraries(syslogd_t)
+libraries_use_shared_libraries(syslogd_t)
sysnetwork_read_network_config(syslogd_t)
diff --git a/refpolicy/policy/modules/system/lvm.te b/refpolicy/policy/modules/system/lvm.te
index c19cf9c..a4bcb90 100644
--- a/refpolicy/policy/modules/system/lvm.te
+++ b/refpolicy/policy/modules/system/lvm.te
@@ -111,7 +111,7 @@ init_script_use_pseudoterminal(lvm_t)
init_use_file_descriptors(lvm_t)
libraries_use_dynamic_loader(lvm_t)
-libraries_read_shared_libraries(lvm_t)
+libraries_use_shared_libraries(lvm_t)
logging_send_system_log_message(lvm_t)
diff --git a/refpolicy/policy/modules/system/modutils.te b/refpolicy/policy/modules/system/modutils.te
index 2af4e81..f87c5e4 100644
--- a/refpolicy/policy/modules/system/modutils.te
+++ b/refpolicy/policy/modules/system/modutils.te
@@ -78,7 +78,7 @@ domain_signal_all_domains(insmod_t)
domain_use_widely_inheritable_file_descriptors(insmod_t)
libraries_use_dynamic_loader(insmod_t)
-libraries_read_shared_libraries(insmod_t)
+libraries_use_shared_libraries(insmod_t)
corecommands_execute_general_programs(insmod_t)
corecommands_execute_system_programs(insmod_t)
@@ -153,7 +153,7 @@ files_read_general_system_config(depmod_t)
files_read_system_source_code(depmod_t)
libraries_use_dynamic_loader(depmod_t)
-libraries_read_shared_libraries(depmod_t)
+libraries_use_shared_libraries(depmod_t)
ifdef(`TODO',`
@@ -221,7 +221,7 @@ corecommands_execute_system_programs(update_modules_t)
corecommands_execute_shell(update_modules_t)
libraries_use_dynamic_loader(update_modules_t)
-libraries_read_shared_libraries(update_modules_t)
+libraries_use_shared_libraries(update_modules_t)
logging_send_system_log_message(update_modules_t)
diff --git a/refpolicy/policy/modules/system/mount.te b/refpolicy/policy/modules/system/mount.te
index f3d0d8d..35d13d2 100644
--- a/refpolicy/policy/modules/system/mount.te
+++ b/refpolicy/policy/modules/system/mount.te
@@ -52,7 +52,7 @@ files_create_runtime_system_config(mount_t)
files_mount_on_all_mountpoints(mount_t)
libraries_use_dynamic_loader(mount_t)
-libraries_read_shared_libraries(mount_t)
+libraries_use_shared_libraries(mount_t)
# required for mount.smbfs
corecommands_execute_system_programs(mount_t)
diff --git a/refpolicy/policy/modules/system/selinux.te b/refpolicy/policy/modules/system/selinux.te
index b4faa64..7489a96 100644
--- a/refpolicy/policy/modules/system/selinux.te
+++ b/refpolicy/policy/modules/system/selinux.te
@@ -115,7 +115,7 @@ init_script_use_pseudoterminal(checkpolicy_t)
domain_use_widely_inheritable_file_descriptors(checkpolicy_t)
libraries_use_dynamic_loader(checkpolicy_t)
-libraries_read_shared_libraries(checkpolicy_t)
+libraries_use_shared_libraries(checkpolicy_t)
ifdef(`TODO',`
role sysadm_r types checkpolicy_t;
@@ -168,7 +168,7 @@ init_script_use_pseudoterminal(load_policy_t)
domain_use_widely_inheritable_file_descriptors(load_policy_t)
libraries_use_dynamic_loader(load_policy_t)
-libraries_read_shared_libraries(load_policy_t)
+libraries_use_shared_libraries(load_policy_t)
miscfiles_read_localization(load_policy_t)
@@ -230,7 +230,7 @@ domain_use_widely_inheritable_file_descriptors(newrole_t)
files_read_general_system_config(newrole_t)
libraries_use_dynamic_loader(newrole_t)
-libraries_read_shared_libraries(newrole_t)
+libraries_use_shared_libraries(newrole_t)
logging_send_system_log_message(newrole_t)
@@ -317,7 +317,7 @@ files_read_runtime_system_config(restorecon_t)
files_read_general_system_config(restorecon_t)
libraries_use_dynamic_loader(restorecon_t)
-libraries_read_shared_libraries(restorecon_t)
+libraries_use_shared_libraries(restorecon_t)
logging_send_system_log_message(restorecon_t)
@@ -385,7 +385,7 @@ init_script_use_pseudoterminal(setfiles_t)
domain_use_widely_inheritable_file_descriptors(setfiles_t)
libraries_use_dynamic_loader(setfiles_t)
-libraries_read_shared_libraries(setfiles_t)
+libraries_use_shared_libraries(setfiles_t)
files_read_runtime_system_config(setfiles_t)
files_read_general_system_config(setfiles_t)
diff --git a/refpolicy/policy/modules/system/selinuxutil.te b/refpolicy/policy/modules/system/selinuxutil.te
index b4faa64..7489a96 100644
--- a/refpolicy/policy/modules/system/selinuxutil.te
+++ b/refpolicy/policy/modules/system/selinuxutil.te
@@ -115,7 +115,7 @@ init_script_use_pseudoterminal(checkpolicy_t)
domain_use_widely_inheritable_file_descriptors(checkpolicy_t)
libraries_use_dynamic_loader(checkpolicy_t)
-libraries_read_shared_libraries(checkpolicy_t)
+libraries_use_shared_libraries(checkpolicy_t)
ifdef(`TODO',`
role sysadm_r types checkpolicy_t;
@@ -168,7 +168,7 @@ init_script_use_pseudoterminal(load_policy_t)
domain_use_widely_inheritable_file_descriptors(load_policy_t)
libraries_use_dynamic_loader(load_policy_t)
-libraries_read_shared_libraries(load_policy_t)
+libraries_use_shared_libraries(load_policy_t)
miscfiles_read_localization(load_policy_t)
@@ -230,7 +230,7 @@ domain_use_widely_inheritable_file_descriptors(newrole_t)
files_read_general_system_config(newrole_t)
libraries_use_dynamic_loader(newrole_t)
-libraries_read_shared_libraries(newrole_t)
+libraries_use_shared_libraries(newrole_t)
logging_send_system_log_message(newrole_t)
@@ -317,7 +317,7 @@ files_read_runtime_system_config(restorecon_t)
files_read_general_system_config(restorecon_t)
libraries_use_dynamic_loader(restorecon_t)
-libraries_read_shared_libraries(restorecon_t)
+libraries_use_shared_libraries(restorecon_t)
logging_send_system_log_message(restorecon_t)
@@ -385,7 +385,7 @@ init_script_use_pseudoterminal(setfiles_t)
domain_use_widely_inheritable_file_descriptors(setfiles_t)
libraries_use_dynamic_loader(setfiles_t)
-libraries_read_shared_libraries(setfiles_t)
+libraries_use_shared_libraries(setfiles_t)
files_read_runtime_system_config(setfiles_t)
files_read_general_system_config(setfiles_t)
diff --git a/refpolicy/policy/modules/system/sysnetwork.te b/refpolicy/policy/modules/system/sysnetwork.te
index 7ec78f1..da15533 100644
--- a/refpolicy/policy/modules/system/sysnetwork.te
+++ b/refpolicy/policy/modules/system/sysnetwork.te
@@ -110,7 +110,7 @@ corecommands_execute_shell(dhcpc_t)
logging_send_system_log_message(dhcpc_t)
libraries_use_dynamic_loader(dhcpc_t)
-libraries_read_shared_libraries(dhcpc_t)
+libraries_use_shared_libraries(dhcpc_t)
modutils_insmod_transition(dhcpc_t)
@@ -266,7 +266,7 @@ domain_use_widely_inheritable_file_descriptors(ifconfig_t)
files_ignore_read_rootfs_file(ifconfig_t)
libraries_use_dynamic_loader(ifconfig_t)
-libraries_read_shared_libraries(ifconfig_t)
+libraries_use_shared_libraries(ifconfig_t)
logging_send_system_log_message(ifconfig_t)
diff --git a/refpolicy/policy/modules/system/userdomain.if b/refpolicy/policy/modules/system/userdomain.if
index a2802d1..fc59784 100644
--- a/refpolicy/policy/modules/system/userdomain.if
+++ b/refpolicy/policy/modules/system/userdomain.if
@@ -117,7 +117,7 @@ files_read_system_source_code($1_t)
init_script_ignore_use_pseudoterminal($1_t)
libraries_use_dynamic_loader($1_t)
-libraries_read_shared_libraries($1_t)
+libraries_use_shared_libraries($1_t)
libraries_execute_dynamic_loader($1_t)
libraries_execute_library_scripts($1_t)
More information about the scm-commits
mailing list