[selinux-policy: 694/3172] update with change to how classes are handled in gen_require

[Daniel J Walsh]

commit 1d85c7a7c6935373f51772a5b7d2eff769f7cc0c
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Thu Sep 22 21:56:50 2005 +0000

    update with change to how classes are handled in gen_require

 www/html/getting-started.html |    9 +++------
 1 files changed, 3 insertions(+), 6 deletions(-)
---
diff --git a/www/html/getting-started.html b/www/html/getting-started.html
index e26f350..b840788 100644
--- a/www/html/getting-started.html
+++ b/www/html/getting-started.html
@@ -85,9 +85,6 @@ documentation. Create myapp.if and add the following:
 interface(`myapp_domtrans',`
 	gen_requires(`
 		type myapp_t, myapp_exec_t;
-		class fd use;
-		class process sigchld;
-		class fifo_file rw_file_perms;
 	')
 
 	domain_auto_trans($1,myapp_exec_t,myapp_t)
@@ -107,7 +104,6 @@ interface(`myapp_domtrans',`
 interface(`myapp_read_log',`
 	gen_requires(`
 		type myapp_log_t;
-		class file r_file_perms;
 	')
 
 	logging_search_logs($1)
@@ -123,6 +119,7 @@ transition to myapp_t, by executing a program labeled myapp_exec_t.
 The second interface allows other domains to read myapp's log files.  Myapp's
 log files are in the /var/log directory, so the access to search the /var/log
 directory is also given by the interface.  The gen_requires() macro is used to
-support loadable policy modules, and must explicitly list the type, attributes,
-object classes, and permissions used by this interface.
+support loadable policy modules, and must explicitly list the type and attributes
+used by this interface.  If object classes of a userland object manager are used,
+the class and the permissions used by the interface must also be listed.
 </p>