[selinux-policy: 2898/3172] Fix missed deprecated interface usage from the cert patch. Add back a few rolecap tags.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 23:18:02 UTC 2010
commit e9d6dfb8b155ebcfc55f287da5071ce7ba9c9e2c
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Fri Sep 10 11:31:00 2010 -0400
Fix missed deprecated interface usage from the cert patch. Add back a few rolecap tags.
policy/modules/admin/certwatch.te | 2 +-
policy/modules/apps/evolution.te | 2 +-
policy/modules/services/certmaster.te | 4 ++--
policy/modules/system/init.te | 2 +-
policy/modules/system/miscfiles.if | 3 +++
5 files changed, 8 insertions(+), 5 deletions(-)
---
diff --git a/policy/modules/admin/certwatch.te b/policy/modules/admin/certwatch.te
index 89b9f2a..922e2fa 100644
--- a/policy/modules/admin/certwatch.te
+++ b/policy/modules/admin/certwatch.te
@@ -31,7 +31,7 @@ auth_var_filetrans_cache(certwatch_t)
logging_send_syslog_msg(certwatch_t)
-miscfiles_read_certs(certwatch_t)
+miscfiles_read_generic_certs(certwatch_t)
miscfiles_read_localization(certwatch_t)
userdom_use_user_terminals(certwatch_t)
diff --git a/policy/modules/apps/evolution.te b/policy/modules/apps/evolution.te
index 5d3d45c..e690b5f 100644
--- a/policy/modules/apps/evolution.te
+++ b/policy/modules/apps/evolution.te
@@ -541,7 +541,7 @@ fs_search_auto_mountpoints(evolution_server_t)
miscfiles_read_localization(evolution_server_t)
# Look in /etc/pki
-miscfiles_read_certs(evolution_server_t)
+miscfiles_read_generic_certs(evolution_server_t)
# Talk to ldap (address book)
sysnet_read_config(evolution_server_t)
diff --git a/policy/modules/services/certmaster.te b/policy/modules/services/certmaster.te
index 1573914..500bf39 100644
--- a/policy/modules/services/certmaster.te
+++ b/policy/modules/services/certmaster.te
@@ -67,5 +67,5 @@ auth_use_nsswitch(certmaster_t)
miscfiles_read_localization(certmaster_t)
-miscfiles_manage_cert_dirs(certmaster_t)
-miscfiles_manage_cert_files(certmaster_t)
+miscfiles_manage_generic_cert_dirs(certmaster_t)
+miscfiles_manage_generic_cert_files(certmaster_t)
diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index abab4cf..9ead29b 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -394,7 +394,7 @@ logging_read_audit_config(initrc_t)
miscfiles_read_localization(initrc_t)
# slapd needs to read cert files from its initscript
-miscfiles_read_certs(initrc_t)
+miscfiles_read_generic_certs(initrc_t)
modutils_read_module_config(initrc_t)
modutils_domtrans_insmod(initrc_t)
diff --git a/policy/modules/system/miscfiles.if b/policy/modules/system/miscfiles.if
index 0b6b31d..fe4e741 100644
--- a/policy/modules/system/miscfiles.if
+++ b/policy/modules/system/miscfiles.if
@@ -53,6 +53,7 @@ interface(`miscfiles_cert_type',`
## Domain allowed access.
## </summary>
## </param>
+## <rolecap/>
#
interface(`miscfiles_read_all_certs',`
gen_require(`
@@ -73,6 +74,7 @@ interface(`miscfiles_read_all_certs',`
## Domain allowed access.
## </summary>
## </param>
+## <rolecap/>
#
interface(`miscfiles_read_generic_certs',`
gen_require(`
@@ -111,6 +113,7 @@ interface(`miscfiles_manage_generic_cert_dirs',`
## Domain allowed access.
## </summary>
## </param>
+## <rolecap/>
#
interface(`miscfiles_manage_generic_cert_files',`
gen_require(`
More information about the scm-commits
mailing list