[selinux-policy: 3062/3172] Replace type and attributes statements by comma delimiters where possible.

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 7 23:32:26 UTC 2010 

commit 2528a2d701d35e8d074a720dc45142c3dcf958e8
Author: Dominick Grift <domg472 at gmail.com>
Date:   Mon Sep 20 19:44:58 2010 +0200

    Replace type and attributes statements by comma delimiters where possible.
    
    Replace type and attributes statements by comma delimiters where possible.
    
    Replace type and attributes statements by comma delimiters where possible.
    
    Replace type and attributes statements by comma delimiters where possible.
    
    Replace type and attributes statements by comma delimiters where possible.
    
    Replace type and attributes statements by comma delimiters where possible.
    
    Replace type and attributes statements by comma delimiters where possible.
    
    Replace type and attributes statements by comma delimiters where possible.
    
    Replace type and attributes statements by comma delimiters where possible.
    
    Replace type and attributes statements by comma delimiters where possible.
    
    Replace type and attributes statements by comma delimiters where possible.
    
    Replace type and attributes statements by comma delimiters where possible.
    
    Replace type and attributes statements by comma delimiters where possible.
    
    Replace type and attributes statements by comma delimiters where possible.

 policy/modules/services/postfixpolicyd.if |    3 +--
 policy/modules/services/postgresql.if     |   11 ++++-------
 policy/modules/services/postgrey.if       |    3 +--
 policy/modules/services/ppp.if            |    6 ++----
 policy/modules/services/prelude.if        |   11 ++++-------
 policy/modules/services/privoxy.if        |    3 +--
 policy/modules/services/psad.if           |    4 ++--
 policy/modules/services/pyzor.if          |    3 +--
 policy/modules/services/qpidd.if          |    6 +-----
 policy/modules/services/radvd.if          |    4 ++--
 policy/modules/services/rhcs.if           |   10 +++-------
 policy/modules/services/samba.if          |    5 ++---
 policy/modules/services/setroubleshoot.if |    4 ++--
 policy/modules/services/snmp.if           |    3 +--
 policy/modules/services/soundserver.if    |    3 +--
 policy/modules/services/xserver.if        |    7 +++----
 policy/modules/services/zebra.if          |    3 +--
 17 files changed, 32 insertions(+), 57 deletions(-)
---
diff --git a/policy/modules/services/postfixpolicyd.if b/policy/modules/services/postfixpolicyd.if
index feae93b..d960d3f 100644
--- a/policy/modules/services/postfixpolicyd.if
+++ b/policy/modules/services/postfixpolicyd.if
@@ -20,8 +20,7 @@
 interface(`postfixpolicyd_admin',`
 	gen_require(`
 		type postfix_policyd_t, postfix_policyd_conf_t;
-		type postfix_policyd_var_run_t;
-		type postfix_policyd_initrc_exec_t;	
+		type postfix_policyd_var_run_t, postfix_policyd_initrc_exec_t;
 	')
 
 	allow $1 postfix_policyd_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/postgresql.if b/policy/modules/services/postgresql.if
index ac2d3e7..d78db2c 100644
--- a/policy/modules/services/postgresql.if
+++ b/policy/modules/services/postgresql.if
@@ -417,13 +417,10 @@ interface(`postgresql_unconfined',`
 #
 interface(`postgresql_admin',`
 	gen_require(`
-		attribute sepgsql_admin_type;
-		attribute sepgsql_client_type;
-
-		type postgresql_t, postgresql_var_run_t;
-		type postgresql_tmp_t, postgresql_db_t;
-		type postgresql_etc_t, postgresql_log_t;
-		type postgresql_initrc_exec_t;
+		attribute sepgsql_admin_type, sepgsql_client_type;
+		type postgresql_t, postgresql_var_run_t, postgresql_initrc_exec_t;
+		type postgresql_tmp_t, postgresql_db_t, postgresql_log_t;
+		type postgresql_etc_t;
 	')
 
 	typeattribute $1 sepgsql_admin_type;
diff --git a/policy/modules/services/postgrey.if b/policy/modules/services/postgrey.if
index ad15fde..70f9768 100644
--- a/policy/modules/services/postgrey.if
+++ b/policy/modules/services/postgrey.if
@@ -57,9 +57,8 @@ interface(`postgrey_search_spool',`
 #
 interface(`postgrey_admin',`
 	gen_require(`
-		type postgrey_t, postgrey_etc_t;
+		type postgrey_t, postgrey_etc_t, postgrey_initrc_exec_t;
 		type postgrey_var_lib_t, postgrey_var_run_t;
-		type postgrey_initrc_exec_t;
 	')
 
 	allow $1 postgrey_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/ppp.if b/policy/modules/services/ppp.if
index f916c76..f66b8f2 100644
--- a/policy/modules/services/ppp.if
+++ b/policy/modules/services/ppp.if
@@ -353,11 +353,9 @@ interface(`ppp_initrc_domtrans',`
 interface(`ppp_admin',`
 	gen_require(`
 		type pppd_t, pppd_tmp_t, pppd_log_t, pppd_lock_t;
-		type pppd_etc_t, pppd_secret_t;
-		type pppd_etc_rw_t, pppd_var_run_t;
-
+		type pppd_etc_t, pppd_secret_t, pppd_var_run_t;
 		type pptp_t, pptp_log_t, pptp_var_run_t;
- 		type pppd_initrc_exec_t;
+ 		type pppd_initrc_exec_t, pppd_etc_rw_t;
 	')
 
 	allow $1 pppd_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/prelude.if b/policy/modules/services/prelude.if
index 1bf96b0..9638805 100644
--- a/policy/modules/services/prelude.if
+++ b/policy/modules/services/prelude.if
@@ -112,13 +112,10 @@ interface(`prelude_manage_spool',`
 #
 interface(`prelude_admin',`
 	gen_require(`
-		type prelude_t, prelude_spool_t;
-		type prelude_var_run_t, prelude_var_lib_t;
-		type prelude_audisp_t, prelude_audisp_var_run_t;
-		type prelude_initrc_exec_t;
-
-		type prelude_lml_t, prelude_lml_tmp_t;
-		type prelude_lml_var_run_t;
+		type prelude_t, prelude_spool_t, prelude_initrc_exec_t;
+		type prelude_var_run_t, prelude_var_lib_t, prelude_lml_var_run_t;
+		type prelude_audisp_t, prelude_audisp_var_run_t, prelude_lml_tmp_t;
+		type prelude_lml_t;
 	')
 
 	allow $1 prelude_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/privoxy.if b/policy/modules/services/privoxy.if
index c8f6cb5..7221526 100644
--- a/policy/modules/services/privoxy.if
+++ b/policy/modules/services/privoxy.if
@@ -19,9 +19,8 @@
 #
 interface(`privoxy_admin',`
 	gen_require(`
-		type privoxy_t, privoxy_log_t;
+		type privoxy_t, privoxy_log_t, privoxy_initrc_exec_t;
 		type privoxy_etc_rw_t, privoxy_var_run_t;
-		type privoxy_initrc_exec_t;
 	')
 
 	allow $1 privoxy_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/psad.if b/policy/modules/services/psad.if
index 96440db..3fc5163 100644
--- a/policy/modules/services/psad.if
+++ b/policy/modules/services/psad.if
@@ -253,8 +253,8 @@ interface(`psad_rw_tmp_files',`
 interface(`psad_admin',`
 	gen_require(`
 		type psad_t, psad_var_run_t, psad_var_log_t;
-		type psad_initrc_exec_t, psad_var_lib_t;
-		type psad_tmp_t, psad_etc_t;
+		type psad_initrc_exec_t, psad_var_lib_t, psad_etc_t;
+		type psad_tmp_t;
 	')
 
 	allow $1 psad_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/pyzor.if b/policy/modules/services/pyzor.if
index 6443f30..748e7d3 100644
--- a/policy/modules/services/pyzor.if
+++ b/policy/modules/services/pyzor.if
@@ -109,8 +109,7 @@ interface(`pyzor_exec',`
 interface(`pyzor_admin',`
 	gen_require(`
 		type pyzord_t, pyzor_tmp_t, pyzord_log_t;
-		type pyzor_etc_t, pyzor_var_lib_t;
-		type pyzord_initrc_exec_t;
+		type pyzor_etc_t, pyzor_var_lib_t, pyzord_initrc_exec_t;
 	')
 
 	allow $1 pyzord_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/qpidd.if b/policy/modules/services/qpidd.if
index 5dbca44..f97e16c 100644
--- a/policy/modules/services/qpidd.if
+++ b/policy/modules/services/qpidd.if
@@ -176,17 +176,13 @@ interface(`qpidd_manage_var_lib',`
 #
 interface(`qpidd_admin',`
 	gen_require(`
-		type qpidd_t;
+		type qpidd_t, qpidd_initrc_exec_t;
 	')
 
 	allow $1 qpidd_t:process { ptrace signal_perms };
 	ps_process_pattern($1, qpidd_t)
 	        
 
-	gen_require(`
-		type qpidd_initrc_exec_t;
-	')
-
 	# Allow qpidd_t to restart the apache service
 	qpidd_initrc_domtrans($1)
 	domain_system_change_exemption($1)
diff --git a/policy/modules/services/radvd.if b/policy/modules/services/radvd.if
index be05bff..2bd662a 100644
--- a/policy/modules/services/radvd.if
+++ b/policy/modules/services/radvd.if
@@ -19,8 +19,8 @@
 #
 interface(`radvd_admin',`
 	gen_require(`
-		type radvd_t, radvd_etc_t;
-		type radvd_var_run_t, radvd_initrc_exec_t;
+		type radvd_t, radvd_etc_t, radvd_initrc_exec_t;
+		type radvd_var_run_t;
 	')
 
 	allow $1 radvd_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/rhcs.if b/policy/modules/services/rhcs.if
index d8b97c2..30c9aff 100644
--- a/policy/modules/services/rhcs.if
+++ b/policy/modules/services/rhcs.if
@@ -13,9 +13,7 @@
 #
 template(`rhcs_domain_template',`
 	gen_require(`
-		attribute cluster_domain;
-		attribute cluster_tmpfs;
-		attribute cluster_pid;
+		attribute cluster_domain, cluster_tmpfs, cluster_pid;
 	')
 
 	##############################
@@ -349,8 +347,7 @@ interface(`rhcs_rw_groupd_shm',`
 #
 interface(`rhcs_rw_cluster_shm',`
 	gen_require(`
-		attribute cluster_domain;
-		attribute cluster_tmpfs;
+		attribute cluster_domain, cluster_tmpfs;
 	')
 
 	allow $1 cluster_domain:shm { rw_shm_perms destroy };
@@ -390,8 +387,7 @@ interface(`rhcs_rw_cluster_semaphores',`
 #
 interface(`rhcs_stream_connect_cluster',`
     gen_require(`
-        attribute cluster_domain;
-        attribute cluster_pid;
+        attribute cluster_domain, cluster_pid;
     ')
 
     files_search_pids($1)
diff --git a/policy/modules/services/samba.if b/policy/modules/services/samba.if
index 84732e5..aace276 100644
--- a/policy/modules/services/samba.if
+++ b/policy/modules/services/samba.if
@@ -761,9 +761,8 @@ interface(`samba_admin',`
 		type smbd_t, smbd_tmp_t, samba_secrets_t;
 		type samba_initrc_exec_t, samba_log_t, samba_var_t;
 		type samba_etc_t, samba_share_t, winbind_log_t;
-		type swat_var_run_t, swat_tmp_t;
-		type winbind_var_run_t, winbind_tmp_t;
-		type samba_unconfined_script_t, samba_unconfined_script_exec_t;
+		type swat_var_run_t, swat_tmp_t, samba_unconfined_script_exec_t;
+		type winbind_var_run_t, winbind_tmp_t, samba_unconfined_script_t;
 	')
 
 	allow $1 smbd_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/setroubleshoot.if b/policy/modules/services/setroubleshoot.if
index a7fbedc..d9f5dbc 100644
--- a/policy/modules/services/setroubleshoot.if
+++ b/policy/modules/services/setroubleshoot.if
@@ -136,8 +136,8 @@ interface(`setroubleshoot_fixit_dontaudit_leaks',`
 #
 interface(`setroubleshoot_admin',`
 	gen_require(`
-		type setroubleshootd_t, setroubleshoot_var_log_t;
-		type setroubleshoot_var_lib_t, setroubleshoot_var_run_t;
+		type setroubleshootd_t, setroubleshoot_var_log_t, setroubleshoot_var_run_t;
+		type setroubleshoot_var_lib_t;
 	')
 
 	allow $1 setroubleshootd_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/snmp.if b/policy/modules/services/snmp.if
index 6aa68d8..bfdf197 100644
--- a/policy/modules/services/snmp.if
+++ b/policy/modules/services/snmp.if
@@ -125,9 +125,8 @@ interface(`snmp_dontaudit_write_snmp_var_lib_files',`
 #
 interface(`snmp_admin',`
 	gen_require(`
-		type snmpd_t, snmpd_log_t;
+		type snmpd_t, snmpd_log_t, snmpd_initrc_exec_t;
 		type snmpd_var_lib_t, snmpd_var_run_t;
-		type snmpd_initrc_exec_t;
 	')
 
 	allow $1 snmpd_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/soundserver.if b/policy/modules/services/soundserver.if
index 93fe7bf..4a15633 100644
--- a/policy/modules/services/soundserver.if
+++ b/policy/modules/services/soundserver.if
@@ -33,9 +33,8 @@ interface(`soundserver_tcp_connect',`
 #
 interface(`soundserver_admin',`
 	gen_require(`
-		type soundd_t, soundd_etc_t;
+		type soundd_t, soundd_etc_t, soundd_initrc_exec_t;
 		type soundd_tmp_t, soundd_var_run_t;
-		type soundd_initrc_exec_t;
 	')
 
 	allow $1 soundd_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/xserver.if b/policy/modules/services/xserver.if
index f34a53f..88b6040 100644
--- a/policy/modules/services/xserver.if
+++ b/policy/modules/services/xserver.if
@@ -358,7 +358,7 @@ interface(`xserver_user_client',`
 #
 template(`xserver_common_x_domain_template',`
 	gen_require(`
-		type root_xdrawable_t;
+		type root_xdrawable_t, xdm_t, xserver_t;
 		type xproperty_t, $1_xproperty_t;
 		type xevent_t, client_xevent_t;
 		type input_xevent_t, $1_input_xevent_t;
@@ -375,7 +375,6 @@ template(`xserver_common_x_domain_template',`
 		class x_screen { saver_setattr saver_hide saver_show };
 		class x_pointer { get_property set_property manage };
 		class x_keyboard { read manage };
-		type xdm_t, xserver_t;
 	')
 
 	##############################
@@ -474,8 +473,8 @@ template(`xserver_object_types_template',`
 #
 template(`xserver_user_x_domain_template',`
 	gen_require(`
-		type xdm_t, xdm_tmp_t;
-		type xauth_home_t, iceauth_home_t, xserver_t, xserver_tmpfs_t;
+		type xdm_t, xdm_tmp_t, xserver_tmpfs_t;
+		type xauth_home_t, iceauth_home_t, xserver_t;
 	')
 
 	allow $2 self:shm create_shm_perms;
diff --git a/policy/modules/services/zebra.if b/policy/modules/services/zebra.if
index 5860687..347f754 100644
--- a/policy/modules/services/zebra.if
+++ b/policy/modules/services/zebra.if
@@ -61,8 +61,7 @@ interface(`zebra_stream_connect',`
 interface(`zebra_admin',`
 	gen_require(`
 		type zebra_t, zebra_tmp_t, zebra_log_t;
-		type zebra_conf_t, zebra_var_run_t;
-		type zebra_initrc_exec_t;
+		type zebra_conf_t, zebra_var_run_t, zebra_initrc_exec_t;
 	')
 
 	allow $1 zebra_t:process { ptrace signal_perms };

More information about the scm-commits mailing list