[selinux-policy] Add gssproxy policy

Fri May 31 21:24:50 UTC 2013

commit 88eb5b40ad72b7d0cd7a979e3d192039889d3302
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Fri May 31 17:24:35 2013 -0400

    Add gssproxy policy

 modules-mls-contrib.conf      |    7 ++++++
 modules-targeted-contrib.conf |    7 ++++++
 permissivedomains.te          |   47 ++--------------------------------------
 3 files changed, 17 insertions(+), 44 deletions(-)
---

diff --git a/modules-mls-contrib.conf b/modules-mls-contrib.conf
index 1784416..641813a 100644
--- a/modules-mls-contrib.conf
+++ b/modules-mls-contrib.conf
@@ -572,6 +572,13 @@ gpm = module
 # 
 gpsd = module
 
+# Module: gssproxy
+#
+#  A proxy for GSSAPI credential handling
+#
+# 
+gssproxy = module
+
 # Layer: role
 # Module: guest
 #
diff --git a/modules-targeted-contrib.conf b/modules-targeted-contrib.conf
index e88980a..a0ed9aa 100644
--- a/modules-targeted-contrib.conf
+++ b/modules-targeted-contrib.conf
@@ -741,6 +741,13 @@ gpm = module
 # 
 gpsd = module
 
+# Module: gssproxy
+#
+#  A proxy for GSSAPI credential handling
+#
+# 
+gssproxy = module
+
 # Layer: role
 # Module: guest
 #
diff --git a/permissivedomains.te b/permissivedomains.te
index 925fc39..e44d83e 100644
--- a/permissivedomains.te
+++ b/permissivedomains.te
@@ -1,50 +1,9 @@
-policy_module(permissivedomains,19)
+policy_module(permissivedomains,20)
 
 optional_policy(`
     gen_require(`
-                type systemd_localed_t;
+                type gssproxy_t;
         ')
 
-        permissive systemd_localed_t;
+        permissive gssproxy_t;
 ')
-
-optional_policy(`
-    gen_require(`
-                type httpd_mythtv_script_t;
-        ')
-
-        permissive httpd_mythtv_script_t;
-')
-
-optional_policy(`
-    gen_require(`
-                type systemd_hostnamed_t;
-        ')
-
-	permissive systemd_hostnamed_t;
-')
-
-optional_policy(`
-    gen_require(`
-                type systemd_sysctl_t;
-        ')
-
-        permissive systemd_sysctl_t;
-')
-
-optional_policy(`
-    gen_require(`
-                type openshift_cron_t;
-        ')
-
-        permissive openshift_cron_t;
-')
-
-optional_policy(`
-    gen_require(`
-                type swift_t;
-        ')
-
-        permissive swift_t;
-')
-
