[selinux-policy: 1159/3172] from today's interface review meeting: s/kernel_use_unlabeled_blk_dev/kernel_rw_unlabeled_blk_dev/g
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 20:45:11 UTC 2010
commit 270d428a46f343005b9bf541e1748ef8e556d918
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Fri Jan 27 19:55:42 2006 +0000
from today's interface review meeting:
s/kernel_use_unlabeled_blk_dev/kernel_rw_unlabeled_blk_dev/g
s/kernel_userland_entry/kernel_domtrans_to/g
refpolicy/policy/modules/kernel/kernel.if | 4 ++--
refpolicy/policy/modules/system/fstools.te | 2 +-
refpolicy/policy/modules/system/hotplug.te | 2 +-
refpolicy/policy/modules/system/init.te | 2 +-
refpolicy/policy/modules/system/modutils.te | 2 +-
refpolicy/policy/modules/system/udev.te | 2 +-
6 files changed, 7 insertions(+), 7 deletions(-)
---
diff --git a/refpolicy/policy/modules/kernel/kernel.if b/refpolicy/policy/modules/kernel/kernel.if
index 8e6ca0b..323164a 100644
--- a/refpolicy/policy/modules/kernel/kernel.if
+++ b/refpolicy/policy/modules/kernel/kernel.if
@@ -18,7 +18,7 @@
## The executable type for the entrypoint.
## </param>
#
-interface(`kernel_userland_entry',`
+interface(`kernel_domtrans_to',`
gen_require(`
type kernel_t;
')
@@ -1562,7 +1562,7 @@ interface(`kernel_dontaudit_getattr_unlabeled_blk_dev',`
## Domain allowed access.
## </param>
#
-interface(`kernel_use_unlabeled_blk_dev',`
+interface(`kernel_rw_unlabeled_blk_dev',`
gen_require(`
type unlabeled_t;
')
diff --git a/refpolicy/policy/modules/system/fstools.te b/refpolicy/policy/modules/system/fstools.te
index d0a6683..8a5e37b 100644
--- a/refpolicy/policy/modules/system/fstools.te
+++ b/refpolicy/policy/modules/system/fstools.te
@@ -55,7 +55,7 @@ kernel_change_ring_buffer_level(fsadm_t)
kernel_getattr_proc(fsadm_t)
# Access to /initrd devices
kernel_rw_unlabeled_dir(fsadm_t)
-kernel_use_unlabeled_blk_dev(fsadm_t)
+kernel_rw_unlabeled_blk_dev(fsadm_t)
dev_getattr_all_chr_files(fsadm_t)
# mkreiserfs and other programs need this for UUID
diff --git a/refpolicy/policy/modules/system/hotplug.te b/refpolicy/policy/modules/system/hotplug.te
index d767b9e..4ae405c 100644
--- a/refpolicy/policy/modules/system/hotplug.te
+++ b/refpolicy/policy/modules/system/hotplug.te
@@ -8,7 +8,7 @@ policy_module(hotplug,1.1.0)
type hotplug_t;
type hotplug_exec_t;
-kernel_userland_entry(hotplug_t,hotplug_exec_t)
+kernel_domtrans_to(hotplug_t,hotplug_exec_t)
init_daemon_domain(hotplug_t,hotplug_exec_t)
type hotplug_etc_t;
diff --git a/refpolicy/policy/modules/system/init.te b/refpolicy/policy/modules/system/init.te
index ca9b82b..91fa300 100644
--- a/refpolicy/policy/modules/system/init.te
+++ b/refpolicy/policy/modules/system/init.te
@@ -35,7 +35,7 @@ role system_r types init_t;
gen_require(`
type init_exec_t;
')
-kernel_userland_entry(init_t,init_exec_t)
+kernel_domtrans_to(init_t,init_exec_t)
domain_entry_file(init_t,init_exec_t)
#
diff --git a/refpolicy/policy/modules/system/modutils.te b/refpolicy/policy/modules/system/modutils.te
index d840f88..ce7a596 100644
--- a/refpolicy/policy/modules/system/modutils.te
+++ b/refpolicy/policy/modules/system/modutils.te
@@ -114,7 +114,7 @@ logging_search_logs(insmod_t)
miscfiles_read_localization(insmod_t)
if( ! secure_mode_insmod ) {
- kernel_userland_entry(insmod_t,insmod_exec_t)
+ kernel_domtrans_to(insmod_t,insmod_exec_t)
}
ifdef(`hide_broken_symptoms',`
diff --git a/refpolicy/policy/modules/system/udev.te b/refpolicy/policy/modules/system/udev.te
index 7089cdb..6812ad1 100644
--- a/refpolicy/policy/modules/system/udev.te
+++ b/refpolicy/policy/modules/system/udev.te
@@ -14,7 +14,7 @@ gen_require(`
type udev_t;
type udev_helper_exec_t;
-kernel_userland_entry(udev_t,udev_exec_t)
+kernel_domtrans_to(udev_t,udev_exec_t)
domain_obj_id_change_exempt(udev_t)
domain_entry_file(udev_t,udev_helper_exec_t)
domain_wide_inherit_fd(udev_t)
More information about the scm-commits
mailing list