[selinux-policy: 1193/3172] a couple init renames

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 7 20:48:05 UTC 2010 

commit f7547934f40e100296df1c7d4d2439dc8191592e
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Mon Feb 6 15:40:41 2006 +0000

    a couple init renames

 refpolicy/policy/modules/admin/acct.te          |    2 +-
 refpolicy/policy/modules/services/cups.te       |    4 ++--
 refpolicy/policy/modules/services/ntp.te        |    2 +-
 refpolicy/policy/modules/services/postgresql.te |    2 +-
 refpolicy/policy/modules/system/init.if         |   23 +++--------------------
 refpolicy/policy/modules/system/ipsec.te        |    2 +-
 refpolicy/policy/modules/system/sysnetwork.te   |    4 ++--
 7 files changed, 11 insertions(+), 28 deletions(-)
---
diff --git a/refpolicy/policy/modules/admin/acct.te b/refpolicy/policy/modules/admin/acct.te
index fcc8283..f37f8b3 100644
--- a/refpolicy/policy/modules/admin/acct.te
+++ b/refpolicy/policy/modules/admin/acct.te
@@ -59,7 +59,7 @@ files_dontaudit_search_pids(acct_t)
 
 init_use_fd(acct_t)
 init_use_script_ptys(acct_t)
-init_exec_script(acct_t)
+init_exec_script_files(acct_t)
 
 libs_use_ld_so(acct_t)
 libs_use_shared_libs(acct_t)
diff --git a/refpolicy/policy/modules/services/cups.te b/refpolicy/policy/modules/services/cups.te
index 3d07598..9d7fc4a 100644
--- a/refpolicy/policy/modules/services/cups.te
+++ b/refpolicy/policy/modules/services/cups.te
@@ -172,7 +172,7 @@ files_read_world_readable_symlinks(cupsd_t)
 
 init_use_fd(cupsd_t)
 init_use_script_ptys(cupsd_t)
-init_exec_script(cupsd_t)
+init_exec_script_files(cupsd_t)
 
 libs_use_ld_so(cupsd_t)
 libs_use_shared_libs(cupsd_t)
@@ -566,7 +566,7 @@ userdom_dontaudit_use_unpriv_user_fd(cupsd_config_t)
 userdom_dontaudit_search_sysadm_home_dir(cupsd_config_t)
 
 ifdef(`distro_redhat',`
-	init_getattr_script_entry_file(cupsd_config_t)
+	init_getattr_script_files(cupsd_config_t)
 
 	optional_policy(`rpm',`
 		rpm_read_db(cupsd_config_t)
diff --git a/refpolicy/policy/modules/services/ntp.te b/refpolicy/policy/modules/services/ntp.te
index 0627cb0..4b8bcb3 100644
--- a/refpolicy/policy/modules/services/ntp.te
+++ b/refpolicy/policy/modules/services/ntp.te
@@ -99,7 +99,7 @@ files_read_etc_runtime_files(ntpd_t)
 files_read_usr_files(ntpd_t)
 files_list_var_lib(ntpd_t)
 
-init_exec_script(ntpd_t)
+init_exec_script_files(ntpd_t)
 init_use_fd(ntpd_t)
 init_use_script_ptys(ntpd_t)
 
diff --git a/refpolicy/policy/modules/services/postgresql.te b/refpolicy/policy/modules/services/postgresql.te
index c040b80..06769c8 100644
--- a/refpolicy/policy/modules/services/postgresql.te
+++ b/refpolicy/policy/modules/services/postgresql.te
@@ -198,7 +198,7 @@ allow userdomain postgresql_tmp_t:sock_file write;
 }
 ')
 ifdef(`distro_debian', `
-	init_exec_script(postgresql_t)
+	init_exec_script_files(postgresql_t)
 	# gross hack
 	postgresql_domtrans(dpkg_t)
 	can_exec(postgresql_t, dpkg_exec_t)
diff --git a/refpolicy/policy/modules/system/init.if b/refpolicy/policy/modules/system/init.if
index fa1654f..cd46605 100644
--- a/refpolicy/policy/modules/system/init.if
+++ b/refpolicy/policy/modules/system/init.if
@@ -392,7 +392,7 @@ interface(`init_write_script_pipes',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`init_getattr_script_entry_file',`
+interface(`init_getattr_script_files',`
 	gen_require(`
 		type initrc_exec_t;
 	')
@@ -402,27 +402,10 @@ interface(`init_getattr_script_entry_file',`
 ')
 
 ########################################
-## <summary>
-##	Read init scripts.
-## </summary>
-## <param name="domain">
-##	Domain allowed access.
-## </param>
-#
-interface(`init_read_script',`
-	gen_require(`
-		type initrc_exec_t;
-	')
-
-	files_list_etc($1)
-	allow $1 initrc_exec_t:file { getattr read };
-')
-
-########################################
 #
-# init_exec_script(domain)
+# init_exec_script_files(domain)
 #
-interface(`init_exec_script',`
+interface(`init_exec_script_files',`
 	gen_require(`
 		type initrc_exec_t;
 	')
diff --git a/refpolicy/policy/modules/system/ipsec.te b/refpolicy/policy/modules/system/ipsec.te
index 8838c20..e028185 100644
--- a/refpolicy/policy/modules/system/ipsec.te
+++ b/refpolicy/policy/modules/system/ipsec.te
@@ -240,7 +240,7 @@ files_dontaudit_getattr_default_dirs(ipsec_mgmt_t)
 files_dontaudit_getattr_default_files(ipsec_mgmt_t)
 
 init_use_script_ptys(ipsec_mgmt_t)
-init_exec_script(ipsec_mgmt_t)
+init_exec_script_files(ipsec_mgmt_t)
 init_use_fd(ipsec_mgmt_t)
 
 libs_use_ld_so(ipsec_mgmt_t)
diff --git a/refpolicy/policy/modules/system/sysnetwork.te b/refpolicy/policy/modules/system/sysnetwork.te
index addc4a0..0a97e5f 100644
--- a/refpolicy/policy/modules/system/sysnetwork.te
+++ b/refpolicy/policy/modules/system/sysnetwork.te
@@ -213,7 +213,7 @@ optional_policy(`nis',`
 	nis_delete_ypbind_pid(dhcpc_t)
 
 	# dhclient sometimes starts ypbind
-	init_exec_script(dhcpc_t)
+	init_exec_script_files(dhcpc_t)
 	nis_domtrans_ypbind(dhcpc_t)
 ')
 
@@ -224,7 +224,7 @@ optional_policy(`nscd',`
 
 optional_policy(`ntp',`
 	# dhclient sometimes starts ntpd
-	init_exec_script(dhcpc_t)
+	init_exec_script_files(dhcpc_t)
 	ntp_domtrans(dhcpc_t)
 ')

More information about the scm-commits mailing list