[selinux-policy: 1547/3172] patch to fix escaping of . in file contexts from james athey

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 7 21:18:56 UTC 2010 

commit 19ebf01d6ab7fa4e39b61e8a902b66e21ffc7e86
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Mon Jul 24 15:43:57 2006 +0000

    patch to fix escaping of . in file contexts from james athey

 policy/modules/admin/logwatch.fc          |    2 +-
 policy/modules/admin/portage.fc           |    8 +-
 policy/modules/apps/userhelper.fc         |    2 +-
 policy/modules/apps/yam.fc                |    2 +-
 policy/modules/kernel/corecommands.fc     |    8 +-
 policy/modules/services/apache.fc         |    2 +-
 policy/modules/services/bind.fc           |    2 +-
 policy/modules/services/clamav.fc         |    2 +-
 policy/modules/services/cpucontrol.fc     |    2 +-
 policy/modules/services/cups.fc           |    2 +-
 policy/modules/services/dante.fc          |    2 +-
 policy/modules/services/dovecot.fc        |    4 +-
 policy/modules/services/kerberos.fc       |    2 +-
 policy/modules/services/ktalk.fc          |    2 +-
 policy/modules/services/mta.fc            |    4 +-
 policy/modules/services/networkmanager.fc |    2 +-
 policy/modules/services/nis.fc            |    4 +-
 policy/modules/services/ntop.fc           |    2 +-
 policy/modules/services/openca.fc         |    2 +-
 policy/modules/services/pegasus.fc        |    2 +-
 policy/modules/services/portmap.fc        |    2 +-
 policy/modules/services/postgresql.fc     |    2 +-
 policy/modules/services/pyzor.fc          |    2 +-
 policy/modules/services/razor.fc          |    2 +-
 policy/modules/services/rpc.fc            |    2 +-
 policy/modules/services/xserver.fc        |    4 +-
 policy/modules/system/hotplug.fc          |    2 +-
 policy/modules/system/libraries.fc        |  108 ++++++++++++++--------------
 policy/modules/system/logging.fc          |    2 +-
 policy/modules/system/selinuxutil.fc      |    6 +-
 policy/modules/system/unconfined.fc       |    4 +-
 31 files changed, 97 insertions(+), 97 deletions(-)
---
diff --git a/policy/modules/admin/logwatch.fc b/policy/modules/admin/logwatch.fc
index 67ff2c1..53fba32 100644
--- a/policy/modules/admin/logwatch.fc
+++ b/policy/modules/admin/logwatch.fc
@@ -1,4 +1,4 @@
 
-/usr/share/logwatch/scripts/logwatch.pl	--	gen_context(system_u:object_r:logwatch_exec_t, s0)
+/usr/share/logwatch/scripts/logwatch\.pl	--	gen_context(system_u:object_r:logwatch_exec_t, s0)
 
 /var/cache/logwatch(/.*)?			gen_context(system_u:object_r:logwatch_cache_t, s0)
diff --git a/policy/modules/admin/portage.fc b/policy/modules/admin/portage.fc
index 76d3408..a44f7ce 100644
--- a/policy/modules/admin/portage.fc
+++ b/policy/modules/admin/portage.fc
@@ -1,5 +1,5 @@
-/etc/make.conf			--	gen_context(system_u:object_r:portage_conf_t,s0)
-/etc/make.globals		--	gen_context(system_u:object_r:portage_conf_t,s0)
+/etc/make\.conf			--	gen_context(system_u:object_r:portage_conf_t,s0)
+/etc/make\.globals		--	gen_context(system_u:object_r:portage_conf_t,s0)
 /etc/portage(/.*)?			gen_context(system_u:object_r:portage_conf_t,s0)
 
 /usr/bin/gcc-config		--	gen_context(system_u:object_r:gcc_config_exec_t,s0)
@@ -8,7 +8,7 @@
 /usr/lib(64)?/portage/bin/ebuild --	gen_context(system_u:object_r:portage_exec_t,s0)
 /usr/lib(64)?/portage/bin/emerge --	gen_context(system_u:object_r:portage_exec_t,s0)
 /usr/lib(64)?/portage/bin/quickpkg --	gen_context(system_u:object_r:portage_exec_t,s0)
-/usr/lib(64)?/portage/bin/ebuild.sh --	gen_context(system_u:object_r:portage_exec_t,s0)
+/usr/lib(64)?/portage/bin/ebuild\.sh --	gen_context(system_u:object_r:portage_exec_t,s0)
 /usr/lib(64)?/portage/bin/regenworld --	gen_context(system_u:object_r:portage_exec_t,s0)
 /usr/lib(64)?/portage/bin/sandbox --	gen_context(system_u:object_r:portage_exec_t,s0)
 
@@ -16,7 +16,7 @@
 
 /var/db/pkg(/.*)?			gen_context(system_u:object_r:portage_db_t,s0)
 /var/cache/edb(/.*)?			gen_context(system_u:object_r:portage_cache_t,s0)
-/var/log/emerge.log.*		--	gen_context(system_u:object_r:portage_log_t,s0)
+/var/log/emerge\.log.*		--	gen_context(system_u:object_r:portage_log_t,s0)
 /var/lib/portage(/.*)?			gen_context(system_u:object_r:portage_cache_t,s0)
 /var/tmp/portage(/.*)?			gen_context(system_u:object_r:portage_tmp_t,s0)
 /var/tmp/portage-pkg(/.*)?		gen_context(system_u:object_r:portage_tmp_t,s0)
diff --git a/policy/modules/apps/userhelper.fc b/policy/modules/apps/userhelper.fc
index 0cd9dc4..e70b0e8 100644
--- a/policy/modules/apps/userhelper.fc
+++ b/policy/modules/apps/userhelper.fc
@@ -1,7 +1,7 @@
 #
 # /etc
 #
-/etc/security/console.apps(/.*)?		gen_context(system_u:object_r:userhelper_conf_t,s0)
+/etc/security/console\.apps(/.*)?		gen_context(system_u:object_r:userhelper_conf_t,s0)
 
 #
 # /usr
diff --git a/policy/modules/apps/yam.fc b/policy/modules/apps/yam.fc
index 2875fb6..4ec6ede 100644
--- a/policy/modules/apps/yam.fc
+++ b/policy/modules/apps/yam.fc
@@ -1,4 +1,4 @@
-/etc/yam.conf		--	gen_context(system_u:object_r:yam_etc_t,s0)
+/etc/yam\.conf		--	gen_context(system_u:object_r:yam_etc_t,s0)
 
 /usr/bin/yam		--	gen_context(system_u:object_r:yam_exec_t,s0)
 
diff --git a/policy/modules/kernel/corecommands.fc b/policy/modules/kernel/corecommands.fc
index e1308e2..8745c6f 100644
--- a/policy/modules/kernel/corecommands.fc
+++ b/policy/modules/kernel/corecommands.fc
@@ -81,8 +81,8 @@ ifdef(`targeted_policy',`
 ifdef(`distro_gentoo',`
 /lib/rcscripts/addons(/.*)?		gen_context(system_u:object_r:bin_t,s0)
 /lib/rcscripts/sh(/.*)?			gen_context(system_u:object_r:bin_t,s0)
-/lib/rcscripts/net.modules.d/helpers.d/dhclient-.* -- gen_context(system_u:object_r:bin_t,s0)
-/lib/rcscripts/net.modules.d/helpers.d/udhcpc-.* -- gen_context(system_u:object_r:bin_t,s0)
+/lib/rcscripts/net\.modules\.d/helpers\.d/dhclient-.* -- gen_context(system_u:object_r:bin_t,s0)
+/lib/rcscripts/net\.modules\.d/helpers\.d/udhcpc-.* -- gen_context(system_u:object_r:bin_t,s0)
 ')
 
 #
@@ -103,7 +103,7 @@ ifdef(`distro_gentoo',`
 /opt/(.*/)?sbin(/.*)?			gen_context(system_u:object_r:sbin_t,s0)
 
 ifdef(`distro_gentoo',`
-/opt/vmware/workstation/lib/lib/wrapper-gtk24.sh -- gen_context(system_u:object_r:bin_t,s0)
+/opt/vmware/workstation/lib/lib/wrapper-gtk24\.sh -- gen_context(system_u:object_r:bin_t,s0)
 ')
 
 #
@@ -194,7 +194,7 @@ ifdef(`distro_redhat', `
 /usr/share/system-config-httpd/system-config-httpd -- gen_context(system_u:object_r:bin_t,s0)
 /usr/share/system-config-keyboard/system-config-keyboard -- gen_context(system_u:object_r:bin_t,s0)
 /usr/share/system-config-language/system-config-language -- gen_context(system_u:object_r:bin_t,s0)
-/usr/share/system-config-lvm/system-config-lvm.py -- gen_context(system_u:object_r:bin_t,s0)
+/usr/share/system-config-lvm/system-config-lvm\.py -- gen_context(system_u:object_r:bin_t,s0)
 /usr/share/system-config-mouse/system-config-mouse -- gen_context(system_u:object_r:bin_t,s0)
 /usr/share/system-config-netboot/system-config-netboot\.py -- gen_context(system_u:object_r:bin_t,s0)
 /usr/share/system-config-netboot/pxeos\.py -- gen_context(system_u:object_r:bin_t,s0)
diff --git a/policy/modules/services/apache.fc b/policy/modules/services/apache.fc
index f6277c5..3f81db7 100644
--- a/policy/modules/services/apache.fc
+++ b/policy/modules/services/apache.fc
@@ -21,7 +21,7 @@ HOME_DIR/((www)|(web)|(public_html))(/.+)? gen_context(system_u:object_r:httpd_R
 
 /usr/lib/apache-ssl/.+		--	gen_context(system_u:object_r:httpd_exec_t,s0)
 /usr/lib/cgi-bin(/.*)?			gen_context(system_u:object_r:httpd_sys_script_exec_t,s0)
-/usr/lib/squid/cachemgr.cgi	--	gen_context(system_u:object_r:httpd_exec_t,s0)
+/usr/lib/squid/cachemgr\.cgi	--	gen_context(system_u:object_r:httpd_exec_t,s0)
 /usr/lib(64)?/apache(/.*)?		gen_context(system_u:object_r:httpd_modules_t,s0)
 /usr/lib(64)?/apache2/modules(/.*)?	gen_context(system_u:object_r:httpd_modules_t,s0)
 /usr/lib(64)?/apache(2)?/suexec(2)? --	gen_context(system_u:object_r:httpd_suexec_exec_t,s0)
diff --git a/policy/modules/services/bind.fc b/policy/modules/services/bind.fc
index 3a1ba68..b63564d 100644
--- a/policy/modules/services/bind.fc
+++ b/policy/modules/services/bind.fc
@@ -36,7 +36,7 @@ ifdef(`distro_redhat',`
 /var/named/named\.ca	--	gen_context(system_u:object_r:named_conf_t,s0)
 /var/named/chroot(/.*)?		gen_context(system_u:object_r:named_conf_t,s0)
 /var/named/chroot/etc(/.*)? 	gen_context(system_u:object_r:named_conf_t,s0)
-/var/named/chroot/etc/rndc.key -- gen_context(system_u:object_r:dnssec_t,s0)
+/var/named/chroot/etc/rndc\.key -- gen_context(system_u:object_r:dnssec_t,s0)
 /var/named/chroot/var/run/named.* gen_context(system_u:object_r:named_var_run_t,s0)
 /var/named/chroot/var/tmp(/.*)? gen_context(system_u:object_r:named_cache_t,s0)
 /var/named/chroot/var/named(/.*)? gen_context(system_u:object_r:named_zone_t,s0)
diff --git a/policy/modules/services/clamav.fc b/policy/modules/services/clamav.fc
index 4640ac6..874f1e5 100644
--- a/policy/modules/services/clamav.fc
+++ b/policy/modules/services/clamav.fc
@@ -8,7 +8,7 @@
 /usr/sbin/clamd			--	gen_context(system_u:object_r:clamd_exec_t,s0)
 
 /var/run/clamav(/.*)?			gen_context(system_u:object_r:clamd_var_run_t,s0)
-/var/run/clamav/clamd.ctl	-s	gen_context(system_u:object_r:clamd_sock_t,s0)
+/var/run/clamav/clamd\.ctl	-s	gen_context(system_u:object_r:clamd_sock_t,s0)
 /var/lib/clamav(/.*)?			gen_context(system_u:object_r:clamd_var_lib_t,s0)
 /var/log/clamav			-d	gen_context(system_u:object_r:clamd_var_log_t,s0)
 /var/log/clamav/clamav.*	--	gen_context(system_u:object_r:clamd_var_log_t,s0)
diff --git a/policy/modules/services/cpucontrol.fc b/policy/modules/services/cpucontrol.fc
index 6905f77..789c8c7 100644
--- a/policy/modules/services/cpucontrol.fc
+++ b/policy/modules/services/cpucontrol.fc
@@ -7,4 +7,4 @@
 /usr/sbin/cpuspeed	--	gen_context(system_u:object_r:cpuspeed_exec_t,s0)
 /usr/sbin/powernowd	--	gen_context(system_u:object_r:cpuspeed_exec_t,s0)
 
-/var/run/cpufreqd.pid	--	gen_context(system_u:object_r:cpuspeed_var_run_t,s0)
+/var/run/cpufreqd\.pid	--	gen_context(system_u:object_r:cpuspeed_var_run_t,s0)
diff --git a/policy/modules/services/cups.fc b/policy/modules/services/cups.fc
index 44831b1..2f030f0 100644
--- a/policy/modules/services/cups.fc
+++ b/policy/modules/services/cups.fc
@@ -33,7 +33,7 @@
 
 /usr/share/cups(/.*)?		gen_context(system_u:object_r:cupsd_etc_t,s0)
 /usr/share/foomatic/db/oldprinterids --	gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
-/usr/share/hplip/hpssd.py --	gen_context(system_u:object_r:hplip_exec_t,s0)
+/usr/share/hplip/hpssd\.py --	gen_context(system_u:object_r:hplip_exec_t,s0)
 
 /var/cache/alchemist/printconf.* gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
 /var/cache/foomatic(/.*)? 	gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
diff --git a/policy/modules/services/dante.fc b/policy/modules/services/dante.fc
index 5071bae..139171d 100644
--- a/policy/modules/services/dante.fc
+++ b/policy/modules/services/dante.fc
@@ -3,4 +3,4 @@
 
 /usr/sbin/sockd		--	gen_context(system_u:object_r:dante_exec_t,s0)
 
-/var/run/sockd.pid	--	gen_context(system_u:object_r:dante_var_run_t,s0)
+/var/run/sockd\.pid	--	gen_context(system_u:object_r:dante_var_run_t,s0)
diff --git a/policy/modules/services/dovecot.fc b/policy/modules/services/dovecot.fc
index 0b5a513..a6a0023 100644
--- a/policy/modules/services/dovecot.fc
+++ b/policy/modules/services/dovecot.fc
@@ -2,8 +2,8 @@
 #
 # /etc
 #
-/etc/dovecot.conf.*			gen_context(system_u:object_r:dovecot_etc_t,s0)
-/etc/dovecot.passwd.*			gen_context(system_u:object_r:dovecot_passwd_t,s0)
+/etc/dovecot\.conf.*			gen_context(system_u:object_r:dovecot_etc_t,s0)
+/etc/dovecot\.passwd.*			gen_context(system_u:object_r:dovecot_passwd_t,s0)
 
 /etc/pki/dovecot(/.*)?			gen_context(system_u:object_r:dovecot_cert_t,s0)
 
diff --git a/policy/modules/services/kerberos.fc b/policy/modules/services/kerberos.fc
index 1990ad0..10b302e 100644
--- a/policy/modules/services/kerberos.fc
+++ b/policy/modules/services/kerberos.fc
@@ -2,7 +2,7 @@
 /etc/krb5\.keytab			gen_context(system_u:object_r:krb5_keytab_t,s0)
 
 /etc/krb5kdc(/.*)?			gen_context(system_u:object_r:krb5kdc_conf_t,s0)
-/etc/krb5kdc/kadm5.keytab 	--	gen_context(system_u:object_r:krb5_keytab_t,s0)
+/etc/krb5kdc/kadm5\.keytab 	--	gen_context(system_u:object_r:krb5_keytab_t,s0)
 /etc/krb5kdc/principal.*		gen_context(system_u:object_r:krb5kdc_principal_t,s0)
 
 /usr/(local/)?(kerberos/)?sbin/krb5kdc -- gen_context(system_u:object_r:krb5kdc_exec_t,s0)
diff --git a/policy/modules/services/ktalk.fc b/policy/modules/services/ktalk.fc
index 6b30e26..379e4e8 100644
--- a/policy/modules/services/ktalk.fc
+++ b/policy/modules/services/ktalk.fc
@@ -1,4 +1,4 @@
 
-/usr/bin/in.talkd	--	gen_context(system_u:object_r:ktalkd_exec_t,s0)
+/usr/bin/in\.talkd	--	gen_context(system_u:object_r:ktalkd_exec_t,s0)
 /usr/bin/ktalkd		--	gen_context(system_u:object_r:ktalkd_exec_t,s0)
 /var/log/talkd.*	--	gen_context(system_u:object_r:ktalkd_log_t,s0)
diff --git a/policy/modules/services/mta.fc b/policy/modules/services/mta.fc
index 14ff65c..d19d68b 100644
--- a/policy/modules/services/mta.fc
+++ b/policy/modules/services/mta.fc
@@ -9,8 +9,8 @@ ifdef(`distro_redhat',`
 /usr/lib(64)?/sendmail	--	gen_context(system_u:object_r:sendmail_exec_t,s0)
 
 /usr/sbin/rmail		--	gen_context(system_u:object_r:sendmail_exec_t,s0)
-/usr/sbin/sendmail.postfix --	gen_context(system_u:object_r:sendmail_exec_t,s0)
-/usr/sbin/sendmail(.sendmail)? -- gen_context(system_u:object_r:sendmail_exec_t,s0)
+/usr/sbin/sendmail\.postfix --	gen_context(system_u:object_r:sendmail_exec_t,s0)
+/usr/sbin/sendmail(\.sendmail)? -- gen_context(system_u:object_r:sendmail_exec_t,s0)
 
 /var/mail(/.*)?			gen_context(system_u:object_r:mail_spool_t,s0)
 
diff --git a/policy/modules/services/networkmanager.fc b/policy/modules/services/networkmanager.fc
index e198e69..da1e1e5 100644
--- a/policy/modules/services/networkmanager.fc
+++ b/policy/modules/services/networkmanager.fc
@@ -1,5 +1,5 @@
 
 /usr/(s)?bin/NetworkManager	--	gen_context(system_u:object_r:NetworkManager_exec_t,s0)
-/var/run/NetworkManager.pid	--	gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
+/var/run/NetworkManager\.pid	--	gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
 /var/run/NetworkManager(/.*)?		gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
 /var/run/wpa_supplicant(/.*)?		gen_context(system_u:object_r:NetworkManager_var_run_t,s0)
diff --git a/policy/modules/services/nis.fc b/policy/modules/services/nis.fc
index 0128ee0..8e6586a 100644
--- a/policy/modules/services/nis.fc
+++ b/policy/modules/services/nis.fc
@@ -3,8 +3,8 @@
 
 /sbin/ypbind		--	gen_context(system_u:object_r:ypbind_exec_t,s0)
 
-/usr/sbin/rpc.yppasswdd	--	gen_context(system_u:object_r:yppasswdd_exec_t,s0)
-/usr/sbin/rpc.ypxfr	--	gen_context(system_u:object_r:ypxfr_exec_t,s0)
+/usr/sbin/rpc\.yppasswdd	--	gen_context(system_u:object_r:yppasswdd_exec_t,s0)
+/usr/sbin/rpc\.ypxfr	--	gen_context(system_u:object_r:ypxfr_exec_t,s0)
 /usr/sbin/ypserv	--	gen_context(system_u:object_r:ypserv_exec_t,s0)
 
 /var/yp(/.*)?			gen_context(system_u:object_r:var_yp_t,s0)
diff --git a/policy/modules/services/ntop.fc b/policy/modules/services/ntop.fc
index da88341..0d836ae 100644
--- a/policy/modules/services/ntop.fc
+++ b/policy/modules/services/ntop.fc
@@ -4,4 +4,4 @@
 /usr/share/ntop/html(/.*)?	gen_context(system_u:object_r:ntop_http_content_t,s0)
 
 /var/lib/ntop(/.*)?		gen_context(system_u:object_r:ntop_var_lib_t,s0)
-/var/run/ntop.pid	--	gen_context(system_u:object_r:ntop_var_run_t,s0)
+/var/run/ntop\.pid	--	gen_context(system_u:object_r:ntop_var_run_t,s0)
diff --git a/policy/modules/services/openca.fc b/policy/modules/services/openca.fc
index dc360b9..72a2db6 100644
--- a/policy/modules/services/openca.fc
+++ b/policy/modules/services/openca.fc
@@ -1,5 +1,5 @@
 /etc/openca(/.*)?			gen_context(system_u:object_r:openca_etc_t,s0)
-/etc/openca/*.\.in(/.*)?		gen_context(system_u:object_r:openca_etc_in_t,s0)
+/etc/openca/.*\.in(/.*)?		gen_context(system_u:object_r:openca_etc_in_t,s0)
 /etc/openca/rbac(/.*)?			gen_context(system_u:object_r:openca_etc_writeable_t,s0)
 
 /usr/share/openca(/.*)?			gen_context(system_u:object_r:openca_usr_share_t,s0)
diff --git a/policy/modules/services/pegasus.fc b/policy/modules/services/pegasus.fc
index 601c91c..cd4c544 100644
--- a/policy/modules/services/pegasus.fc
+++ b/policy/modules/services/pegasus.fc
@@ -1,6 +1,6 @@
 
 /etc/Pegasus(/.*)?			gen_context(system_u:object_r:pegasus_conf_t,s0)
-/etc/Pegasus/pegasus_current.conf	gen_context(system_u:object_r:pegasus_data_t,s0)
+/etc/Pegasus/pegasus_current\.conf	gen_context(system_u:object_r:pegasus_data_t,s0)
 
 /usr/sbin/cimserver		--	gen_context(system_u:object_r:pegasus_exec_t,s0)
 /usr/sbin/init_repository	-- 	gen_context(system_u:object_r:pegasus_exec_t,s0)
diff --git a/policy/modules/services/portmap.fc b/policy/modules/services/portmap.fc
index 2c42dfd..76f5834 100644
--- a/policy/modules/services/portmap.fc
+++ b/policy/modules/services/portmap.fc
@@ -9,4 +9,4 @@ ifdef(`distro_debian',`
 /usr/sbin/pmap_set	--	gen_context(system_u:object_r:portmap_helper_exec_t,s0)
 ')
 
-/var/run/portmap.upgrade-state -- gen_context(system_u:object_r:portmap_var_run_t,s0)
+/var/run/portmap\.upgrade-state -- gen_context(system_u:object_r:portmap_var_run_t,s0)
diff --git a/policy/modules/services/postgresql.fc b/policy/modules/services/postgresql.fc
index a77d9eb..0e9fed1 100644
--- a/policy/modules/services/postgresql.fc
+++ b/policy/modules/services/postgresql.fc
@@ -28,7 +28,7 @@ ifdef(`distro_redhat', `
 /var/lib/postgres(ql)?(/.*)? 		gen_context(system_u:object_r:postgresql_db_t,s0)
 
 /var/lib/pgsql/data(/.*)?		gen_context(system_u:object_r:postgresql_db_t,s0)
-/var/lib/pgsql/pgstartup.log		gen_context(system_u:object_r:postgresql_log_t,s0)
+/var/lib/pgsql/pgstartup\.log		gen_context(system_u:object_r:postgresql_log_t,s0)
 
 /var/log/postgres\.log.* 	--	gen_context(system_u:object_r:postgresql_log_t,s0)
 /var/log/postgresql(/.*)?		gen_context(system_u:object_r:postgresql_log_t,s0)
diff --git a/policy/modules/services/pyzor.fc b/policy/modules/services/pyzor.fc
index 71e71c8..0fbe17a 100644
--- a/policy/modules/services/pyzor.fc
+++ b/policy/modules/services/pyzor.fc
@@ -4,7 +4,7 @@
 /usr/bin/pyzord		--	gen_context(system_u:object_r:pyzord_exec_t,s0)
 
 /var/lib/pyzord(/.*)?		gen_context(system_u:object_r:pyzor_var_lib_t,s0)
-/var/log/pyzord.log	--	gen_context(system_u:object_r:pyzord_log_t,s0)
+/var/log/pyzord\.log	--	gen_context(system_u:object_r:pyzord_log_t,s0)
 
 ifdef(`strict_policy',`
 HOME_DIR/\.pyzor(/.*)?		gen_context(system_u:object_r:ROLE_pyzor_home_t,s0)
diff --git a/policy/modules/services/razor.fc b/policy/modules/services/razor.fc
index 82c87b4..ad74d5b 100644
--- a/policy/modules/services/razor.fc
+++ b/policy/modules/services/razor.fc
@@ -7,4 +7,4 @@ HOME_DIR/\.razor(/.*)?		gen_context(system_u:object_r:ROLE_razor_home_t,s0)
 /usr/bin/razor.*	--	gen_context(system_u:object_r:razor_exec_t,s0)
 
 /var/lib/razor(/.*)?		gen_context(system_u:object_r:razor_var_lib_t,s0)
-/var/log/razor-agent.log --	gen_context(system_u:object_r:razor_log_t,s0)
+/var/log/razor-agent\.log --	gen_context(system_u:object_r:razor_log_t,s0)
diff --git a/policy/modules/services/rpc.fc b/policy/modules/services/rpc.fc
index dbe7c72..4e6471d 100644
--- a/policy/modules/services/rpc.fc
+++ b/policy/modules/services/rpc.fc
@@ -12,7 +12,7 @@
 # /usr
 #
 /usr/sbin/exportfs	--	gen_context(system_u:object_r:nfsd_exec_t,s0)
-/usr/sbin/rpc.idmapd	--	gen_context(system_u:object_r:rpcd_exec_t,s0)
+/usr/sbin/rpc\.idmapd	--	gen_context(system_u:object_r:rpcd_exec_t,s0)
 /usr/sbin/rpc\.gssd	--	gen_context(system_u:object_r:gssd_exec_t,s0)
 /usr/sbin/rpc\.mountd	--	gen_context(system_u:object_r:nfsd_exec_t,s0)
 /usr/sbin/rpc\.nfsd	--	gen_context(system_u:object_r:nfsd_exec_t,s0)
diff --git a/policy/modules/services/xserver.fc b/policy/modules/services/xserver.fc
index e5e55a6..4cbe747 100644
--- a/policy/modules/services/xserver.fc
+++ b/policy/modules/services/xserver.fc
@@ -2,10 +2,10 @@
 # HOME_DIR
 #
 ifdef(`strict_policy',`
-HOME_DIR/\.fonts.conf	--	gen_context(system_u:object_r:ROLE_fonts_config_t,s0)
+HOME_DIR/\.fonts\.conf	--	gen_context(system_u:object_r:ROLE_fonts_config_t,s0)
 HOME_DIR/\.fonts(/.*)?		gen_context(system_u:object_r:ROLE_fonts_t,s0)
 HOME_DIR/\.fonts/auto(/.*)?	gen_context(system_u:object_r:ROLE_fonts_cache_t,s0)
-HOME_DIR/\.fonts.cache-.* --	gen_context(system_u:object_r:ROLE_fonts_cache_t,s0)
+HOME_DIR/\.fonts\.cache-.* --	gen_context(system_u:object_r:ROLE_fonts_cache_t,s0)
 HOME_DIR/\.ICEauthority.* --	gen_context(system_u:object_r:ROLE_iceauth_home_t,s0)
 HOME_DIR/\.xauth.*	--	gen_context(system_u:object_r:ROLE_xauth_home_t,s0)
 HOME_DIR/\.Xauthority.*	--	gen_context(system_u:object_r:ROLE_xauth_home_t,s0)
diff --git a/policy/modules/system/hotplug.fc b/policy/modules/system/hotplug.fc
index 1af8916..caf736b 100644
--- a/policy/modules/system/hotplug.fc
+++ b/policy/modules/system/hotplug.fc
@@ -1,6 +1,6 @@
 
 /etc/hotplug(/.*)?		gen_context(system_u:object_r:hotplug_etc_t,s0)
-/etc/hotplug/firmware.agent --	gen_context(system_u:object_r:hotplug_exec_t,s0)
+/etc/hotplug/firmware\.agent --	gen_context(system_u:object_r:hotplug_exec_t,s0)
 
 /etc/hotplug\.d/.*	--	gen_context(system_u:object_r:hotplug_exec_t,s0)
 
diff --git a/policy/modules/system/libraries.fc b/policy/modules/system/libraries.fc
index 9126380..11ce8ae 100644
--- a/policy/modules/system/libraries.fc
+++ b/policy/modules/system/libraries.fc
@@ -3,21 +3,21 @@
 #
 ifdef(`distro_gentoo',`
 /emul/linux/x86/usr(/.*)?/lib(/.*)?		gen_context(system_u:object_r:lib_t,s0)
-/emul/linux/x86/usr(/.*)?/lib/.*\.so(\.[^/]*)*	-- gen_context(system_u:object_r:shlib_t,s0)
+/emul/linux/x86/usr(/.*)?/lib/.+\.so(\.[^/]*)*	-- gen_context(system_u:object_r:shlib_t,s0)
 /emul/linux/x86/lib(/.*)?			gen_context(system_u:object_r:lib_t,s0)
-/emul/linux/x86/lib/.*\.so(\.[^/]*)*	--	gen_context(system_u:object_r:shlib_t,s0)
+/emul/linux/x86/lib/.+\.so(\.[^/]*)*	--	gen_context(system_u:object_r:shlib_t,s0)
 /emul/linux/x86/lib(/.*)?/ld-[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:ld_so_t,s0)
 ')
 
 ifdef(`distro_redhat',`
 /emul/ia32-linux/usr(/.*)?/lib(/.*)?		gen_context(system_u:object_r:lib_t,s0)
-/emul/ia32-linux/usr(/.*)?/lib/.*\.so(\.[^/]*)*	-- gen_context(system_u:object_r:shlib_t,s0)
-/emul/ia32-linux/usr(/.*)?/java/.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:shlib_t,s0)
+/emul/ia32-linux/usr(/.*)?/lib/.+\.so(\.[^/]*)*	-- gen_context(system_u:object_r:shlib_t,s0)
+/emul/ia32-linux/usr(/.*)?/java/.+\.so(\.[^/]*)* -- gen_context(system_u:object_r:shlib_t,s0)
 /emul/ia32-linux/usr(/.*)?/java/.*\.jar	--	gen_context(system_u:object_r:shlib_t,s0)
 /emul/ia32-linux/usr(/.*)?/java/.*\.jsa	--	gen_context(system_u:object_r:shlib_t,s0)
 /emul/ia32-linux/usr(/.*)?/lib(/.*)?/ld-[^/]*\.so(\.[^/]*)* gen_context(system_u:object_r:ld_so_t,s0)
 /emul/ia32-linux/lib(/.*)?			gen_context(system_u:object_r:lib_t,s0)
-/emul/ia32-linux/lib/.*\.so(\.[^/]*)*	--	gen_context(system_u:object_r:shlib_t,s0)
+/emul/ia32-linux/lib/.+\.so(\.[^/]*)*	--	gen_context(system_u:object_r:shlib_t,s0)
 /emul/ia32-linux/lib(/.*)?/ld-[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:ld_so_t,s0)
 ')
 
@@ -34,17 +34,17 @@ ifdef(`distro_redhat',`
 #
 /lib(/.*)?					gen_context(system_u:object_r:lib_t,s0)
 /lib64(/.*)?					gen_context(system_u:object_r:lib_t,s0)
-/lib/.*\.so(\.[^/]*)*			--	gen_context(system_u:object_r:shlib_t,s0)
-/lib64/.*\.so(\.[^/]*)*			--	gen_context(system_u:object_r:shlib_t,s0)
+/lib/.+\.so(\.[^/]*)*			--	gen_context(system_u:object_r:shlib_t,s0)
+/lib64/.+\.so(\.[^/]*)*			--	gen_context(system_u:object_r:shlib_t,s0)
 /lib/ld-[^/]*\.so(\.[^/]*)*		--	gen_context(system_u:object_r:ld_so_t,s0)
 /lib64/ld-[^/]*\.so(\.[^/]*)*		--	gen_context(system_u:object_r:ld_so_t,s0)
 
-/lib/security/pam_poldi.so  		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/lib64/security/pam_poldi.so  		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/lib/security/pam_poldi\.so  		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/lib64/security/pam_poldi\.so  		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 
 ifdef(`distro_gentoo',`
 /lib32(/.*)?					gen_context(system_u:object_r:lib_t,s0)
-/lib32/.*\.so(\.[^/]*)*			--	gen_context(system_u:object_r:shlib_t,s0)
+/lib32/.+\.so(\.[^/]*)*			--	gen_context(system_u:object_r:shlib_t,s0)
 /lib32/ld-[^/]*\.so(\.[^/]*)*		--	gen_context(system_u:object_r:ld_so_t,s0)
 ')
 
@@ -52,20 +52,20 @@ ifdef(`distro_gentoo',`
 # /opt
 #
 /opt/(.*/)?lib(/.*)?				gen_context(system_u:object_r:lib_t,s0)
-/opt/(.*/)?lib/.*\.so			--	gen_context(system_u:object_r:shlib_t,s0)
-/opt/(.*/)?lib/.*\.so\.[^/]*		--	gen_context(system_u:object_r:shlib_t,s0)
+/opt/(.*/)?lib/.+\.so			--	gen_context(system_u:object_r:shlib_t,s0)
+/opt/(.*/)?lib/.+\.so\.[^/]*		--	gen_context(system_u:object_r:shlib_t,s0)
 /opt/(.*/)?lib64(/.*)?				gen_context(system_u:object_r:lib_t,s0)
-/opt/(.*/)?lib64/.*\.so			--	gen_context(system_u:object_r:shlib_t,s0)
-/opt/(.*/)?lib64/.*\.so\.[^/]*		--	gen_context(system_u:object_r:shlib_t,s0)
-/opt/(.*/)?jre.*/libdeploy.so(\.[^/]*)*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/opt/(.*/)?jre.*/libjvm.so(\.[^/]*)*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/opt/(.*/)?jre.*/libawt.so(\.[^/]*)*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/opt/cisco-vpnclient/lib/libvpnapi.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/opt/netbeans(.*/)?jdk.*/linux/.*.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+/opt/(.*/)?lib64/.+\.so			--	gen_context(system_u:object_r:shlib_t,s0)
+/opt/(.*/)?lib64/.+\.so\.[^/]*		--	gen_context(system_u:object_r:shlib_t,s0)
+/opt/(.*/)?jre.*/libdeploy\.so(\.[^/]*)*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/opt/(.*/)?jre.*/libjvm\.so(\.[^/]*)*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/opt/(.*/)?jre.*/libawt\.so(\.[^/]*)*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/opt/cisco-vpnclient/lib/libvpnapi\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/opt/netbeans(.*/)?jdk.*/linux/.+\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
 
 ifdef(`distro_gentoo',`
-/opt/netscape/plugins/libflashplayer.so --	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/opt/netscape/plugins/nppdf.so		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/opt/netscape/plugins/libflashplayer\.so --	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/opt/netscape/plugins/nppdf\.so		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 ')
 
 #
@@ -76,45 +76,45 @@ ifdef(`distro_gentoo',`
 #
 # /usr
 #
-/usr/(.*/)?/HelixPlayer/.*\.so(\.[^/]*)* --	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/(.*/)?/RealPlayer/.*\.so(\.[^/]*)* --	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/(.*/)?/HelixPlayer/.+\.so(\.[^/]*)* --	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/(.*/)?/RealPlayer/.+\.so(\.[^/]*)* --	gen_context(system_u:object_r:textrel_shlib_t,s0)
 
-/usr/(.*/)?java/.*\.so(\.[^/]*)*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/(.*/)?java/.*\.jar			--	gen_context(system_u:object_r:shlib_t,s0)
-/usr/(.*/)?java/.*\.jsa			--	gen_context(system_u:object_r:shlib_t,s0)
+/usr/(.*/)?java/.+\.so(\.[^/]*)*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/(.*/)?java/.+\.jar			--	gen_context(system_u:object_r:shlib_t,s0)
+/usr/(.*/)?java/.+\.jsa			--	gen_context(system_u:object_r:shlib_t,s0)
 
 /usr/(.*/)?lib(/.*)?				gen_context(system_u:object_r:lib_t,s0)
-/usr/(.*/)?lib/.*\.so			--	gen_context(system_u:object_r:shlib_t,s0)
-/usr/(.*/)?lib/.*\.so\.[^/]*		--	gen_context(system_u:object_r:shlib_t,s0)
+/usr/(.*/)?lib/.+\.so			--	gen_context(system_u:object_r:shlib_t,s0)
+/usr/(.*/)?lib/.+\.so\.[^/]*		--	gen_context(system_u:object_r:shlib_t,s0)
 /usr/(.*/)?lib64(/.*)?				gen_context(system_u:object_r:lib_t,s0)
-/usr/(.*/)?lib64/.*\.so			--	gen_context(system_u:object_r:shlib_t,s0)
-/usr/(.*/)?lib64/.*\.so\.[^/]*		--	gen_context(system_u:object_r:shlib_t,s0)
+/usr/(.*/)?lib64/.+\.so			--	gen_context(system_u:object_r:shlib_t,s0)
+/usr/(.*/)?lib64/.+\.so\.[^/]*		--	gen_context(system_u:object_r:shlib_t,s0)
 
 /usr/(.*/)?lib(64)?(/.*)?/ld-[^/]*\.so(\.[^/]*)* gen_context(system_u:object_r:ld_so_t,s0)
 
-/usr/(.*/)?nvidia/.*\.so(\..*)?		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/(.*/)?nvidia/.+\.so(\..*)?		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 
 /usr/lib/win32/.*			--	gen_context(system_u:object_r:shlib_t,s0)
 
-/usr/lib(64)?/xulrunner-[^/]*/libxul.so --	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/(.*/)?lib(64)?(/.*)?/nvidia/.*\.so(\..*)? -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/lib(64)?/xulrunner-[^/]*/libxul\.so --	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/(.*/)?lib(64)?(/.*)?/nvidia/.+\.so(\..*)? -- gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/libsipphoneapi\.so.*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/lib(64)?/ati-fglrx/.*\.so(\..*)?	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/lib(64)?/ati-fglrx/.+\.so(\..*)?	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/(nvidia/)?libGL(core)?\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/libGLU\.so(\.[^/]*)*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/libjs\.so.*     		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/lib(64)?(/.*)?/libnvidia.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/lib(64)?(/.*)?/libnvidia.+\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?(/.*)?/nvidia_drv.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/nvidia-graphics(-[^/]*/)?libGL(core)?\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/nvidia-graphics(-[^/]*/)?libnvidia.*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/nvidia-graphics(-[^/]*/)?libXvMCNVIDIA\.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
 
 /usr/(local/)?.*\.so(\.[^/]*)*		--	gen_context(system_u:object_r:shlib_t,s0)
-/usr/(local/)?lib(64)?/wine/.*\.so  	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/(local/)?lib(64)?/wine/.+\.so  	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/(local/)?lib/libfame-.*\.so.*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 
-/usr/NX/lib/libXcomp.so.*		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/NX/lib/libjpeg.so.* 		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/NX/lib/libXcomp\.so.*		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/NX/lib/libjpeg\.so.* 		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 
 /usr/X11R6/lib/libGL\.so.* 		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/X11R6/lib/libXvMCNVIDIA\.so.* 	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -146,9 +146,9 @@ ifdef(`distro_redhat',`
 /usr/lib(64)?/helix/codecs/colorcvt\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/helix/codecs/cvt1\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/libSDL-.*\.so.*		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/lib(64)?/xorg/modules/dri/.*\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/X11R6/lib/modules/dri/.*\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/lib(64)?/dri/.*\.so		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/lib(64)?/xorg/modules/dri/.+\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/X11R6/lib/modules/dri/.+\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/lib(64)?/dri/.+\.so		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/X11R6/lib/libOSMesa\.so.*		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/X11R6/lib/libfglrx_gamma\.so.* 	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/libHermes\.so.*		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -193,7 +193,7 @@ ifdef(`distro_redhat',`
 /usr/lib(64)?/libImlib2\.so.* 		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/ocaml/stublibs/dllnums\.so --	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/httpd/modules/libphp5\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/lib(64)?/php/modules/.*\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/lib(64)?/php/modules/.+\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 
 # Livna.org packages: xmms-mp3, ffmpeg, xvidcore, xine-lib, gsm, lame
 /usr/lib(64)?.*/libmpg123\.so		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -202,7 +202,7 @@ ifdef(`distro_redhat',`
 /usr/lib(64)?/libavcodec-.*\.so(\.[^/]*)* --	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/libavutil-.*\.so(\.[^/]*)* --	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/libxvidcore\.so.*		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/lib(64)?/xine/plugins/.*\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/lib(64)?/xine/plugins/.+\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/libgsm\.so.*		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/libmp3lame\.so.*		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 
@@ -213,18 +213,18 @@ HOME_DIR/.*/plugins/libflashplayer\.so.* --	gen_context(system_u:object_r:textre
 
 # Jai, Sun Microsystems (Jpackage SPRM)
 /usr/lib(64)?/libmlib_jai\.so		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/lib(64)?/libdivxdecore.so.0	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/lib(64)?/libdivxencore.so.0	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/lib(64)?/libdivxdecore\.so\.0	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/lib(64)?/libdivxencore\.so\.0	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 
 # vmware 
 /usr/lib(64)?/vmware/lib(/.*)?/libgdk-x11-.*\.so.* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/lib(64)?/vmware/lib(/.*)?/HConfig.so  --	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/lib(64)?/vmware/lib(/.*)?/HConfig\.so  --	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib(64)?/vmware/(.*/)?VmPerl\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 
 # Java, Sun Microsystems (JPackage SRPM)
-/usr/(.*/)?jre.*/libdeploy.so(\.[^/]*)*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/(local/)?(.*/)?jre.*/libjvm.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/(local/)?(.*/)?jre.*/libawt.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/(.*/)?jre.*/libdeploy\.so(\.[^/]*)*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/(local/)?(.*/)?jre.*/libjvm\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/(local/)?(.*/)?jre.*/libawt\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
 
 /usr/(local/)?Adobe/(.*/)?intellinux/nppdf\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/(local/)?Adobe/(.*/)?intellinux/sidecars/* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
@@ -233,13 +233,13 @@ HOME_DIR/.*/plugins/libflashplayer\.so.* --	gen_context(system_u:object_r:textre
 /usr/(local/)?Adobe/(.*/)?lib/[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/(local/)?acroread/(.*/)?lib/[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/(local/)?Adobe/.*\.api		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/local/matlab.*/bin/glnx86/libmwlapack.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/local/matlab.*/bin/glnx86/libmwlapack\.so -- gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/(.*/)?intellinux/SPPlugins/ADMPlugin\.apl -- gen_context(system_u:object_r:textrel_shlib_t,s0)
 
 /usr/lib/acroread/(.*/)?sidecars/*	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib/acroread/(.*/)?nppdf\.so	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib/acroread/(.*/)?lib/[^/]*\.so(\.[^/]*)* -- gen_context(system_u:object_r:textrel_shlib_t,s0)
-/usr/lib/acroread/.*\.api		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
+/usr/lib/acroread/.+\.api		--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 /usr/lib/acroread/(.*/)?ADMPlugin\.apl	--	gen_context(system_u:object_r:textrel_shlib_t,s0)
 ') dnl end distro_redhat
 
@@ -250,10 +250,10 @@ HOME_DIR/.*/plugins/libflashplayer\.so.* --	gen_context(system_u:object_r:textre
 /var/ftp/lib(64)?/ld[^/]*\.so(\.[^/]*)*	--	gen_context(system_u:object_r:ld_so_t,s0)
 /var/ftp/lib(64)?/lib[^/]*\.so(\.[^/]*)* --	gen_context(system_u:object_r:shlib_t,s0)
 
-/var/mailman/pythonlib(/.*)?/.*\.so(\..*)? --	gen_context(system_u:object_r:shlib_t,s0)
+/var/mailman/pythonlib(/.*)?/.+\.so(\..*)? --	gen_context(system_u:object_r:shlib_t,s0)
 
 ifdef(`distro_suse',`
-/var/lib/samba/bin/.*\.so(\.[^/]*)*	-l	gen_context(system_u:object_r:lib_t,s0)
+/var/lib/samba/bin/.+\.so(\.[^/]*)*	-l	gen_context(system_u:object_r:lib_t,s0)
 ')
 
 /var/spool/postfix/lib(64)?(/.*)? 		gen_context(system_u:object_r:lib_t,s0)
@@ -261,4 +261,4 @@ ifdef(`distro_suse',`
 /var/spool/postfix/lib(64)?/ld.*\.so.*	--	gen_context(system_u:object_r:ld_so_t,s0)
 /var/spool/postfix/lib(64)?/lib.*\.so.*	--	gen_context(system_u:object_r:shlib_t,s0)
 /var/spool/postfix/lib(64)?/[^/]*/lib.*\.so.* -- gen_context(system_u:object_r:shlib_t,s0)
-/var/spool/postfix/lib(64)?/devfsd/.*\.so.* --	gen_context(system_u:object_r:shlib_t,s0)
+/var/spool/postfix/lib(64)?/devfsd/.+\.so.* --	gen_context(system_u:object_r:shlib_t,s0)
diff --git a/policy/modules/system/logging.fc b/policy/modules/system/logging.fc
index cdd15cd..553f6ac 100644
--- a/policy/modules/system/logging.fc
+++ b/policy/modules/system/logging.fc
@@ -26,7 +26,7 @@ ifdef(`distro_suse', `
 
 /var/log		-d	gen_context(system_u:object_r:var_log_t,s0-s15:c0.c255)
 /var/log/.*			gen_context(system_u:object_r:var_log_t,s0)
-/var/log/audit.log	--	gen_context(system_u:object_r:auditd_log_t,s15:c0.c255)
+/var/log/audit\.log	--	gen_context(system_u:object_r:auditd_log_t,s15:c0.c255)
 
 /var/log/audit(/.*)?		gen_context(system_u:object_r:auditd_log_t,s15:c0.c255)
 
diff --git a/policy/modules/system/selinuxutil.fc b/policy/modules/system/selinuxutil.fc
index 8cb4179..1a7e566 100644
--- a/policy/modules/system/selinuxutil.fc
+++ b/policy/modules/system/selinuxutil.fc
@@ -9,8 +9,8 @@
 /etc/selinux/([^/]*/)?policy(/.*)?	gen_context(system_u:object_r:policy_config_t,s15:c0.c255)
 /etc/selinux/([^/]*/)?seusers	--	gen_context(system_u:object_r:selinux_config_t,s15:c0.c255)
 /etc/selinux/([^/]*/)?modules/(active|tmp|previous)(/.*)?     gen_context(system_u:object_r:semanage_store_t,s0)
-/etc/selinux/([^/]*/)?modules/semanage.read.LOCK    --	gen_context(system_u:object_r:semanage_read_lock_t,s0)
-/etc/selinux/([^/]*/)?modules/semanage.trans.LOCK   --	gen_context(system_u:object_r:semanage_trans_lock_t,s0)
+/etc/selinux/([^/]*/)?modules/semanage\.read\.LOCK    --	gen_context(system_u:object_r:semanage_read_lock_t,s0)
+/etc/selinux/([^/]*/)?modules/semanage\.trans\.LOCK   --	gen_context(system_u:object_r:semanage_trans_lock_t,s0)
 /etc/selinux/([^/]*/)?users(/.*)?	--	gen_context(system_u:object_r:selinux_config_t,s15:c0.c255)
 
 #
@@ -47,4 +47,4 @@ ifdef(`distro_debian', `
 #
 # /var/run
 #
-/var/run/restorecond.pid	--	gen_context(system_u:object_r:restorecond_var_run_t,s0)
+/var/run/restorecond\.pid	--	gen_context(system_u:object_r:restorecond_var_run_t,s0)
diff --git a/policy/modules/system/unconfined.fc b/policy/modules/system/unconfined.fc
index 08643f9..d651278 100644
--- a/policy/modules/system/unconfined.fc
+++ b/policy/modules/system/unconfined.fc
@@ -5,8 +5,8 @@
 /usr/bin/vncserver	--	gen_context(system_u:object_r:unconfined_exec_t,s0)
 
 ifdef(`targeted_policy',`
-/usr/lib/openoffice.org.*/program/.*\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
+/usr/lib/openoffice\.org.*/program/.+\.bin -- gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
 /usr/bin/valgrind 	--	gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
-/usr/local/RealPlay/realplay.bin --	gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
+/usr/local/RealPlay/realplay\.bin --	gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
 /usr/bin/mplayer	 	--	gen_context(system_u:object_r:unconfined_execmem_exec_t,s0)
 ')

More information about the scm-commits mailing list