[selinux-policy: 3049/3172] Replace type and attributes statements by comma delimiters where possible.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 23:31:18 UTC 2010
commit 8f0b7460ea2bdaf612695bcff671a027128dc3a5
Author: Dominick Grift <domg472 at gmail.com>
Date: Mon Sep 20 12:09:09 2010 +0200
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Replace type and attributes statements by comma delimiters where possible.
Syntax error.
Squash me with 959aa527a5394d23b994ecf75347d2445106d0c4
Replace type and attributes statements by comma delimiters where possible.
Syntax error.
Squach me with 779a708452142d6e4ac2ba2a158f724782a03291
Replace type and attributes statements by comma delimiters where possible.
Syntax error.
Squash me with 89180ea115794aadddaa9b356ab1dfcdc9ff102
policy/modules/services/hal.if | 4 +---
policy/modules/services/ifplugd.if | 4 ++--
policy/modules/services/inn.if | 4 ++--
policy/modules/services/jabber.if | 3 +--
policy/modules/services/kerberos.if | 6 ++----
policy/modules/services/kerneloops.if | 6 ++----
policy/modules/services/ksmtuned.if | 3 +--
policy/modules/services/lircd.if | 4 ++--
policy/modules/services/memcached.if | 7 ++-----
policy/modules/services/mock.if | 3 +--
policy/modules/services/mojomojo.if | 7 +++----
policy/modules/services/mpd.if | 8 ++------
policy/modules/services/mta.if | 3 +--
policy/modules/services/munin.if | 3 +--
policy/modules/services/mysql.if | 7 +++----
policy/modules/services/nagios.if | 11 ++++-------
policy/modules/services/nis.if | 4 ++--
policy/modules/services/nslcd.if | 4 ++--
policy/modules/services/ntp.if | 3 +--
policy/modules/services/pads.if | 4 ++--
policy/modules/services/passenger.if | 3 +--
policy/modules/services/pingd.if | 4 ++--
policy/modules/services/portreserve.if | 4 ++--
policy/modules/services/postfix.if | 8 ++------
24 files changed, 44 insertions(+), 73 deletions(-)
---
diff --git a/policy/modules/services/hal.if b/policy/modules/services/hal.if
index 2b55c85..26de57a 100644
--- a/policy/modules/services/hal.if
+++ b/policy/modules/services/hal.if
@@ -446,9 +446,7 @@ interface(`hal_manage_pid_files',`
#
interface(`hal_dontaudit_leaks',`
gen_require(`
- type hald_log_t;
- type hald_t;
- type hald_var_run_t;
+ type hald_log_t, hald_t, hald_var_run_t;
')
dontaudit $1 hald_t:fd use;
diff --git a/policy/modules/services/ifplugd.if b/policy/modules/services/ifplugd.if
index 684bb0a..7665429 100644
--- a/policy/modules/services/ifplugd.if
+++ b/policy/modules/services/ifplugd.if
@@ -113,8 +113,8 @@ interface(`ifplugd_read_pid_files',`
#
interface(`ifplugd_admin',`
gen_require(`
- type ifplugd_t, ifplugd_etc_t;
- type ifplugd_var_run_t, ifplugd_initrc_exec_t;
+ type ifplugd_t, ifplugd_etc_t, ifplugd_var_run_t;
+ type ifplugd_initrc_exec_t;
')
allow $1 ifplugd_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/inn.if b/policy/modules/services/inn.if
index 31eb768..2f3d8dc 100644
--- a/policy/modules/services/inn.if
+++ b/policy/modules/services/inn.if
@@ -198,8 +198,8 @@ interface(`inn_domtrans',`
interface(`inn_admin',`
gen_require(`
type innd_t, innd_etc_t, innd_log_t;
- type news_spool_t, innd_var_lib_t;
- type innd_var_run_t, innd_initrc_exec_t;
+ type news_spool_t, innd_var_lib_t, innd_var_run_t;
+ type innd_initrc_exec_t;
')
allow $1 innd_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/jabber.if b/policy/modules/services/jabber.if
index cde3591..9167dc9 100644
--- a/policy/modules/services/jabber.if
+++ b/policy/modules/services/jabber.if
@@ -113,8 +113,7 @@ interface(`jabberd_manage_lib_files',`
interface(`jabber_admin',`
gen_require(`
type jabberd_t, jabberd_log_t, jabberd_var_lib_t;
- type jabberd_var_run_t, jabberd_initrc_exec_t;
- type jabberd_router_t;
+ type jabberd_var_run_t, jabberd_initrc_exec_t, jabberd_router_t;
')
allow $1 jabberd_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/kerberos.if b/policy/modules/services/kerberos.if
index f7d4b6d..8c72504 100644
--- a/policy/modules/services/kerberos.if
+++ b/policy/modules/services/kerberos.if
@@ -69,8 +69,7 @@ interface(`kerberos_domtrans_kpropd',`
#
interface(`kerberos_use',`
gen_require(`
- type krb5_conf_t, krb5kdc_conf_t;
- type krb5_host_rcache_t;
+ type krb5_conf_t, krb5kdc_conf_t, krb5_host_rcache_t;
')
files_search_etc($1)
@@ -338,9 +337,8 @@ interface(`kerberos_admin',`
type kadmind_t, krb5kdc_t, kerberos_initrc_exec_t;
type kadmind_log_t, kadmind_tmp_t, kadmind_var_run_t;
type krb5_conf_t, krb5_keytab_t, krb5kdc_conf_t;
- type krb5kdc_principal_t, krb5kdc_tmp_t;
+ type krb5kdc_principal_t, krb5kdc_tmp_t, kpropd_t;
type krb5kdc_var_run_t, krb5_host_rcache_t;
- type kpropd_t;
')
allow $1 kadmind_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/kerneloops.if b/policy/modules/services/kerneloops.if
index 241f7e7..8fbac8d 100644
--- a/policy/modules/services/kerneloops.if
+++ b/policy/modules/services/kerneloops.if
@@ -12,8 +12,7 @@
#
interface(`kerneloops_domtrans',`
gen_require(`
- type kerneloops_t;
- type kerneloops_exec_t;
+ type kerneloops_t, kerneloops_exec_t;
')
domtrans_pattern($1, kerneloops_exec_t, kerneloops_t)
@@ -99,8 +98,7 @@ interface(`kerneloops_manage_tmp_files',`
#
interface(`kerneloops_admin',`
gen_require(`
- type kerneloops_t, kerneloops_initrc_exec_t;
- type kerneloops_tmp_t;
+ type kerneloops_t, kerneloops_initrc_exec_t, kerneloops_tmp_t;
')
allow $1 kerneloops_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/ksmtuned.if b/policy/modules/services/ksmtuned.if
index 40a9405..b733e45 100644
--- a/policy/modules/services/ksmtuned.if
+++ b/policy/modules/services/ksmtuned.if
@@ -55,8 +55,7 @@ interface(`ksmtuned_initrc_domtrans',`
#
interface(`ksmtuned_admin',`
gen_require(`
- type ksmtuned_t, ksmtuned_var_run_t;
- type ksmtuned_initrc_exec_t;
+ type ksmtuned_t, ksmtuned_var_run_t, ksmtuned_initrc_exec_t;
')
allow $1 ksmtuned_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/lircd.if b/policy/modules/services/lircd.if
index c0513fa..a296134 100644
--- a/policy/modules/services/lircd.if
+++ b/policy/modules/services/lircd.if
@@ -75,8 +75,8 @@ interface(`lircd_read_config',`
#
interface(`lircd_admin',`
gen_require(`
- type lircd_t, lircd_var_run_t;
- type lircd_initrc_exec_t, lircd_etc_t;
+ type lircd_t, lircd_var_run_t, lircd_etc_t;
+ type lircd_initrc_exec_t;
')
allow $1 lircd_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/memcached.if b/policy/modules/services/memcached.if
index 513a070..d3f81b6 100644
--- a/policy/modules/services/memcached.if
+++ b/policy/modules/services/memcached.if
@@ -12,8 +12,7 @@
#
interface(`memcached_domtrans',`
gen_require(`
- type memcached_t;
- type memcached_exec_t;
+ type memcached_t, memcached_exec_t;
')
domtrans_pattern($1, memcached_exec_t, memcached_t)
@@ -57,9 +56,7 @@ interface(`memcached_read_pid_files',`
#
interface(`memcached_admin',`
gen_require(`
- type memcached_t;
- type memcached_initrc_exec_t;
- type memcached_var_run_t;
+ type memcached_t, memcached_initrc_exec_t, memcached_var_run_t;
')
allow $1 memcached_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/mock.if b/policy/modules/services/mock.if
index 4b0002a..5fe54b1 100644
--- a/policy/modules/services/mock.if
+++ b/policy/modules/services/mock.if
@@ -223,8 +223,7 @@ interface(`mock_signal',`
#
interface(`mock_admin',`
gen_require(`
- type mock_t;
- type mock_var_lib_t;
+ type mock_t, mock_var_lib_t;
')
allow $1 mock_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/mojomojo.if b/policy/modules/services/mojomojo.if
index cf7968d..b8bf562 100644
--- a/policy/modules/services/mojomojo.if
+++ b/policy/modules/services/mojomojo.if
@@ -19,10 +19,9 @@
#
interface(`mojomojo_admin',`
gen_require(`
- type httpd_mojomojo_script_t;
- type httpd_mojomojo_content_t, httpd_mojomojo_ra_content_t;
- type httpd_mojomojo_rw_content_t, httpd_mojomojo_tmp_t;
- type httpd_mojomojo_script_exec_t, httpd_mojomojo_htaccess_t;
+ type httpd_mojomojo_script_t, httpd_mojomojo_content_t, httpd_mojomojo_ra_content_t;
+ type httpd_mojomojo_rw_content_t, httpd_mojomojo_tmp_t, httpd_mojomojo_htaccess_t;
+ type httpd_mojomojo_script_exec_t;
')
allow $1 httpd_mojomojo_script_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/mpd.if b/policy/modules/services/mpd.if
index 03ab1cd..62f2179 100644
--- a/policy/modules/services/mpd.if
+++ b/policy/modules/services/mpd.if
@@ -239,12 +239,8 @@ interface(`mpd_manage_lib_dirs',`
#
interface(`mpd_admin',`
gen_require(`
- type mpd_t;
- type mpd_initrc_exec_t;
- type mpd_etc_t;
- type mpd_data_t;
- type mpd_log_t;
- type mpd_var_lib_t;
+ type mpd_t, mpd_initrc_exec_t, mpd_etc_t;
+ type mpd_data_t, mpd_log_t, mpd_var_lib_t;
type mpd_tmpfs_t;
')
diff --git a/policy/modules/services/mta.if b/policy/modules/services/mta.if
index 4d1401d..02ba876 100644
--- a/policy/modules/services/mta.if
+++ b/policy/modules/services/mta.if
@@ -361,9 +361,8 @@ interface(`mta_mailserver_user_agent',`
#
interface(`mta_send_mail',`
gen_require(`
- attribute mta_user_agent;
+ attribute mta_user_agent, mta_exec_type;
type system_mail_t;
- attribute mta_exec_type;
')
allow $1 mta_exec_type:lnk_file read_lnk_file_perms;
diff --git a/policy/modules/services/munin.if b/policy/modules/services/munin.if
index 4d06f74..8b1dcf9 100644
--- a/policy/modules/services/munin.if
+++ b/policy/modules/services/munin.if
@@ -180,8 +180,7 @@ interface(`munin_admin',`
gen_require(`
type munin_t, munin_etc_t, munin_tmp_t;
type munin_log_t, munin_var_lib_t, munin_var_run_t;
- type httpd_munin_content_t;
- type munin_initrc_exec_t;
+ type httpd_munin_content_t, munin_initrc_exec_t;
')
allow $1 munin_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/mysql.if b/policy/modules/services/mysql.if
index 6df118b..4d3b208 100644
--- a/policy/modules/services/mysql.if
+++ b/policy/modules/services/mysql.if
@@ -330,10 +330,9 @@ interface(`mysql_search_pid_files',`
#
interface(`mysql_admin',`
gen_require(`
- type mysqld_t, mysqld_var_run_t;
- type mysqld_tmp_t, mysqld_db_t;
- type mysqld_etc_t, mysqld_log_t;
- type mysqld_initrc_exec_t;
+ type mysqld_t, mysqld_var_run_t, mysqld_initrc_exec_t;
+ type mysqld_tmp_t, mysqld_db_t, mysqld_log_t;
+ type mysqld_etc_t;
')
allow $1 mysqld_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/nagios.if b/policy/modules/services/nagios.if
index d25b1b1..55e1f6b 100644
--- a/policy/modules/services/nagios.if
+++ b/policy/modules/services/nagios.if
@@ -13,8 +13,7 @@
#
template(`nagios_plugin_template',`
gen_require(`
- type nagios_t, nrpe_t;
- type nagios_log_t;
+ type nagios_t, nrpe_t, nagios_log_t;
')
type nagios_$1_plugin_t;
@@ -213,11 +212,9 @@ interface(`nagios_domtrans_nrpe',`
#
interface(`nagios_admin',`
gen_require(`
- type nagios_t, nrpe_t;
- type nagios_tmp_t, nagios_log_t;
- type nagios_etc_t, nrpe_etc_t;
- type nagios_spool_t, nagios_var_run_t;
- type nagios_initrc_exec_t;
+ type nagios_t, nrpe_t, nagios_initrc_exec_t;
+ type nagios_tmp_t, nagios_log_t, nagios_var_run_t;
+ type nagios_etc_t, nrpe_etc_t, nagios_spool_t;
')
allow $1 nagios_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/nis.if b/policy/modules/services/nis.if
index d060ea7..995a6cb 100644
--- a/policy/modules/services/nis.if
+++ b/policy/modules/services/nis.if
@@ -335,10 +335,10 @@ interface(`nis_initrc_domtrans_ypbind',`
#
interface(`nis_admin',`
gen_require(`
- type ypbind_t, yppasswdd_t, ypserv_t, ypxfr_t;
+ type ypbind_t, yppasswdd_t, ypserv_t;
type ypbind_tmp_t, ypserv_tmp_t, ypserv_conf_t;
type ypbind_var_run_t, yppasswdd_var_run_t, ypserv_var_run_t;
- type ypbind_initrc_exec_t, nis_initrc_exec_t;
+ type ypbind_initrc_exec_t, nis_initrc_exec_t, ypxfr_t;
')
allow $1 ypbind_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/nslcd.if b/policy/modules/services/nslcd.if
index 2a55401..44c60ea 100644
--- a/policy/modules/services/nslcd.if
+++ b/policy/modules/services/nslcd.if
@@ -93,8 +93,8 @@ interface(`nslcd_stream_connect',`
#
interface(`nslcd_admin',`
gen_require(`
- type nslcd_t, nslcd_initrc_exec_t;
- type nslcd_conf_t, nslcd_var_run_t;
+ type nslcd_t, nslcd_initrc_exec_t, nslcd_var_run_t;
+ type nslcd_conf_t;
')
ps_process_pattern($1, nslcd_t)
diff --git a/policy/modules/services/ntp.if b/policy/modules/services/ntp.if
index 6b240d9..694b002 100644
--- a/policy/modules/services/ntp.if
+++ b/policy/modules/services/ntp.if
@@ -140,8 +140,7 @@ interface(`ntp_rw_shm',`
interface(`ntp_admin',`
gen_require(`
type ntpd_t, ntpd_tmp_t, ntpd_log_t;
- type ntpd_key_t, ntpd_var_run_t;
- type ntpd_initrc_exec_t;
+ type ntpd_key_t, ntpd_var_run_t, ntpd_initrc_exec_t;
')
allow $1 ntpd_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/pads.if b/policy/modules/services/pads.if
index 5a14c62..52f47b4 100644
--- a/policy/modules/services/pads.if
+++ b/policy/modules/services/pads.if
@@ -27,8 +27,8 @@
#
interface(`pads_admin',`
gen_require(`
- type pads_t, pads_config_t;
- type pads_var_run_t, pads_initrc_exec_t;
+ type pads_t, pads_config_t, pads_initrc_exec_t;
+ type pads_var_run_t;
')
allow $1 pads_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/passenger.if b/policy/modules/services/passenger.if
index 7f2bbc6..9c4717b 100644
--- a/policy/modules/services/passenger.if
+++ b/policy/modules/services/passenger.if
@@ -12,8 +12,7 @@
#
interface(`passenger_domtrans',`
gen_require(`
- type passenger_t;
- type passenger_exec_t;
+ type passenger_t, passenger_exec_t;
')
allow $1 self:capability { fowner fsetid };
diff --git a/policy/modules/services/pingd.if b/policy/modules/services/pingd.if
index 2e6ce68..1bfd8d2 100644
--- a/policy/modules/services/pingd.if
+++ b/policy/modules/services/pingd.if
@@ -76,8 +76,8 @@ interface(`pingd_manage_config',`
#
interface(`pingd_admin',`
gen_require(`
- type pingd_t, pingd_etc_t;
- type pingd_initrc_exec_t, pingd_modules_t;
+ type pingd_t, pingd_etc_t, pingd_modules_t;
+ type pingd_initrc_exec_t;
')
allow $1 pingd_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/portreserve.if b/policy/modules/services/portreserve.if
index d91c1f5..7f6e277 100644
--- a/policy/modules/services/portreserve.if
+++ b/policy/modules/services/portreserve.if
@@ -101,8 +101,8 @@ interface(`portreserve_manage_config',`
#
interface(`portreserve_admin', `
gen_require(`
- type portreserve_t, portreserve_etc_t;
- type portreserve_initrc_exec_t, portreserve_var_run_t;
+ type portreserve_t, portreserve_etc_t, portreserve_var_run_t;
+ type portreserve_initrc_exec_t;
')
allow $1 portreserve_t:process { ptrace signal_perms };
diff --git a/policy/modules/services/postfix.if b/policy/modules/services/postfix.if
index ea9aef2..b220a9c 100644
--- a/policy/modules/services/postfix.if
+++ b/policy/modules/services/postfix.if
@@ -680,16 +680,12 @@ interface(`postfix_domtrans_user_mail_handler',`
#
interface(`postfix_admin', `
gen_require(`
+ attribute postfix_spool_type;
type postfix_bounce_t, postfix_cleanup_t, postfix_local_t;
type postfix_master_t, postfix_pickup_t, postfix_qmgr_t;
- type postfix_smtpd_t;
-
- attribute postfix_spool_type;
-
type postfix_initrc_exec_t, postfix_data_t, postfix_etc_t;
- type postfix_var_run_t;
-
type postfix_map_tmp_t, postfix_prng_t, postfix_public_t;
+ type postfix_smtpd_t, postfix_var_run_t;
')
allow $1 postfix_bounce_t:process { ptrace signal_perms };
More information about the scm-commits
mailing list