[selinux-policy: 3053/3172] Use list instead of search in admin interfaces.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 23:31:39 UTC 2010
commit 61f4064286ac7c45444fc255b13cb75fd139fce6
Author: Dominick Grift <domg472 at gmail.com>
Date: Mon Sep 20 15:36:05 2010 +0200
Use list instead of search in admin interfaces.
Use list instead of search in admin interfaces.
Use list instead of search in admin interfaces.
Use list instead of search in admin interfaces.
Use list instead of search in admin interfaces.
policy/modules/admin/shorewall.if | 10 +++++-----
policy/modules/services/abrt.if | 10 +++++-----
policy/modules/services/aiccu.if | 4 ++--
policy/modules/services/apache.if | 5 +++--
policy/modules/services/bugzilla.if | 4 ++--
policy/modules/services/certmonger.if | 4 ++--
policy/modules/services/cgroup.if | 4 ++--
policy/modules/services/chronyd.if | 8 ++++----
policy/modules/services/cmirrord.if | 2 +-
policy/modules/services/cobbler.if | 6 +++---
policy/modules/services/denyhosts.if | 6 +++---
policy/modules/services/devicekit.if | 6 +++---
policy/modules/services/exim.if | 8 ++++----
policy/modules/services/hddtemp.if | 2 +-
policy/modules/services/kerneloops.if | 2 +-
policy/modules/services/lircd.if | 4 ++--
policy/modules/services/memcached.if | 2 +-
policy/modules/services/mock.if | 2 +-
policy/modules/services/mojomojo.if | 4 ++--
policy/modules/services/mpd.if | 8 ++++----
policy/modules/services/nslcd.if | 4 ++--
policy/modules/services/oident.if | 2 +-
policy/modules/services/pads.if | 4 ++--
policy/modules/services/plymouthd.if | 4 ++--
policy/modules/services/portreserve.if | 4 ++--
policy/modules/services/postfix.if | 4 ++--
policy/modules/services/postgresql.if | 6 +++---
policy/modules/services/prelude.if | 7 ++++---
policy/modules/services/psad.if | 10 +++++-----
policy/modules/services/rgmanager.if | 6 +++---
policy/modules/services/ricci.if | 8 ++++----
policy/modules/services/rpcbind.if | 4 ++--
policy/modules/services/sendmail.if | 8 ++++----
policy/modules/services/snort.if | 6 +++---
policy/modules/services/tuned.if | 2 +-
policy/modules/services/ulogd.if | 4 ++--
policy/modules/services/varnishd.if | 10 +++++-----
policy/modules/services/vnstatd.if | 2 +-
policy/modules/system/kdump.if | 2 +-
39 files changed, 100 insertions(+), 98 deletions(-)
---
diff --git a/policy/modules/admin/shorewall.if b/policy/modules/admin/shorewall.if
index b83f3db..f198119 100644
--- a/policy/modules/admin/shorewall.if
+++ b/policy/modules/admin/shorewall.if
@@ -185,18 +185,18 @@ interface(`shorewall_admin',`
role_transition $2 shorewall_initrc_exec_t system_r;
allow $2 system_r;
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, shorewall_etc_t)
- files_search_locks($1)
+ files_list_locks($1)
admin_pattern($1, shorewall_lock_t)
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, shorewall_var_lib_t)
- logging_search_logs($1)
+ logging_list_logs($1)
admin_pattern($1, shorewall_log_t)
- files_search_tmp($1)
+ files_list_tmp($1)
admin_pattern($1, shorewall_tmp_t)
')
diff --git a/policy/modules/services/abrt.if b/policy/modules/services/abrt.if
index 022c079..8961dba 100644
--- a/policy/modules/services/abrt.if
+++ b/policy/modules/services/abrt.if
@@ -326,18 +326,18 @@ interface(`abrt_admin',`
role_transition $2 abrt_initrc_exec_t system_r;
allow $2 system_r;
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, abrt_etc_t)
- logging_search_logs($1)
+ logging_list_logs($1)
admin_pattern($1, abrt_var_log_t)
- files_search_var($1)
+ files_list_var($1)
admin_pattern($1, abrt_var_cache_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, abrt_var_run_t)
- files_search_tmp($1)
+ files_list_tmp($1)
admin_pattern($1, abrt_tmp_t)
')
diff --git a/policy/modules/services/aiccu.if b/policy/modules/services/aiccu.if
index 420c856..d4e161d 100644
--- a/policy/modules/services/aiccu.if
+++ b/policy/modules/services/aiccu.if
@@ -111,8 +111,8 @@ interface(`aiccu_admin',`
allow $2 system_r;
admin_pattern($1, aiccu_etc_t)
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, aiccu_var_run_t)
- files_search_pids($1)
+ files_list_pids($1)
')
diff --git a/policy/modules/services/apache.if b/policy/modules/services/apache.if
index 8846b96..859c49f 100644
--- a/policy/modules/services/apache.if
+++ b/policy/modules/services/apache.if
@@ -1333,10 +1333,10 @@ interface(`apache_admin',`
apache_manage_all_content($1)
miscfiles_manage_public_files($1)
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, httpd_config_t)
- logging_search_logs($1)
+ logging_list_logs($1)
admin_pattern($1, httpd_log_t)
admin_pattern($1, httpd_modules_t)
@@ -1357,6 +1357,7 @@ interface(`apache_admin',`
seutil_domtrans_setfiles($1)
+ files_list_tmp($1)
admin_pattern($1, httpd_tmp_t)
admin_pattern($1, httpd_php_tmp_t)
admin_pattern($1, httpd_suexec_tmp_t)
diff --git a/policy/modules/services/bugzilla.if b/policy/modules/services/bugzilla.if
index 8280b28..3964548 100644
--- a/policy/modules/services/bugzilla.if
+++ b/policy/modules/services/bugzilla.if
@@ -68,9 +68,9 @@ interface(`bugzilla_admin',`
files_list_tmp($1)
admin_pattern($1, httpd_bugzilla_tmp_t)
- files_search_var_lib(httpd_bugzilla_script_t)
+ files_list_var_lib(httpd_bugzilla_script_t)
- apache_search_sys_content($1)
+ apache_list_sys_content($1)
admin_pattern($1, httpd_bugzilla_script_exec_t)
admin_pattern($1, httpd_bugzilla_script_t)
admin_pattern($1, httpd_bugzilla_content_t)
diff --git a/policy/modules/services/certmonger.if b/policy/modules/services/certmonger.if
index c7a8d70..d664be8 100644
--- a/policy/modules/services/certmonger.if
+++ b/policy/modules/services/certmonger.if
@@ -166,9 +166,9 @@ interface(`certmonger_admin',`
role_transition $2 certmonger_initrc_exec_t system_r;
allow $2 system_r;
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, certmonger_var_lib_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, certmonger_var_run_t)
')
diff --git a/policy/modules/services/cgroup.if b/policy/modules/services/cgroup.if
index 25cad6a..e5cbcef 100644
--- a/policy/modules/services/cgroup.if
+++ b/policy/modules/services/cgroup.if
@@ -182,10 +182,10 @@ interface(`cgroup_admin',`
admin_pattern($1, cgconfig_etc_t)
admin_pattern($1, cgrules_etc_t)
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, cgred_var_run_t)
- files_search_pids($1)
+ files_list_pids($1)
cgroup_initrc_domtrans_cgconfig($1)
domain_system_change_exemption($1)
diff --git a/policy/modules/services/chronyd.if b/policy/modules/services/chronyd.if
index 9811f7f..2ede737 100644
--- a/policy/modules/services/chronyd.if
+++ b/policy/modules/services/chronyd.if
@@ -164,16 +164,16 @@ interface(`chronyd_admin',`
role_transition $2 chronyd_initrc_exec_t system_r;
allow $2 system_r;
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, chronyd_keys_t)
- logging_search_logs($1)
+ logging_list_logs($1)
admin_pattern($1, chronyd_var_log_t)
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, chronyd_var_lib_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, chronyd_var_run_t)
admin_pattern($1, chronyd_tmpfs_t)
diff --git a/policy/modules/services/cmirrord.if b/policy/modules/services/cmirrord.if
index f1bf7b1..756ac91 100644
--- a/policy/modules/services/cmirrord.if
+++ b/policy/modules/services/cmirrord.if
@@ -108,6 +108,6 @@ interface(`cmirrord_admin',`
role_transition $2 cmirrord_initrc_exec_t system_r;
allow $2 system_r;
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, cmirrord_var_run_t)
')
diff --git a/policy/modules/services/cobbler.if b/policy/modules/services/cobbler.if
index a4c26ff..e3787fb 100644
--- a/policy/modules/services/cobbler.if
+++ b/policy/modules/services/cobbler.if
@@ -192,16 +192,16 @@ interface(`cobblerd_admin',`
allow $1 cobblerd_t:process { ptrace signal_perms };
ps_process_pattern($1, cobblerd_t)
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, cobbler_etc_t)
files_list_var_lib($1)
admin_pattern($1, cobbler_var_lib_t)
- logging_search_logs($1)
+ logging_list_logs($1)
admin_pattern($1, cobbler_var_log_t)
- apache_search_sys_content($1)
+ apache_list_sys_content($1)
admin_pattern($1, httpd_cobbler_content_t)
admin_pattern($1, httpd_cobbler_content_ra_t)
admin_pattern($1, httpd_cobbler_content_rw_t)
diff --git a/policy/modules/services/denyhosts.if b/policy/modules/services/denyhosts.if
index 7b9da59..9c9e65c 100644
--- a/policy/modules/services/denyhosts.if
+++ b/policy/modules/services/denyhosts.if
@@ -75,12 +75,12 @@ interface(`denyhosts_admin',`
role_transition $2 denyhosts_initrc_exec_t system_r;
allow $2 system_r;
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, denyhosts_var_lib_t)
- logging_search_logs($1)
+ logging_list_logs($1)
admin_pattern($1, denyhosts_var_log_t)
- files_search_locks($1)
+ files_list_locks($1)
admin_pattern($1, denyhosts_var_lock_t)
')
diff --git a/policy/modules/services/devicekit.if b/policy/modules/services/devicekit.if
index 262885f..ab2edfc 100644
--- a/policy/modules/services/devicekit.if
+++ b/policy/modules/services/devicekit.if
@@ -165,11 +165,11 @@ interface(`devicekit_admin',`
ps_process_pattern($1, devicekit_power_t)
admin_pattern($1, devicekit_tmp_t)
- files_search_tmp($1)
+ files_list_tmp($1)
admin_pattern($1, devicekit_var_lib_t)
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, devicekit_var_run_t)
- files_search_pids($1)
+ files_list_pids($1)
')
diff --git a/policy/modules/services/exim.if b/policy/modules/services/exim.if
index 8950248..464669c 100644
--- a/policy/modules/services/exim.if
+++ b/policy/modules/services/exim.if
@@ -243,15 +243,15 @@ interface(`exim_admin',`
role_transition $2 exim_initrc_exec_t system_r;
allow $2 system_r;
- logging_search_logs($1)
+ logging_list_logs($1)
admin_pattern($1, exim_log_t)
- files_search_tmp($1)
+ files_list_tmp($1)
admin_pattern($1, exim_tmp_t)
- files_search_spool($1)
+ files_list_spool($1)
admin_pattern($1, exim_spool_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, exim_var_run_t)
')
diff --git a/policy/modules/services/hddtemp.if b/policy/modules/services/hddtemp.if
index 777b036..db2d189 100644
--- a/policy/modules/services/hddtemp.if
+++ b/policy/modules/services/hddtemp.if
@@ -69,5 +69,5 @@ interface(`hddtemp_admin',`
allow $2 system_r;
admin_pattern($1, hddtemp_etc_t)
- files_search_etc($1)
+ files_list_etc($1)
')
diff --git a/policy/modules/services/kerneloops.if b/policy/modules/services/kerneloops.if
index 8fbac8d..dd32883 100644
--- a/policy/modules/services/kerneloops.if
+++ b/policy/modules/services/kerneloops.if
@@ -109,6 +109,6 @@ interface(`kerneloops_admin',`
role_transition $2 kerneloops_initrc_exec_t system_r;
allow $2 system_r;
- files_search_tmp($1)
+ files_list_tmp($1)
admin_pattern($1, kerneloops_tmp_t)
')
diff --git a/policy/modules/services/lircd.if b/policy/modules/services/lircd.if
index a296134..5cfe950 100644
--- a/policy/modules/services/lircd.if
+++ b/policy/modules/services/lircd.if
@@ -87,9 +87,9 @@ interface(`lircd_admin',`
role_transition $2 lircd_initrc_exec_t system_r;
allow $2 system_r;
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, lircd_etc_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, lircd_var_run_t)
')
diff --git a/policy/modules/services/memcached.if b/policy/modules/services/memcached.if
index d3f81b6..5008a6c 100644
--- a/policy/modules/services/memcached.if
+++ b/policy/modules/services/memcached.if
@@ -67,6 +67,6 @@ interface(`memcached_admin',`
role_transition $2 memcached_initrc_exec_t system_r;
allow $2 system_r;
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, memcached_var_run_t)
')
diff --git a/policy/modules/services/mock.if b/policy/modules/services/mock.if
index ab0a29e..d76fb11 100644
--- a/policy/modules/services/mock.if
+++ b/policy/modules/services/mock.if
@@ -231,6 +231,6 @@ interface(`mock_admin',`
allow $1 mock_t:process { ptrace signal_perms };
ps_process_pattern($1, mock_t)
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, mock_var_lib_t)
')
diff --git a/policy/modules/services/mojomojo.if b/policy/modules/services/mojomojo.if
index b8bf562..88e7330 100644
--- a/policy/modules/services/mojomojo.if
+++ b/policy/modules/services/mojomojo.if
@@ -30,9 +30,9 @@ interface(`mojomojo_admin',`
files_list_tmp($1)
admin_pattern($1, httpd_mojomojo_tmp_t)
- files_search_var_lib(httpd_mojomojo_script_t)
+ files_list_var_lib(httpd_mojomojo_script_t)
- apache_search_sys_content($1)
+ apache_list_sys_content($1)
admin_pattern($1, httpd_mojomojo_script_exec_t)
admin_pattern($1, httpd_mojomojo_script_t)
admin_pattern($1, httpd_mojomojo_content_t)
diff --git a/policy/modules/services/mpd.if b/policy/modules/services/mpd.if
index 62f2179..733dc77 100644
--- a/policy/modules/services/mpd.if
+++ b/policy/modules/services/mpd.if
@@ -253,16 +253,16 @@ interface(`mpd_admin',`
allow $2 system_r;
admin_pattern($1, mpd_etc_t)
- files_search_etc($1)
+ files_list_etc($1)
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, mpd_var_lib_t)
- mpd_search_lib($1)
+ mpd_list_lib($1)
admin_pattern($1, mpd_data_t)
admin_pattern($1, mpd_log_t)
- fs_search_tmpfs($1)
+ fs_list_tmpfs($1)
admin_pattern($1, mpd_tmpfs_t)
')
diff --git a/policy/modules/services/nslcd.if b/policy/modules/services/nslcd.if
index 44c60ea..be5a5b4 100644
--- a/policy/modules/services/nslcd.if
+++ b/policy/modules/services/nslcd.if
@@ -106,9 +106,9 @@ interface(`nslcd_admin',`
role_transition $2 nslcd_initrc_exec_t system_r;
allow $2 system_r;
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, nslcd_conf_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, nslcd_var_run_t, nslcd_var_run_t)
')
diff --git a/policy/modules/services/oident.if b/policy/modules/services/oident.if
index 8d47116..b1b5e51 100644
--- a/policy/modules/services/oident.if
+++ b/policy/modules/services/oident.if
@@ -97,6 +97,6 @@ interface(`oident_admin',`
role_transition $2 oidentd_initrc_exec_t system_r;
allow $2 system_r;
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, oidentd_config_t)
')
diff --git a/policy/modules/services/pads.if b/policy/modules/services/pads.if
index 52f47b4..8235fb6 100644
--- a/policy/modules/services/pads.if
+++ b/policy/modules/services/pads.if
@@ -39,9 +39,9 @@ interface(`pads_admin',`
role_transition $2 pads_initrc_exec_t system_r;
allow $2 system_r;
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, pads_var_run_t)
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, pads_config_t)
')
diff --git a/policy/modules/services/plymouthd.if b/policy/modules/services/plymouthd.if
index 90b6447..07dd3ff 100644
--- a/policy/modules/services/plymouthd.if
+++ b/policy/modules/services/plymouthd.if
@@ -252,11 +252,11 @@ interface(`plymouthd_admin',`
allow $1 plymouthd_t:process { ptrace signal_perms };
ps_process_pattern($1, plymouthd_t)
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, plymouthd_spool_t)
admin_pattern($1, plymouthd_var_lib_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, plymouthd_var_run_t)
')
diff --git a/policy/modules/services/portreserve.if b/policy/modules/services/portreserve.if
index bf9bd05..7385056 100644
--- a/policy/modules/services/portreserve.if
+++ b/policy/modules/services/portreserve.if
@@ -112,9 +112,9 @@ interface(`portreserve_admin',`
role_transition $2 portreserve_initrc_exec_t system_r;
allow $2 system_r;
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, portreserve_etc_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, portreserve_var_run_t)
')
diff --git a/policy/modules/services/postfix.if b/policy/modules/services/postfix.if
index 3aaeb31..6d9d382 100644
--- a/policy/modules/services/postfix.if
+++ b/policy/modules/services/postfix.if
@@ -723,12 +723,12 @@ interface(`postfix_admin',`
files_list_etc($1)
admin_pattern($1, postfix_etc_t)
- files_search_spool($1)
+ files_list_spool($1)
admin_pattern($1,postfix_spool_type)
admin_pattern($1, postfix_var_run_t)
- files_search_tmp($1)
+ files_list_tmp($1)
admin_pattern($1, postfix_map_tmp_t)
admin_pattern($1, postfix_prng_t)
diff --git a/policy/modules/services/postgresql.if b/policy/modules/services/postgresql.if
index 2c6b723..fd75d3d 100644
--- a/policy/modules/services/postgresql.if
+++ b/policy/modules/services/postgresql.if
@@ -439,13 +439,13 @@ interface(`postgresql_admin',`
admin_pattern($1, postgresql_var_run_t)
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, postgresql_db_t)
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, postgresql_etc_t)
- logging_search_logs($1)
+ logging_list_logs($1)
admin_pattern($1, postgresql_log_t)
admin_pattern($1, postgresql_tmp_t)
diff --git a/policy/modules/services/prelude.if b/policy/modules/services/prelude.if
index e4d8797..1bf96b0 100644
--- a/policy/modules/services/prelude.if
+++ b/policy/modules/services/prelude.if
@@ -135,16 +135,17 @@ interface(`prelude_admin',`
role_transition $2 prelude_initrc_exec_t system_r;
allow $2 system_r;
+ files_list_spool($1)
admin_pattern($1, prelude_spool_t)
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, prelude_var_lib_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, prelude_var_run_t)
admin_pattern($1, prelude_audisp_var_run_t)
- files_search_tmp($1)
+ files_list_tmp($1)
admin_pattern($1, prelude_lml_tmp_t)
admin_pattern($1, prelude_lml_var_run_t)
diff --git a/policy/modules/services/psad.if b/policy/modules/services/psad.if
index a5ec9f5..96440db 100644
--- a/policy/modules/services/psad.if
+++ b/policy/modules/services/psad.if
@@ -265,18 +265,18 @@ interface(`psad_admin',`
role_transition $2 psad_initrc_exec_t system_r;
allow $2 system_r;
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, psad_etc_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, psad_var_run_t)
- logging_search_logs($1)
+ logging_list_logs($1)
admin_pattern($1, psad_var_log_t)
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, psad_var_lib_t)
- files_search_tmp($1)
+ files_list_tmp($1)
admin_pattern($1, psad_tmp_t)
')
diff --git a/policy/modules/services/rgmanager.if b/policy/modules/services/rgmanager.if
index aaf7c85..7ef312e 100644
--- a/policy/modules/services/rgmanager.if
+++ b/policy/modules/services/rgmanager.if
@@ -125,14 +125,14 @@ interface(`rgmanager_admin',`
role_transition $2 rgmanager_initrc_exec_t system_r;
allow $2 system_r;
- files_search_tmp($1)
+ files_list_tmp($1)
admin_pattern($1, rgmanager_tmp_t)
admin_pattern($1, rgmanager_tmpfs_t)
- logging_search_logs($1)
+ logging_list_logs($1)
admin_pattern($1, rgmanager_var_log_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, rgmanager_var_run_t)
')
diff --git a/policy/modules/services/ricci.if b/policy/modules/services/ricci.if
index ecc341c..8a28c31 100644
--- a/policy/modules/services/ricci.if
+++ b/policy/modules/services/ricci.if
@@ -252,15 +252,15 @@ interface(`ricci_admin',`
role_transition $2 ricci_initrc_exec_t system_r;
allow $2 system_r;
- files_search_tmp($1)
+ files_list_tmp($1)
admin_pattern($1, ricci_tmp_t)
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, ricci_var_lib_t)
- logging_search_logs($1)
+ logging_list_logs($1)
admin_pattern($1, ricci_var_log_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, ricci_var_run_t)
')
diff --git a/policy/modules/services/rpcbind.if b/policy/modules/services/rpcbind.if
index 5a4d69d..14173f7 100644
--- a/policy/modules/services/rpcbind.if
+++ b/policy/modules/services/rpcbind.if
@@ -145,9 +145,9 @@ interface(`rpcbind_admin',`
role_transition $2 rpcbind_initrc_exec_t system_r;
allow $2 system_r;
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, rpcbind_var_lib_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, rpcbind_var_run_t)
')
diff --git a/policy/modules/services/sendmail.if b/policy/modules/services/sendmail.if
index cf9fdcd..a68be53 100644
--- a/policy/modules/services/sendmail.if
+++ b/policy/modules/services/sendmail.if
@@ -344,15 +344,15 @@ interface(`sendmail_admin',`
domain_system_change_exemption($1)
role_transition $2 sendmail_initrc_exec_t system_r;
- logging_search_logs($1)
+ logging_list_logs($1)
admin_pattern($1, sendmail_log_t)
- files_search_tmp($1)
+ files_list_tmp($1)
admin_pattern($1, sendmail_tmp_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, sendmail_var_run_t)
- files_search_spool($1)
+ files_list_spool($1)
admin_pattern($1, mail_spool_t)
')
diff --git a/policy/modules/services/snort.if b/policy/modules/services/snort.if
index 215f425..88ebedb 100644
--- a/policy/modules/services/snort.if
+++ b/policy/modules/services/snort.if
@@ -50,11 +50,11 @@ interface(`snort_admin',`
allow $2 system_r;
admin_pattern($1, snort_etc_t)
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, snort_log_t)
- logging_search_logs($1)
+ logging_list_logs($1)
admin_pattern($1, snort_var_run_t)
- files_search_pids($1)
+ files_list_pids($1)
')
diff --git a/policy/modules/services/tuned.if b/policy/modules/services/tuned.if
index 329f139..752697f 100644
--- a/policy/modules/services/tuned.if
+++ b/policy/modules/services/tuned.if
@@ -123,6 +123,6 @@ interface(`tuned_admin',`
role_transition $2 tuned_initrc_exec_t system_r;
allow $2 system_r;
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, tuned_var_run_t)
')
diff --git a/policy/modules/services/ulogd.if b/policy/modules/services/ulogd.if
index e3c66d8..fd72fe8 100644
--- a/policy/modules/services/ulogd.if
+++ b/policy/modules/services/ulogd.if
@@ -131,12 +131,12 @@ interface(`ulogd_admin',`
role_transition $2 ulogd_initrc_exec_t system_r;
allow $2 system_r;
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, ulogd_etc_t)
logging_list_logs($1)
admin_pattern($1, ulogd_var_log_t)
- files_search_usr($1)
+ files_list_usr($1)
admin_pattern($1, ulogd_modules_t)
')
diff --git a/policy/modules/services/varnishd.if b/policy/modules/services/varnishd.if
index e0f819e..0f8e213 100644
--- a/policy/modules/services/varnishd.if
+++ b/policy/modules/services/varnishd.if
@@ -163,7 +163,7 @@ interface(`varnishd_admin_varnishlog',`
role_transition $2 varnishlog_initrc_exec_t system_r;
allow $2 system_r;
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, varnishlog_var_run_t)
logging_list_logs($1)
@@ -202,15 +202,15 @@ interface(`varnishd_admin',`
role_transition $2 varnishd_initrc_exec_t system_r;
allow $2 system_r;
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, varnishd_var_lib_t)
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, varnishd_etc_t)
- files_search_pids($1)
+ files_list_pids($1)
admin_pattern($1, varnishd_var_run_t)
- files_search_tmp($1)
+ files_list_tmp($1)
admin_pattern($1, varnishd_tmp_t)
')
diff --git a/policy/modules/services/vnstatd.if b/policy/modules/services/vnstatd.if
index 85dba86..6144fb1 100644
--- a/policy/modules/services/vnstatd.if
+++ b/policy/modules/services/vnstatd.if
@@ -144,7 +144,7 @@ interface(`vnstatd_admin',`
allow $1 vnstatd_t:process { ptrace signal_perms };
ps_process_pattern($1, vnstatd_t)
- files_search_var_lib($1)
+ files_list_var_lib($1)
admin_pattern($1, vnstatd_var_lib_t)
')
diff --git a/policy/modules/system/kdump.if b/policy/modules/system/kdump.if
index 4198ff5..672d323 100644
--- a/policy/modules/system/kdump.if
+++ b/policy/modules/system/kdump.if
@@ -106,6 +106,6 @@ interface(`kdump_admin',`
role_transition $2 kdump_initrc_exec_t system_r;
allow $2 system_r;
- files_search_etc($1)
+ files_list_etc($1)
admin_pattern($1, kdump_etc_t)
')
More information about the scm-commits
mailing list