[selinux-policy] Remove duplicate declaration in ABRT

Miroslav Grepl mgrepl at fedoraproject.org
Tue Jul 12 08:48:24 UTC 2011 

commit 9cf29c17e3ece6fc1e09cc0b48acdf116c33d804
Author: Miroslav Grepl <mgrepl at redhat.com>
Date:   Tue Jul 12 10:47:58 2011 +0200

    Remove duplicate declaration in ABRT

 policy-F16.patch |   39 ++++++++++++++++-----------------------
 1 files changed, 16 insertions(+), 23 deletions(-)
---
diff --git a/policy-F16.patch b/policy-F16.patch
index e2cd782..3556157 100644
--- a/policy-F16.patch
+++ b/policy-F16.patch
@@ -18974,7 +18974,7 @@ index 0b827c5..7382308 100644
 +    read_lnk_files_pattern($1, abrt_retrace_cache_t, abrt_retrace_cache_t)
 +')
 diff --git a/policy/modules/services/abrt.te b/policy/modules/services/abrt.te
-index 30861ec..a7f44c9 100644
+index 30861ec..ffe6d41 100644
 --- a/policy/modules/services/abrt.te
 +++ b/policy/modules/services/abrt.te
 @@ -5,6 +5,14 @@ policy_module(abrt, 1.2.0)
@@ -18992,14 +18992,7 @@ index 30861ec..a7f44c9 100644
  type abrt_t;
  type abrt_exec_t;
  init_daemon_domain(abrt_t, abrt_exec_t)
-@@ -37,20 +45,44 @@ files_pid_file(abrt_var_run_t)
- type abrt_helper_t;
- type abrt_helper_exec_t;
- application_domain(abrt_helper_t, abrt_helper_exec_t)
-+init_system_domain(abrt_helper_t, abrt_helper_exec_t)
- role system_r types abrt_helper_t;
- 
- ifdef(`enable_mcs',`
+@@ -43,14 +51,37 @@ ifdef(`enable_mcs',`
  	init_ranged_daemon_domain(abrt_t, abrt_exec_t, s0 - mcs_systemhigh)
  ')
  
@@ -19039,7 +19032,7 @@ index 30861ec..a7f44c9 100644
  
  allow abrt_t self:fifo_file rw_fifo_file_perms;
  allow abrt_t self:tcp_socket create_stream_socket_perms;
-@@ -59,6 +91,7 @@ allow abrt_t self:unix_dgram_socket create_socket_perms;
+@@ -59,6 +90,7 @@ allow abrt_t self:unix_dgram_socket create_socket_perms;
  allow abrt_t self:netlink_route_socket r_netlink_socket_perms;
  
  # abrt etc files
@@ -19047,7 +19040,7 @@ index 30861ec..a7f44c9 100644
  rw_files_pattern(abrt_t, abrt_etc_t, abrt_etc_t)
  
  # log file
-@@ -69,6 +102,7 @@ logging_log_filetrans(abrt_t, abrt_var_log_t, file)
+@@ -69,6 +101,7 @@ logging_log_filetrans(abrt_t, abrt_var_log_t, file)
  manage_dirs_pattern(abrt_t, abrt_tmp_t, abrt_tmp_t)
  manage_files_pattern(abrt_t, abrt_tmp_t, abrt_tmp_t)
  files_tmp_filetrans(abrt_t, abrt_tmp_t, { file dir })
@@ -19055,7 +19048,7 @@ index 30861ec..a7f44c9 100644
  
  # abrt var/cache files
  manage_files_pattern(abrt_t, abrt_var_cache_t, abrt_var_cache_t)
-@@ -82,7 +116,7 @@ manage_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
+@@ -82,7 +115,7 @@ manage_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
  manage_dirs_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
  manage_sock_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
  manage_lnk_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t)
@@ -19064,7 +19057,7 @@ index 30861ec..a7f44c9 100644
  
  kernel_read_ring_buffer(abrt_t)
  kernel_read_system_state(abrt_t)
-@@ -104,6 +138,7 @@ corenet_tcp_connect_all_ports(abrt_t)
+@@ -104,6 +137,7 @@ corenet_tcp_connect_all_ports(abrt_t)
  corenet_sendrecv_http_client_packets(abrt_t)
  
  dev_getattr_all_chr_files(abrt_t)
@@ -19072,7 +19065,7 @@ index 30861ec..a7f44c9 100644
  dev_read_urand(abrt_t)
  dev_rw_sysfs(abrt_t)
  dev_dontaudit_read_raw_memory(abrt_t)
-@@ -113,7 +148,8 @@ domain_read_all_domains_state(abrt_t)
+@@ -113,7 +147,8 @@ domain_read_all_domains_state(abrt_t)
  domain_signull_all_domains(abrt_t)
  
  files_getattr_all_files(abrt_t)
@@ -19082,7 +19075,7 @@ index 30861ec..a7f44c9 100644
  files_read_var_symlinks(abrt_t)
  files_read_var_lib_files(abrt_t)
  files_read_usr_files(abrt_t)
-@@ -121,6 +157,8 @@ files_read_generic_tmp_files(abrt_t)
+@@ -121,6 +156,8 @@ files_read_generic_tmp_files(abrt_t)
  files_read_kernel_modules(abrt_t)
  files_dontaudit_list_default(abrt_t)
  files_dontaudit_read_default_files(abrt_t)
@@ -19091,7 +19084,7 @@ index 30861ec..a7f44c9 100644
  
  fs_list_inotifyfs(abrt_t)
  fs_getattr_all_fs(abrt_t)
-@@ -131,7 +169,7 @@ fs_read_nfs_files(abrt_t)
+@@ -131,7 +168,7 @@ fs_read_nfs_files(abrt_t)
  fs_read_nfs_symlinks(abrt_t)
  fs_search_all(abrt_t)
  
@@ -19100,7 +19093,7 @@ index 30861ec..a7f44c9 100644
  
  logging_read_generic_logs(abrt_t)
  logging_send_syslog_msg(abrt_t)
-@@ -140,6 +178,16 @@ miscfiles_read_generic_certs(abrt_t)
+@@ -140,6 +177,16 @@ miscfiles_read_generic_certs(abrt_t)
  miscfiles_read_localization(abrt_t)
  
  userdom_dontaudit_read_user_home_content_files(abrt_t)
@@ -19117,7 +19110,7 @@ index 30861ec..a7f44c9 100644
  
  optional_policy(`
  	dbus_system_domain(abrt_t, abrt_exec_t)
-@@ -150,6 +198,11 @@ optional_policy(`
+@@ -150,6 +197,11 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -19129,7 +19122,7 @@ index 30861ec..a7f44c9 100644
  	policykit_dbus_chat(abrt_t)
  	policykit_domtrans_auth(abrt_t)
  	policykit_read_lib(abrt_t)
-@@ -167,6 +220,7 @@ optional_policy(`
+@@ -167,6 +219,7 @@ optional_policy(`
  	rpm_exec(abrt_t)
  	rpm_dontaudit_manage_db(abrt_t)
  	rpm_manage_cache(abrt_t)
@@ -19137,7 +19130,7 @@ index 30861ec..a7f44c9 100644
  	rpm_manage_pid_files(abrt_t)
  	rpm_read_db(abrt_t)
  	rpm_signull(abrt_t)
-@@ -178,12 +232,18 @@ optional_policy(`
+@@ -178,12 +231,18 @@ optional_policy(`
  ')
  
  optional_policy(`
@@ -19157,7 +19150,7 @@ index 30861ec..a7f44c9 100644
  #
  
  allow abrt_helper_t self:capability { chown setgid sys_nice };
-@@ -200,9 +260,12 @@ files_var_filetrans(abrt_helper_t, abrt_var_cache_t, { file dir })
+@@ -200,9 +259,12 @@ files_var_filetrans(abrt_helper_t, abrt_var_cache_t, { file dir })
  read_files_pattern(abrt_helper_t, abrt_var_run_t, abrt_var_run_t)
  read_lnk_files_pattern(abrt_helper_t, abrt_var_run_t, abrt_var_run_t)
  
@@ -19170,7 +19163,7 @@ index 30861ec..a7f44c9 100644
  
  fs_list_inotifyfs(abrt_helper_t)
  fs_getattr_all_fs(abrt_helper_t)
-@@ -216,7 +279,8 @@ miscfiles_read_localization(abrt_helper_t)
+@@ -216,7 +278,8 @@ miscfiles_read_localization(abrt_helper_t)
  term_dontaudit_use_all_ttys(abrt_helper_t)
  term_dontaudit_use_all_ptys(abrt_helper_t)
  
@@ -19180,7 +19173,7 @@ index 30861ec..a7f44c9 100644
  	userdom_dontaudit_read_user_home_content_files(abrt_helper_t)
  	userdom_dontaudit_read_user_tmp_files(abrt_helper_t)
  	dev_dontaudit_read_all_blk_files(abrt_helper_t)
-@@ -224,4 +288,100 @@ ifdef(`hide_broken_symptoms', `
+@@ -224,4 +287,100 @@ ifdef(`hide_broken_symptoms', `
  	dev_dontaudit_write_all_chr_files(abrt_helper_t)
  	dev_dontaudit_write_all_blk_files(abrt_helper_t)
  	fs_dontaudit_rw_anon_inodefs_files(abrt_helper_t)

More information about the scm-commits mailing list