Templates cleanedup by Dominic Grift

This commit is contained in:
Dan Walsh 2011-05-23 17:05:41 -04:00
parent a7dd92d42a
commit ed0051b493
2 changed files with 169 additions and 143 deletions

View File

@ -5910,7 +5910,7 @@ diff -up policycoreutils-2.0.86/gui/polgen.gladep.gui policycoreutils-2.0.86/gui
+</glade-project>
diff -up policycoreutils-2.0.86/gui/polgengui.py.gui policycoreutils-2.0.86/gui/polgengui.py
--- policycoreutils-2.0.86/gui/polgengui.py.gui 2011-04-12 10:52:07.513644322 -0400
+++ policycoreutils-2.0.86/gui/polgengui.py 2011-04-12 10:52:07.514644337 -0400
+++ policycoreutils-2.0.86/gui/polgengui.py 2011-05-23 17:04:16.377786536 -0400
@@ -0,0 +1,750 @@
+#!/usr/bin/python -Es
+#
@ -5918,7 +5918,7 @@ diff -up policycoreutils-2.0.86/gui/polgengui.py.gui policycoreutils-2.0.86/gui/
+#
+# Dan Walsh <dwalsh@redhat.com>
+#
+# Copyright 2007, 2008, 2009 Red Hat, Inc.
+# Copyright (C) 2007-2011 Red Hat
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
@ -6664,11 +6664,11 @@ diff -up policycoreutils-2.0.86/gui/polgengui.py.gui policycoreutils-2.0.86/gui/
+ app.stand_alone()
diff -up policycoreutils-2.0.86/gui/polgen.py.gui policycoreutils-2.0.86/gui/polgen.py
--- policycoreutils-2.0.86/gui/polgen.py.gui 2011-04-12 10:52:07.516644368 -0400
+++ policycoreutils-2.0.86/gui/polgen.py 2011-04-12 10:52:07.517644384 -0400
+++ policycoreutils-2.0.86/gui/polgen.py 2011-05-23 17:04:04.539689964 -0400
@@ -0,0 +1,1346 @@
+#!/usr/bin/python -Es
+#
+# Copyright (C) 2007-2010 Red Hat
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@ -12111,9 +12111,9 @@ diff -up policycoreutils-2.0.86/gui/system-config-selinux.py.gui policycoreutils
+ app.stand_alone()
diff -up policycoreutils-2.0.86/gui/templates/boolean.py.gui policycoreutils-2.0.86/gui/templates/boolean.py
--- policycoreutils-2.0.86/gui/templates/boolean.py.gui 2011-04-12 10:52:07.543644784 -0400
+++ policycoreutils-2.0.86/gui/templates/boolean.py 2011-04-29 11:47:41.684099468 -0400
+++ policycoreutils-2.0.86/gui/templates/boolean.py 2011-05-23 16:59:42.369598714 -0400
@@ -0,0 +1,40 @@
+# Copyright (C) 2007 Red Hat
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@ -12130,34 +12130,34 @@ diff -up policycoreutils-2.0.86/gui/templates/boolean.py.gui policycoreutils-2.0
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+#
+########################### boolean Template File ###########################
+
+te_boolean="""
+## <desc>
+## <p>
+## DESCRIPTION
+## </p>
+## <p>
+## DESCRIPTION
+## </p>
+## </desc>
+gen_tunable(BOOLEAN,false)
+gen_tunable(BOOLEAN, false)
+"""
+
+te_rules="""
+tunable_policy(`BOOLEAN',`
+#TRUE
+',`
+',`
+#FALSE
+')
+"""
+
diff -up policycoreutils-2.0.86/gui/templates/etc_rw.py.gui policycoreutils-2.0.86/gui/templates/etc_rw.py
--- policycoreutils-2.0.86/gui/templates/etc_rw.py.gui 2011-04-12 10:52:07.546644829 -0400
+++ policycoreutils-2.0.86/gui/templates/etc_rw.py 2011-04-29 11:47:41.684099468 -0400
+++ policycoreutils-2.0.86/gui/templates/etc_rw.py 2011-05-23 16:59:53.369684469 -0400
@@ -0,0 +1,112 @@
+# Copyright (C) 2007 Red Hat
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@ -12174,10 +12174,10 @@ diff -up policycoreutils-2.0.86/gui/templates/etc_rw.py.gui policycoreutils-2.0.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+#
+########################### etc_rw Template File #############################
+
+########################### Type Enforcement File #############################
@ -12227,14 +12227,14 @@ diff -up policycoreutils-2.0.86/gui/templates/etc_rw.py.gui policycoreutils-2.0.
+ type TEMPLATETYPE_etc_rw_t;
+ ')
+
+ allow $1 TEMPLATETYPE_etc_rw_t:file r_file_perms;
+ allow $1 TEMPLATETYPE_etc_rw_t:file read_file_perms;
+ allow $1 TEMPLATETYPE_etc_rw_t:dir list_dir_perms;
+ files_search_etc($1)
+')
+
+########################################
+## <summary>
+## Manage TEMPLATETYPE conf files.
+## Manage TEMPLATETYPE conf files.
+## </summary>
+## <param name="domain">
+## <summary>
@ -12247,14 +12247,14 @@ diff -up policycoreutils-2.0.86/gui/templates/etc_rw.py.gui policycoreutils-2.0.
+ type TEMPLATETYPE_etc_rw_t;
+ ')
+
+ manage_files_pattern($1, TEMPLATETYPE_etc_rw_t, TEMPLATETYPE_etc_rw_t)
+ manage_files_pattern($1, TEMPLATETYPE_etc_rw_t, TEMPLATETYPE_etc_rw_t)
+ files_search_etc($1)
+')
+
+"""
+
+if_admin_types="""
+ type TEMPLATETYPE_etc_rw_t;"""
+ type TEMPLATETYPE_etc_rw_t;"""
+
+if_admin_rules="""
+ files_search_etc($1)
@ -12271,9 +12271,9 @@ diff -up policycoreutils-2.0.86/gui/templates/etc_rw.py.gui policycoreutils-2.0.
+"""
diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-2.0.86/gui/templates/executable.py
--- policycoreutils-2.0.86/gui/templates/executable.py.gui 2011-04-12 10:52:07.548644859 -0400
+++ policycoreutils-2.0.86/gui/templates/executable.py 2011-04-29 11:53:01.953579440 -0400
@@ -0,0 +1,448 @@
+# Copyright (C) 2007-2009 Red Hat
+++ policycoreutils-2.0.86/gui/templates/executable.py 2011-05-23 17:03:10.575251921 -0400
@@ -0,0 +1,451 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@ -12290,13 +12290,13 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+#
+########################### Type Enforcement File #############################
+te_daemon_types="""\
+policy_module(TEMPLATETYPE,1.0.0)
+policy_module(TEMPLATETYPE, 1.0.0)
+
+########################################
+#
@ -12316,7 +12316,7 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+"""
+
+te_dbusd_types="""\
+policy_module(TEMPLATETYPE,1.0.0)
+policy_module(TEMPLATETYPE, 1.0.0)
+
+########################################
+#
@ -12331,7 +12331,7 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+"""
+
+te_inetd_types="""\
+policy_module(TEMPLATETYPE,1.0.0)
+policy_module(TEMPLATETYPE, 1.0.0)
+
+########################################
+#
@ -12346,7 +12346,7 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+"""
+
+te_userapp_types="""\
+policy_module(TEMPLATETYPE,1.0.0)
+policy_module(TEMPLATETYPE, 1.0.0)
+
+########################################
+#
@ -12362,7 +12362,7 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+"""
+
+te_sandbox_types="""\
+policy_module(TEMPLATETYPE,1.0.0)
+policy_module(TEMPLATETYPE, 1.0.0)
+
+########################################
+#
@ -12377,7 +12377,7 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+"""
+
+te_cgi_types="""\
+policy_module(TEMPLATETYPE,1.0.0)
+policy_module(TEMPLATETYPE, 1.0.0)
+
+########################################
+#
@ -12446,8 +12446,8 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+
+te_manage_krb5_rcache_rules="""
+optional_policy(`
+ kerberos_keytab_template(TEMPLATETYPE, TEMPLATETYPE_t)
+ kerberos_manage_host_rcache(TEMPLATETYPE_t)
+ kerberos_keytab_template(TEMPLATETYPE, TEMPLATETYPE_t)
+ kerberos_manage_host_rcache(TEMPLATETYPE_t)
+')
+"""
+
@ -12492,7 +12492,7 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+## </summary>
+## <param name=\"domain\">
+## <summary>
+## Domain allowed access.
+## Domain allowed to transition.
+## </summary>
+## </param>
+#
@ -12501,7 +12501,7 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+ type TEMPLATETYPE_t, TEMPLATETYPE_exec_t;
+ ')
+
+ corecmd_search_bin($1)
+ corecmd_search_bin($1)
+ domtrans_pattern($1, TEMPLATETYPE_exec_t, TEMPLATETYPE_t)
+')
+
@ -12515,7 +12515,7 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## Domain allowed to transition
+## </summary>
+## </param>
+## <param name="role">
@ -12550,7 +12550,7 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+#
+interface(`TEMPLATETYPE_role',`
+ gen_require(`
+ type TEMPLATETYPE_t;
+ type TEMPLATETYPE_t;
+ ')
+
+ role $1 types TEMPLATETYPE_t;
@ -12571,7 +12571,7 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access
+## Domain allowed to transition.
+## </summary>
+## </param>
+## <param name="role">
@ -12639,6 +12639,7 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+
+ init_labeled_script_domtrans($1, TEMPLATETYPE_initrc_exec_t)
+')
+
+"""
+
+if_dbus_rules="""
@ -12662,6 +12663,7 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+ allow $1 TEMPLATETYPE_t:dbus send_msg;
+ allow TEMPLATETYPE_t $1:dbus send_msg;
+')
+
+"""
+
+if_begin_admin="""
@ -12692,9 +12694,9 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+ allow $1 TEMPLATETYPE_t:process { ptrace signal_perms };
+ ps_process_pattern($1, TEMPLATETYPE_t)
+"""
+
+
+if_initscript_admin_types="""
+ type TEMPLATETYPE_initrc_exec_t;"""
+ type TEMPLATETYPE_initrc_exec_t;"""
+
+if_initscript_admin="""
+ TEMPLATETYPE_initrc_domtrans($1)
@ -12705,6 +12707,7 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+
+if_end_admin="""
+')
+
+"""
+
+########################### File Context ##################################
@ -12723,10 +12726,10 @@ diff -up policycoreutils-2.0.86/gui/templates/executable.py.gui policycoreutils-
+"""
diff -up policycoreutils-2.0.86/gui/templates/__init__.py.gui policycoreutils-2.0.86/gui/templates/__init__.py
--- policycoreutils-2.0.86/gui/templates/__init__.py.gui 2011-04-12 10:52:07.549644874 -0400
+++ policycoreutils-2.0.86/gui/templates/__init__.py 2011-04-29 11:47:41.685099475 -0400
+++ policycoreutils-2.0.86/gui/templates/__init__.py 2011-05-23 17:02:40.424008790 -0400
@@ -0,0 +1,18 @@
+#
+# Copyright (C) 2007 Red Hat, Inc.
+# Copyright (C) 2007-2011 Red Hat
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
@ -12745,8 +12748,30 @@ diff -up policycoreutils-2.0.86/gui/templates/__init__.py.gui policycoreutils-2.
+
diff -up policycoreutils-2.0.86/gui/templates/network.py.gui policycoreutils-2.0.86/gui/templates/network.py
--- policycoreutils-2.0.86/gui/templates/network.py.gui 2011-04-12 10:52:07.556644982 -0400
+++ policycoreutils-2.0.86/gui/templates/network.py 2011-04-29 11:47:41.686099482 -0400
@@ -0,0 +1,80 @@
+++ policycoreutils-2.0.86/gui/templates/network.py 2011-05-23 17:03:09.237241107 -0400
@@ -0,0 +1,102 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 2 of
+# the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+########################### Type Enforcement File #############################
+te_port_types="""
+type TEMPLATETYPE_port_t;
+corenet_port(TEMPLATETYPE_port_t)
@ -12829,9 +12854,9 @@ diff -up policycoreutils-2.0.86/gui/templates/network.py.gui policycoreutils-2.0
+
diff -up policycoreutils-2.0.86/gui/templates/rw.py.gui policycoreutils-2.0.86/gui/templates/rw.py
--- policycoreutils-2.0.86/gui/templates/rw.py.gui 2011-04-12 10:52:07.557644997 -0400
+++ policycoreutils-2.0.86/gui/templates/rw.py 2011-04-29 11:47:41.686099482 -0400
@@ -0,0 +1,130 @@
+# Copyright (C) 2007 Red Hat
+++ policycoreutils-2.0.86/gui/templates/rw.py 2011-05-23 16:59:48.308644991 -0400
@@ -0,0 +1,129 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@ -12848,10 +12873,10 @@ diff -up policycoreutils-2.0.86/gui/templates/rw.py.gui policycoreutils-2.0.86/g
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+#
+
+########################### tmp Template File #############################
+te_types="""
@ -12900,7 +12925,7 @@ diff -up policycoreutils-2.0.86/gui/templates/rw.py.gui policycoreutils-2.0.86/g
+ type TEMPLATETYPE_rw_t;
+ ')
+
+ allow $1 TEMPLATETYPE_rw_t:file r_file_perms;
+ allow $1 TEMPLATETYPE_rw_t:file read_file_perms;
+ allow $1 TEMPLATETYPE_rw_t:dir list_dir_perms;
+ files_search_rw($1)
+')
@ -12920,7 +12945,7 @@ diff -up policycoreutils-2.0.86/gui/templates/rw.py.gui policycoreutils-2.0.86/g
+ type TEMPLATETYPE_rw_t;
+ ')
+
+ manage_files_pattern($1, TEMPLATETYPE_rw_t, TEMPLATETYPE_rw_t)
+ manage_files_pattern($1, TEMPLATETYPE_rw_t, TEMPLATETYPE_rw_t)
+')
+
+########################################
@ -12939,20 +12964,19 @@ diff -up policycoreutils-2.0.86/gui/templates/rw.py.gui policycoreutils-2.0.86/g
+ type TEMPLATETYPE_rw_t;
+ ')
+
+ manage_dirs_pattern($1, TEMPLATETYPE_rw_t, TEMPLATETYPE_rw_t)
+ manage_dirs_pattern($1, TEMPLATETYPE_rw_t, TEMPLATETYPE_rw_t)
+')
+
+"""
+
+if_admin_types="""
+ type TEMPLATETYPE_rw_t;"""
+ type TEMPLATETYPE_rw_t;"""
+
+if_admin_rules="""
+ files_search_etc($1)
+ admin_pattern($1, TEMPLATETYPE_rw_t)
+"""
+
+
+########################### File Context ##################################
+fc_file="""
+FILENAME -- gen_context(system_u:object_r:TEMPLATETYPE_rw_t,s0)
@ -12963,9 +12987,9 @@ diff -up policycoreutils-2.0.86/gui/templates/rw.py.gui policycoreutils-2.0.86/g
+"""
diff -up policycoreutils-2.0.86/gui/templates/script.py.gui policycoreutils-2.0.86/gui/templates/script.py
--- policycoreutils-2.0.86/gui/templates/script.py.gui 2011-04-12 10:52:07.558645012 -0400
+++ policycoreutils-2.0.86/gui/templates/script.py 2011-04-29 11:47:41.686099482 -0400
+++ policycoreutils-2.0.86/gui/templates/script.py 2011-05-23 17:02:13.796795073 -0400
@@ -0,0 +1,126 @@
+# Copyright (C) 2007 Red Hat
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@ -12982,10 +13006,10 @@ diff -up policycoreutils-2.0.86/gui/templates/script.py.gui policycoreutils-2.0.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+#
+
+########################### tmp Template File #############################
+compile="""\
@ -13071,9 +13095,9 @@ diff -up policycoreutils-2.0.86/gui/templates/script.py.gui policycoreutils-2.0.
+TEMPLATETYPE_r:TEMPLATETYPE_t:s0 TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:crond_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:initrc_su_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:local_login_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:remote_login_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:sshd_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:local_login_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:remote_login_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:sshd_t TEMPLATETYPE_r:TEMPLATETYPE_t
+_EOF
+fi
+"""
@ -13084,18 +13108,18 @@ diff -up policycoreutils-2.0.86/gui/templates/script.py.gui policycoreutils-2.0.
+TEMPLATETYPE_r:TEMPLATETYPE_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:crond_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:initrc_su_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:local_login_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:remote_login_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:sshd_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:xdm_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:local_login_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:remote_login_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:sshd_t TEMPLATETYPE_r:TEMPLATETYPE_t
+system_r:xdm_t TEMPLATETYPE_r:TEMPLATETYPE_t
+_EOF
+fi
+"""
diff -up policycoreutils-2.0.86/gui/templates/semodule.py.gui policycoreutils-2.0.86/gui/templates/semodule.py
--- policycoreutils-2.0.86/gui/templates/semodule.py.gui 2011-04-12 10:52:07.560645042 -0400
+++ policycoreutils-2.0.86/gui/templates/semodule.py 2011-04-29 11:47:41.687099489 -0400
+++ policycoreutils-2.0.86/gui/templates/semodule.py 2011-05-23 17:02:07.466744404 -0400
@@ -0,0 +1,41 @@
+# Copyright (C) 2007 Red Hat
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@ -13138,9 +13162,9 @@ diff -up policycoreutils-2.0.86/gui/templates/semodule.py.gui policycoreutils-2.
+
diff -up policycoreutils-2.0.86/gui/templates/tmp.py.gui policycoreutils-2.0.86/gui/templates/tmp.py
--- policycoreutils-2.0.86/gui/templates/tmp.py.gui 2011-04-12 10:52:07.561645058 -0400
+++ policycoreutils-2.0.86/gui/templates/tmp.py 2011-04-29 11:47:41.687099489 -0400
+++ policycoreutils-2.0.86/gui/templates/tmp.py 2011-05-23 17:01:55.736650663 -0400
@@ -0,0 +1,102 @@
+# Copyright (C) 2007 Red Hat
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@ -13157,10 +13181,10 @@ diff -up policycoreutils-2.0.86/gui/templates/tmp.py.gui policycoreutils-2.0.86/
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+#
+########################### tmp Template File #############################
+
+te_types="""
@ -13177,7 +13201,7 @@ diff -up policycoreutils-2.0.86/gui/templates/tmp.py.gui policycoreutils-2.0.86/
+if_rules="""
+########################################
+## <summary>
+## Do not audit attempts to read,
+## Do not audit attempts to read,
+## TEMPLATETYPE tmp files
+## </summary>
+## <param name="domain">
@ -13228,25 +13252,25 @@ diff -up policycoreutils-2.0.86/gui/templates/tmp.py.gui policycoreutils-2.0.86/
+ type TEMPLATETYPE_tmp_t;
+ ')
+
+ files_search_tmp($1)
+ manage_dirs_pattern($1, TEMPLATETYPE_tmp_t, TEMPLATETYPE_tmp_t)
+ manage_files_pattern($1, TEMPLATETYPE_tmp_t, TEMPLATETYPE_tmp_t)
+ manage_lnk_files_pattern($1, TEMPLATETYPE_tmp_t, TEMPLATETYPE_tmp_t)
+ files_search_tmp($1)
+ manage_dirs_pattern($1, TEMPLATETYPE_tmp_t, TEMPLATETYPE_tmp_t)
+ manage_files_pattern($1, TEMPLATETYPE_tmp_t, TEMPLATETYPE_tmp_t)
+ manage_lnk_files_pattern($1, TEMPLATETYPE_tmp_t, TEMPLATETYPE_tmp_t)
+')
+"""
+
+if_admin_types="""
+ type TEMPLATETYPE_tmp_t;"""
+ type TEMPLATETYPE_tmp_t;"""
+
+if_admin_rules="""
+ files_search_tmp($1)
+ files_search_tmp($1)
+ admin_pattern($1, TEMPLATETYPE_tmp_t)
+"""
diff -up policycoreutils-2.0.86/gui/templates/user.py.gui policycoreutils-2.0.86/gui/templates/user.py
--- policycoreutils-2.0.86/gui/templates/user.py.gui 2011-04-12 10:52:07.562645074 -0400
+++ policycoreutils-2.0.86/gui/templates/user.py 2011-04-29 11:47:41.687099489 -0400
@@ -0,0 +1,205 @@
+# Copyright (C) 2007 Red Hat
+++ policycoreutils-2.0.86/gui/templates/user.py 2011-05-23 17:01:46.816579501 -0400
@@ -0,0 +1,204 @@
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@ -13263,14 +13287,14 @@ diff -up policycoreutils-2.0.86/gui/templates/user.py.gui policycoreutils-2.0.86
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+#
+########################### Type Enforcement File #############################
+
+te_login_user_types="""\
+policy_module(TEMPLATETYPE,1.0.0)
+policy_module(TEMPLATETYPE, 1.0.0)
+
+########################################
+#
@ -13281,7 +13305,7 @@ diff -up policycoreutils-2.0.86/gui/templates/user.py.gui policycoreutils-2.0.86
+"""
+
+te_admin_user_types="""\
+policy_module(TEMPLATETYPE,1.0.0)
+policy_module(TEMPLATETYPE, 1.0.0)
+
+########################################
+#
@ -13292,7 +13316,7 @@ diff -up policycoreutils-2.0.86/gui/templates/user.py.gui policycoreutils-2.0.86
+"""
+
+te_min_login_user_types="""\
+policy_module(TEMPLATETYPE,1.0.0)
+policy_module(TEMPLATETYPE, 1.0.0)
+
+########################################
+#
@ -13303,7 +13327,7 @@ diff -up policycoreutils-2.0.86/gui/templates/user.py.gui policycoreutils-2.0.86
+"""
+
+te_x_login_user_types="""\
+policy_module(TEMPLATETYPE,1.0.0)
+policy_module(TEMPLATETYPE, 1.0.0)
+
+########################################
+#
@ -13314,18 +13338,17 @@ diff -up policycoreutils-2.0.86/gui/templates/user.py.gui policycoreutils-2.0.86
+"""
+
+te_existing_user_types="""\
+policy_module(myTEMPLATETYPE,1.0.0)
+policy_module(myTEMPLATETYPE, 1.0.0)
+
+gen_require(`
+ type TEMPLATETYPE_t, TEMPLATETYPE_devpts_t;
+ role TEMPLATETYPE_r;
+ type TEMPLATETYPE_t, TEMPLATETYPE_devpts_t;
+ role TEMPLATETYPE_r;
+')
+
+"""
+
+te_root_user_types="""\
+
+policy_module(TEMPLATETYPE,1.0.0)
+policy_module(TEMPLATETYPE, 1.0.0)
+
+########################################
+#
@ -13407,20 +13430,20 @@ diff -up policycoreutils-2.0.86/gui/templates/user.py.gui policycoreutils-2.0.86
+bool TEMPLATETYPE_manage_user_files false;
+
+if (TEMPLATETYPE_read_user_files) {
+ userdom_read_user_home_content_files(TEMPLATETYPE_t)
+ userdom_read_user_tmp_files(TEMPLATETYPE_t)
+ userdom_read_user_home_content_files(TEMPLATETYPE_t)
+ userdom_read_user_tmp_files(TEMPLATETYPE_t)
+}
+
+if (TEMPLATETYPE_manage_user_files) {
+ userdom_manage_user_home_content(TEMPLATETYPE_t)
+ userdom_manage_user_tmp_files(TEMPLATETYPE_t)
+ userdom_manage_user_home_content(TEMPLATETYPE_t)
+ userdom_manage_user_tmp_files(TEMPLATETYPE_t)
+}
+
+"""
+
+te_admin_trans_rules="""
+gen_require(`
+ role USER_r;
+ role USER_r;
+')
+
+allow USER_r TEMPLATETYPE_r;
@ -13453,9 +13476,9 @@ diff -up policycoreutils-2.0.86/gui/templates/user.py.gui policycoreutils-2.0.86
+"""
diff -up policycoreutils-2.0.86/gui/templates/var_cache.py.gui policycoreutils-2.0.86/gui/templates/var_cache.py
--- policycoreutils-2.0.86/gui/templates/var_cache.py.gui 2011-04-12 10:52:07.566645136 -0400
+++ policycoreutils-2.0.86/gui/templates/var_cache.py 2011-04-29 11:47:41.688099497 -0400
+++ policycoreutils-2.0.86/gui/templates/var_cache.py 2011-05-23 17:01:38.793515591 -0400
@@ -0,0 +1,132 @@
+# Copyright (C) 2010 Red Hat
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@ -13472,10 +13495,10 @@ diff -up policycoreutils-2.0.86/gui/templates/var_cache.py.gui policycoreutils-2
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+#
+########################### cache Template File #############################
+
+########################### Type Enforcement File #############################
@ -13527,7 +13550,7 @@ diff -up policycoreutils-2.0.86/gui/templates/var_cache.py.gui policycoreutils-2
+ ')
+
+ files_search_var($1)
+ read_files_pattern($1, TEMPLATETYPE_cache_t TEMPLATETYPE_cache_t)
+ read_files_pattern($1, TEMPLATETYPE_cache_t TEMPLATETYPE_cache_t)
+')
+
+########################################
@ -13547,7 +13570,7 @@ diff -up policycoreutils-2.0.86/gui/templates/var_cache.py.gui policycoreutils-2
+ ')
+
+ files_search_var($1)
+ manage_files_pattern($1, TEMPLATETYPE_cache_t, TEMPLATETYPE_cache_t)
+ manage_files_pattern($1, TEMPLATETYPE_cache_t, TEMPLATETYPE_cache_t)
+')
+
+########################################
@ -13566,13 +13589,13 @@ diff -up policycoreutils-2.0.86/gui/templates/var_cache.py.gui policycoreutils-2
+ ')
+
+ files_search_var($1)
+ manage_dirs_pattern($1, TEMPLATETYPE_cache_t, TEMPLATETYPE_cache_t)
+ manage_dirs_pattern($1, TEMPLATETYPE_cache_t, TEMPLATETYPE_cache_t)
+')
+
+"""
+
+if_admin_types="""
+ type TEMPLATETYPE_cache_t;"""
+ type TEMPLATETYPE_cache_t;"""
+
+if_admin_rules="""
+ files_search_var($1)
@ -13589,9 +13612,9 @@ diff -up policycoreutils-2.0.86/gui/templates/var_cache.py.gui policycoreutils-2
+"""
diff -up policycoreutils-2.0.86/gui/templates/var_lib.py.gui policycoreutils-2.0.86/gui/templates/var_lib.py
--- policycoreutils-2.0.86/gui/templates/var_lib.py.gui 2011-04-12 10:52:07.567645151 -0400
+++ policycoreutils-2.0.86/gui/templates/var_lib.py 2011-04-29 11:47:41.688099497 -0400
+++ policycoreutils-2.0.86/gui/templates/var_lib.py 2011-05-23 17:01:31.516457701 -0400
@@ -0,0 +1,160 @@
+# Copyright (C) 2007 Red Hat
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@ -13608,10 +13631,10 @@ diff -up policycoreutils-2.0.86/gui/templates/var_lib.py.gui policycoreutils-2.0
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+#
+########################### var_lib Template File #############################
+
+########################### Type Enforcement File #############################
@ -13622,7 +13645,7 @@ diff -up policycoreutils-2.0.86/gui/templates/var_lib.py.gui policycoreutils-2.0
+te_rules="""
+manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
+manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
+files_var_lib_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t, { dir file } )
+files_var_lib_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t, { dir file })
+"""
+
+te_stream_rules="""\
@ -13668,7 +13691,7 @@ diff -up policycoreutils-2.0.86/gui/templates/var_lib.py.gui policycoreutils-2.0
+ ')
+
+ files_search_var_lib($1)
+ read_files_pattern($1, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
+ read_files_pattern($1, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
+')
+
+########################################
@ -13687,7 +13710,7 @@ diff -up policycoreutils-2.0.86/gui/templates/var_lib.py.gui policycoreutils-2.0
+ ')
+
+ files_search_var_lib($1)
+ manage_files_pattern($1, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
+ manage_files_pattern($1, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
+')
+
+########################################
@ -13706,7 +13729,7 @@ diff -up policycoreutils-2.0.86/gui/templates/var_lib.py.gui policycoreutils-2.0
+ ')
+
+ files_search_var_lib($1)
+ manage_dirs_pattern($1, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
+ manage_dirs_pattern($1, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
+')
+
+"""
@ -13727,12 +13750,12 @@ diff -up policycoreutils-2.0.86/gui/templates/var_lib.py.gui policycoreutils-2.0
+ type TEMPLATETYPE_t, TEMPLATETYPE_var_lib_t;
+ ')
+
+ stream_connect_pattern($1, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
+ stream_connect_pattern($1, TEMPLATETYPE_var_lib_t, TEMPLATETYPE_var_lib_t)
+')
+"""
+
+if_admin_types="""
+ type TEMPLATETYPE_var_lib_t;"""
+ type TEMPLATETYPE_var_lib_t;"""
+
+if_admin_rules="""
+ files_search_var_lib($1)
@ -13753,9 +13776,9 @@ diff -up policycoreutils-2.0.86/gui/templates/var_lib.py.gui policycoreutils-2.0
+"""
diff -up policycoreutils-2.0.86/gui/templates/var_log.py.gui policycoreutils-2.0.86/gui/templates/var_log.py
--- policycoreutils-2.0.86/gui/templates/var_log.py.gui 2011-04-12 10:52:07.568645166 -0400
+++ policycoreutils-2.0.86/gui/templates/var_log.py 2011-04-29 11:47:41.688099497 -0400
+++ policycoreutils-2.0.86/gui/templates/var_log.py 2011-05-23 17:01:22.948389639 -0400
@@ -0,0 +1,114 @@
+# Copyright (C) 2007,2010 Red Hat
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@ -13772,10 +13795,10 @@ diff -up policycoreutils-2.0.86/gui/templates/var_log.py.gui policycoreutils-2.0
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+#
+########################### var_log Template File #############################
+
+########################### Type Enforcement File #############################
@ -13787,7 +13810,7 @@ diff -up policycoreutils-2.0.86/gui/templates/var_log.py.gui policycoreutils-2.0
+te_rules="""
+manage_dirs_pattern(TEMPLATETYPE_t, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
+manage_files_pattern(TEMPLATETYPE_t, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
+logging_log_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_log_t, { dir file } )
+logging_log_filetrans(TEMPLATETYPE_t, TEMPLATETYPE_log_t, { dir file })
+"""
+
+########################### Interface File #############################
@ -13809,7 +13832,7 @@ diff -up policycoreutils-2.0.86/gui/templates/var_log.py.gui policycoreutils-2.0
+ ')
+
+ logging_search_logs($1)
+ read_files_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
+ read_files_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
+')
+
+########################################
@ -13817,9 +13840,9 @@ diff -up policycoreutils-2.0.86/gui/templates/var_log.py.gui policycoreutils-2.0
+## Append to TEMPLATETYPE log files.
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed to transition.
+## </summary>
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`TEMPLATETYPE_append_log',`
@ -13828,7 +13851,7 @@ diff -up policycoreutils-2.0.86/gui/templates/var_log.py.gui policycoreutils-2.0
+ ')
+
+ logging_search_logs($1)
+ append_files_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
+ append_files_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
+')
+
+########################################
@ -13837,7 +13860,7 @@ diff -up policycoreutils-2.0.86/gui/templates/var_log.py.gui policycoreutils-2.0
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain to not audit.
+## Domain allowed access.
+## </summary>
+## </param>
+#
@ -13847,14 +13870,14 @@ diff -up policycoreutils-2.0.86/gui/templates/var_log.py.gui policycoreutils-2.0
+ ')
+
+ logging_search_logs($1)
+ manage_dirs_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
+ manage_files_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
+ manage_lnk_files_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
+ manage_dirs_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
+ manage_files_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
+ manage_lnk_files_pattern($1, TEMPLATETYPE_log_t, TEMPLATETYPE_log_t)
+')
+"""
+
+if_admin_types="""
+ type TEMPLATETYPE_log_t;"""
+ type TEMPLATETYPE_log_t;"""
+
+if_admin_rules="""
+ logging_search_logs($1)
@ -13871,9 +13894,9 @@ diff -up policycoreutils-2.0.86/gui/templates/var_log.py.gui policycoreutils-2.0
+"""
diff -up policycoreutils-2.0.86/gui/templates/var_run.py.gui policycoreutils-2.0.86/gui/templates/var_run.py
--- policycoreutils-2.0.86/gui/templates/var_run.py.gui 2011-04-12 10:52:07.569645181 -0400
+++ policycoreutils-2.0.86/gui/templates/var_run.py 2011-04-29 11:47:41.689099505 -0400
+++ policycoreutils-2.0.86/gui/templates/var_run.py 2011-05-23 17:01:11.639299961 -0400
@@ -0,0 +1,101 @@
+# Copyright (C) 2007,2010 Red Hat
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@ -13890,10 +13913,10 @@ diff -up policycoreutils-2.0.86/gui/templates/var_run.py.gui policycoreutils-2.0
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+#
+########################### var_run Template File #############################
+
+te_types="""
@ -13951,12 +13974,12 @@ diff -up policycoreutils-2.0.86/gui/templates/var_run.py.gui policycoreutils-2.0
+ ')
+
+ files_search_pids($1)
+ stream_connect_pattern($1, TEMPLATETYPE_var_run_t, TEMPLATETYPE_var_run_t)
+ stream_connect_pattern($1, TEMPLATETYPE_var_run_t, TEMPLATETYPE_var_run_t, TEMPLATETYPE_t)
+')
+"""
+
+if_admin_types="""
+ type TEMPLATETYPE_var_run_t;"""
+ type TEMPLATETYPE_var_run_t;"""
+
+if_admin_rules="""
+ files_search_pids($1)
@ -13976,9 +13999,9 @@ diff -up policycoreutils-2.0.86/gui/templates/var_run.py.gui policycoreutils-2.0
+"""
diff -up policycoreutils-2.0.86/gui/templates/var_spool.py.gui policycoreutils-2.0.86/gui/templates/var_spool.py
--- policycoreutils-2.0.86/gui/templates/var_spool.py.gui 2011-04-12 10:52:07.573645242 -0400
+++ policycoreutils-2.0.86/gui/templates/var_spool.py 2011-04-29 11:47:41.689099505 -0400
+++ policycoreutils-2.0.86/gui/templates/var_spool.py 2011-05-23 17:00:58.813198478 -0400
@@ -0,0 +1,131 @@
+# Copyright (C) 2007 Red Hat
+# Copyright (C) 2007-2011 Red Hat
+# see file 'COPYING' for use and warranty information
+#
+# policygentool is a tool for the initial generation of SELinux policy
@ -13995,10 +14018,10 @@ diff -up policycoreutils-2.0.86/gui/templates/var_spool.py.gui policycoreutils-2
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+# 02111-1307 USA
+#
+#
+#
+########################### var_spool Template File #############################
+
+########################### Type Enforcement File #############################
@ -14094,7 +14117,7 @@ diff -up policycoreutils-2.0.86/gui/templates/var_spool.py.gui policycoreutils-2
+"""
+
+if_admin_types="""
+ type TEMPLATETYPE_spool_t;"""
+ type TEMPLATETYPE_spool_t;"""
+
+if_admin_rules="""
+ files_search_spool($1)

View File

@ -7,7 +7,7 @@
Summary: SELinux policy core utilities
Name: policycoreutils
Version: 2.0.86
Release: 7%{?dist}
Release: 8%{?dist}
License: GPLv2
Group: System Environment/Base
# Based on git repository with tag 20101221
@ -331,6 +331,9 @@ fi
exit 0
%changelog
* Mon May 23 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-8
- Templates cleanedup by Dominic Grift
* Fri Apr 29 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-7
- Clean up some of the templates for sepolgen