From 16e9b0cb6bdaccb6920ae443d45b0df0890a1b96 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Fri, 27 May 2005 21:29:54 +0000
Subject: [PATCH] rpmbuild_t is not a system domain.  also mark it as most
 likely dead.

---
 refpolicy/policy/modules/admin/rpm.te | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/refpolicy/policy/modules/admin/rpm.te b/refpolicy/policy/modules/admin/rpm.te
index 988ee39a..5684eabc 100644
--- a/refpolicy/policy/modules/admin/rpm.te
+++ b/refpolicy/policy/modules/admin/rpm.te
@@ -46,8 +46,10 @@ type rpm_script_tmpfs_t;
 files_make_tmpfs_file(rpm_script_tmpfs_t)
 
 type rpmbuild_t;
+domain_make_domain(rpmbuild_t)
+
 type rpmbuild_exec_t;
-init_make_system_domain(rpmbuild_t,rpmbuild_exec_t)
+domain_make_entrypoint_file(rpmbuild_t,rpmbuild_exec_t)
 
 ########################################
 #
@@ -345,6 +347,10 @@ allow sshd_t rpm_script_t:fd use;
 # rpm-build Local policy
 #
 
+# cjp: this looks like dead policy.  nothing
+# can transition to this domain, nor can it
+# really do anything useful.
+
 kernel_get_selinuxfs_mount_point(rpmbuild_t)
 kernel_validate_selinux_context(rpmbuild_t)
 kernel_compute_selinux_access_vector(rpmbuild_t)