another slew of renaming

refpolicy/policy/modules/admin/acct.te

@@ -58,7 +58,7 @@ files_list_usr(acct_t)
 files_dontaudit_search_pids(acct_t)
 
 init_use_fd(acct_t)
-init_use_script_pty(acct_t)
+init_use_script_ptys(acct_t)
 init_exec_script(acct_t)
 
 libs_use_ld_so(acct_t)
@@ -72,8 +72,8 @@ userdom_dontaudit_search_sysadm_home_dir(acct_t)
 userdom_dontaudit_use_unpriv_user_fd(acct_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(acct_t)
-	term_dontaudit_use_generic_pty(acct_t)
+	term_dontaudit_use_unallocated_ttys(acct_t)
+	term_dontaudit_use_generic_ptys(acct_t)
 	files_dontaudit_read_root_files(acct_t)
 ')
 
@@ -88,7 +88,7 @@ optional_policy(`cron',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(acct_t)
+	nscd_socket_use(acct_t)
 ')
 
 optional_policy(`selinuxutil',`

refpolicy/policy/modules/admin/alsa.te

@@ -33,8 +33,8 @@ allow alsa_t alsa_etc_rw_t:lnk_file create_lnk_perms;
 
 files_read_etc_files(alsa_t)
 
-term_use_generic_pty(alsa_t)
-term_dontaudit_use_unallocated_tty(alsa_t)
+term_use_generic_ptys(alsa_t)
+term_dontaudit_use_unallocated_ttys(alsa_t)
 
 libs_use_ld_so(alsa_t)
 libs_use_shared_libs(alsa_t)
@@ -47,5 +47,5 @@ userdom_manage_unpriv_user_semaphores(alsa_t)
 userdom_manage_unpriv_user_shared_mem(alsa_t)
 
 optional_policy(`nscd',`
-	nscd_use_socket(alsa_t)
+	nscd_socket_use(alsa_t)
 ')

refpolicy/policy/modules/admin/amanda.te

@@ -128,7 +128,7 @@ kernel_dontaudit_getattr_unlabeled_files(amanda_t)
 kernel_dontaudit_read_proc_symlinks(amanda_t)
 
 # Added for targeted policy
-term_use_unallocated_tty(amanda_t)
+term_use_unallocated_ttys(amanda_t)
 
 corenet_tcp_sendrecv_all_if(amanda_t)
 corenet_udp_sendrecv_all_if(amanda_t)
@@ -182,7 +182,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(amanda_t)
+	nscd_socket_use(amanda_t)
 ')
 
 ########################################

refpolicy/policy/modules/admin/anaconda.te

@@ -8,7 +8,7 @@ policy_module(anaconda,1.0.0)
 
 type anaconda_t;
 domain_type(anaconda_t)
-domain_obj_id_change_exempt(anaconda_t)
+domain_obj_id_change_exemption(anaconda_t)
 role system_r types anaconda_t;
 
 ########################################

refpolicy/policy/modules/admin/consoletype.te

@@ -44,12 +44,12 @@ fs_search_auto_mountpoints(consoletype_t)
 fs_write_nfs_files(consoletype_t)
 
 term_use_console(consoletype_t)
-term_use_unallocated_tty(consoletype_t)
+term_use_unallocated_ttys(consoletype_t)
 
 init_use_fd(consoletype_t)
-init_use_script_pty(consoletype_t)
+init_use_script_ptys(consoletype_t)
 init_use_script_fd(consoletype_t)
-init_write_script_pipe(consoletype_t)
+init_write_script_pipes(consoletype_t)
 
 domain_use_wide_inherit_fd(consoletype_t)
 
@@ -61,7 +61,7 @@ libs_use_shared_libs(consoletype_t)
 
 userdom_use_sysadm_terms(consoletype_t)
 userdom_use_sysadm_fd(consoletype_t)
-userdom_rw_sysadm_pipe(consoletype_t)
+userdom_rw_sysadm_pipes(consoletype_t)
 
 ifdef(`distro_redhat',`
 	fs_rw_tmpfs_chr_files(consoletype_t)
@@ -69,7 +69,7 @@ ifdef(`distro_redhat',`
 
 optional_policy(`apm',`
 	apm_use_fd(consoletype_t)
-	apm_write_pipe(consoletype_t)
+	apm_write_pipes(consoletype_t)
 ')
 
 optional_policy(`authlogin', `
@@ -77,14 +77,14 @@ optional_policy(`authlogin', `
 ')
 
 optional_policy(`cron',`
-	cron_read_pipe(consoletype_t)
+	cron_read_pipes(consoletype_t)
 	cron_use_system_job_fd(consoletype_t)
 ')
 
 optional_policy(`firstboot',`
 	files_read_etc_files(consoletype_t)
 	firstboot_use_fd(consoletype_t)
-	firstboot_write_pipe(consoletype_t)
+	firstboot_write_pipes(consoletype_t)
 ')
 
 optional_policy(`logrotate',`
@@ -101,7 +101,7 @@ optional_policy(`nis',`
 
 optional_policy(`rpm',`
 	# Commonly used from postinst scripts
-	rpm_read_pipe(consoletype_t)
+	rpm_read_pipes(consoletype_t)
 ')
 
 optional_policy(`userdomain',`

refpolicy/policy/modules/admin/ddcprobe.te

@@ -41,15 +41,15 @@ files_read_usr_files(ddcprobe_t)
 term_use_all_user_ttys(ddcprobe_t)
 term_use_all_user_ptys(ddcprobe_t)
 
-libs_read_lib(ddcprobe_t)
+libs_read_lib_files(ddcprobe_t)
 libs_use_ld_so(ddcprobe_t)
 libs_use_shared_libs(ddcprobe_t)
 
 miscfiles_read_localization(ddcprobe_t)
 
-modutils_read_mods_deps(ddcprobe_t)
+modutils_read_module_deps(ddcprobe_t)
 
-userdom_use_all_user_fd(ddcprobe_t)
+userdom_use_all_users_fd(ddcprobe_t)
 
 #reh why? this does not seem even necessary to function properly
-kudzu_getattr_exec_file(ddcprobe_t)
+kudzu_getattr_exec_files(ddcprobe_t)

refpolicy/policy/modules/admin/dmesg.te

@@ -51,7 +51,7 @@ ifdef(`strict_policy',`
 	files_dontaudit_search_isid_type_dirs(dmesg_t)
 
 	init_use_fd(dmesg_t)
-	init_use_script_pty(dmesg_t)
+	init_use_script_ptys(dmesg_t)
 
 	libs_use_ld_so(dmesg_t)
 	libs_use_shared_libs(dmesg_t)

refpolicy/policy/modules/admin/dmidecode.te

@@ -33,6 +33,6 @@ libs_use_shared_libs(dmidecode_t)
 locallogin_use_fd(dmidecode_t)
 
 ifdef(`targeted_policy',`
-	term_use_generic_pty(dmidecode_t)
-	term_use_unallocated_tty(dmidecode_t)
+	term_use_generic_ptys(dmidecode_t)
+	term_use_unallocated_ttys(dmidecode_t)
 ')

refpolicy/policy/modules/admin/firstboot.if

@@ -90,7 +90,7 @@ interface(`firstboot_dontaudit_use_fd',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`firstboot_write_pipe',`
+interface(`firstboot_write_pipes',`
 	gen_require(`
 		type firstboot_t;
 	')

refpolicy/policy/modules/admin/firstboot.te

@@ -13,8 +13,8 @@ gen_require(`
 type firstboot_t;
 type firstboot_exec_t;
 init_system_domain(firstboot_t,firstboot_exec_t)
-domain_obj_id_change_exempt(firstboot_t)
-domain_subj_id_change_exempt(firstboot_t)
+domain_obj_id_change_exemption(firstboot_t)
+domain_subj_id_change_exemption(firstboot_t)
 role system_r types firstboot_t;
 
 type firstboot_etc_t;
@@ -95,8 +95,8 @@ logging_send_syslog_msg(firstboot_t)
 miscfiles_read_localization(firstboot_t)
 
 modutils_domtrans_insmod(firstboot_t)
-modutils_read_module_conf(firstboot_t)
-modutils_read_mods_deps(firstboot_t)
+modutils_read_module_config(firstboot_t)
+modutils_read_module_deps(firstboot_t)
 
 # Add/remove user home directories
 userdom_filetrans_generic_user_home_dir(firstboot_t)

refpolicy/policy/modules/admin/kudzu.if

@@ -55,7 +55,7 @@ interface(`kudzu_run',`
 ## </param>
 #
 # cjp: added for ddcprobe
-interface(`kudzu_getattr_exec_file',`
+interface(`kudzu_getattr_exec_files',`
 	gen_require(`
 		type kudzu_exec_t;
 	')

refpolicy/policy/modules/admin/kudzu.te

@@ -65,12 +65,12 @@ fs_write_ramfs_sockets(kudzu_t)
 mls_file_read_up(kudzu_t)
 mls_file_write_down(kudzu_t)
 
-modutils_read_mods_deps(kudzu_t)
-modutils_read_module_conf(kudzu_t)
-modutils_rename_module_conf(kudzu_t)
+modutils_read_module_deps(kudzu_t)
+modutils_read_module_config(kudzu_t)
+modutils_rename_module_config(kudzu_t)
 
 storage_read_scsi_generic(kudzu_t)
-storage_read_tape_device(kudzu_t)
+storage_read_tape(kudzu_t)
 storage_raw_write_fixed_disk(kudzu_t)
 storage_raw_read_fixed_disk(kudzu_t)
 storage_raw_read_removable_device(kudzu_t)
@@ -78,7 +78,7 @@ storage_raw_read_removable_device(kudzu_t)
 term_search_ptys(kudzu_t)
 term_dontaudit_use_console(kudzu_t)
 # so it can write messages to the console
-term_use_unallocated_tty(kudzu_t)
+term_use_unallocated_ttys(kudzu_t)
 
 corecmd_exec_sbin(kudzu_t)
 corecmd_exec_bin(kudzu_t)
@@ -101,20 +101,20 @@ files_rw_etc_runtime_files(kudzu_t)
 files_dontaudit_search_isid_type_dirs(kudzu_t)
 
 init_use_fd(kudzu_t)
-init_use_script_pty(kudzu_t)
-init_unix_connect_script(kudzu_t)
+init_use_script_ptys(kudzu_t)
+init_stream_connect_script(kudzu_t)
 
 libs_use_ld_so(kudzu_t)
 libs_use_shared_libs(kudzu_t)
 # Read /usr/lib/gconv/gconv-modules.*
-libs_read_lib(kudzu_t)
+libs_read_lib_files(kudzu_t)
 
 logging_send_syslog_msg(kudzu_t)
 
 miscfiles_read_hwdata(kudzu_t)
 miscfiles_read_localization(kudzu_t)
 
-modutils_read_module_conf(kudzu_t)
+modutils_read_module_config(kudzu_t)
 modutils_domtrans_insmod(kudzu_t)
 
 sysnet_read_config(kudzu_t)
@@ -123,8 +123,8 @@ userdom_search_sysadm_home_dir(kudzu_t)
 userdom_dontaudit_use_unpriv_user_fd(kudzu_t)
 
 ifdef(`targeted_policy',`
-        term_dontaudit_use_unallocated_tty(kudzu_t)
-        term_dontaudit_use_generic_pty(kudzu_t)
+        term_dontaudit_use_unallocated_ttys(kudzu_t)
+        term_dontaudit_use_generic_ptys(kudzu_t)
         files_dontaudit_read_root_files(kudzu_t)
 
 	# cjp: this was originally in the else block
@@ -140,7 +140,7 @@ optional_policy(`gpm',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(kudzu_t)
+	nscd_socket_use(kudzu_t)
 ')
 
 optional_policy(`selinuxutil',`

refpolicy/policy/modules/admin/logrotate.te

@@ -8,8 +8,8 @@ policy_module(logrotate,1.2.0)
 
 type logrotate_t;
 domain_type(logrotate_t)
-domain_obj_id_change_exempt(logrotate_t)
-domain_system_change_exempt(logrotate_t)
+domain_obj_id_change_exemption(logrotate_t)
+domain_system_change_exemption(logrotate_t)
 role system_r types logrotate_t;
 
 type logrotate_exec_t;
@@ -171,7 +171,7 @@ optional_policy(`mailman',`
 
 optional_policy(`mysql',`
 	mysql_read_config(logrotate_t)
-	mysql_search_db_dir(logrotate_t)
+	mysql_search_db(logrotate_t)
 	mysql_stream_connect(logrotate_t)
 ')
 
@@ -180,7 +180,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(logrotate_t)
+	nscd_socket_use(logrotate_t)
 ')
 
 optional_policy(`slrnpull',`

refpolicy/policy/modules/admin/logwatch.te

@@ -38,8 +38,8 @@ kernel_read_fs_sysctls(logwatch_t)
 kernel_read_kernel_sysctls(logwatch_t)
 kernel_read_system_state(logwatch_t)
 
-corecmd_read_sbin_symlink(logwatch_t)
-corecmd_read_sbin_file(logwatch_t)
+corecmd_read_sbin_symlinks(logwatch_t)
+corecmd_read_sbin_files(logwatch_t)
 corecmd_exec_bin(logwatch_t)
 corecmd_exec_shell(logwatch_t)
 
@@ -56,14 +56,14 @@ files_dontaudit_search_home(logwatch_t)
 
 fs_getattr_all_fs(logwatch_t)
 
-term_dontaudit_getattr_pty_dir(logwatch_t)
+term_dontaudit_getattr_pty_dirs(logwatch_t)
 term_dontaudit_list_ptys(logwatch_t)
 
 auth_dontaudit_read_shadow(logwatch_t)
 
 libs_use_ld_so(logwatch_t)
 libs_use_shared_libs(logwatch_t)
-libs_read_lib(logwatch_t)
+libs_read_lib_files(logwatch_t)
 
 logging_read_all_logs(logwatch_t)
 
@@ -72,7 +72,7 @@ miscfiles_read_localization(logwatch_t)
 selinux_dontaudit_getattr_dir(logwatch_t)
 
 userdom_dontaudit_search_sysadm_home_dir(logwatch_t)
-userdom_dontaudit_getattr_sysadm_home_dir(logwatch_t)
+userdom_dontaudit_getattr_sysadm_home_dirs(logwatch_t)
 
 mta_send_mail(logwatch_t)
 
@@ -94,7 +94,7 @@ optional_policy(`mta',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(logwatch_t)
+	nscd_socket_use(logwatch_t)
 ')
 
 optional_policy(`ntp',`

refpolicy/policy/modules/admin/mrtg.te

@@ -98,12 +98,12 @@ fs_getattr_xattr_fs(mrtg_t)
 term_dontaudit_use_console(mrtg_t)
 
 init_use_fd(mrtg_t)
-init_use_script_pty(mrtg_t)
+init_use_script_ptys(mrtg_t)
 # for uptime
 init_read_utmp(mrtg_t)
 init_dontaudit_write_utmp(mrtg_t)
 
-libs_read_lib(mrtg_t)
+libs_read_lib_files(mrtg_t)
 libs_use_ld_so(mrtg_t)
 libs_use_shared_libs(mrtg_t)
 
@@ -126,8 +126,8 @@ ifdef(`distro_redhat',`
 ')
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(mrtg_t)
-	term_dontaudit_use_generic_pty(mrtg_t)
+	term_dontaudit_use_unallocated_ttys(mrtg_t)
+	term_dontaudit_use_generic_ptys(mrtg_t)
 	files_dontaudit_read_root_files(mrtg_t)
 ')
 
@@ -157,7 +157,7 @@ optional_policy(`quota',`
 
 optional_policy(`snmp',`
 	snmp_udp_chat(mrtg_t)
-	snmp_read_snmp_var_lib(mrtg_t)
+	snmp_read_snmp_var_lib_files(mrtg_t)
 ')
 
 optional_policy(`udev',`

refpolicy/policy/modules/admin/netutils.te

@@ -65,7 +65,7 @@ files_read_etc_files(netutils_t)
 files_dontaudit_search_var(netutils_t)
 
 init_use_fd(netutils_t)
-init_use_script_pty(netutils_t)
+init_use_script_ptys(netutils_t)
 
 libs_use_ld_so(netutils_t)
 libs_use_shared_libs(netutils_t)
@@ -76,11 +76,11 @@ miscfiles_read_localization(netutils_t)
 
 sysnet_read_config(netutils_t)
 
-userdom_use_all_user_fd(netutils_t)
+userdom_use_all_users_fd(netutils_t)
 
 ifdef(`targeted_policy',`
-	term_use_generic_pty(netutils_t)
-	term_use_unallocated_tty(netutils_t)
+	term_use_generic_ptys(netutils_t)
+	term_use_unallocated_ttys(netutils_t)
 ')
 
 optional_policy(`nis',`
@@ -135,8 +135,8 @@ ifdef(`hide_broken_symptoms',`
 ')
 
 ifdef(`targeted_policy',`
-	term_use_unallocated_tty(ping_t)
-	term_use_generic_pty(ping_t)
+	term_use_unallocated_ttys(ping_t)
+	term_use_generic_ptys(ping_t)
 	term_use_all_user_ttys(ping_t)
 	term_use_all_user_ptys(ping_t)
 ',`
@@ -151,7 +151,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(ping_t)
+	nscd_socket_use(ping_t)
 ')
 
 optional_policy(`pcmcia',`
@@ -219,8 +219,8 @@ files_read_usr_files(traceroute_t)
 sysnet_read_config(traceroute_t)
 
 ifdef(`targeted_policy',`
-	term_use_unallocated_tty(traceroute_t)
-	term_use_generic_pty(traceroute_t)
+	term_use_unallocated_ttys(traceroute_t)
+	term_use_generic_ptys(traceroute_t)
 ')
 
 tunable_policy(`user_ping',`
@@ -233,7 +233,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(traceroute_t)
+	nscd_socket_use(traceroute_t)
 ')
 
 ifdef(`TODO',`

refpolicy/policy/modules/admin/portage.te

@@ -10,7 +10,7 @@ type portage_exec_t;
 files_type(portage_exec_t)
 
 portage_compile_domain_template(portage)
-domain_obj_id_change_exempt(portage_t)
+domain_obj_id_change_exemption(portage_t)
 
 portage_compile_domain_template(portage_sandbox)
 # the shell is the entrypoint if regular sandbox is disabled

refpolicy/policy/modules/admin/prelink.te

@@ -70,7 +70,7 @@ libs_relabel_ld_so(prelink_t)
 libs_use_shared_libs(prelink_t)
 libs_manage_shared_libs(prelink_t)
 libs_relabel_shared_libs(prelink_t)
-libs_use_lib(prelink_t)
+libs_use_lib_files(prelink_t)
 libs_manage_lib_files(prelink_t)
 libs_relabel_lib_files(prelink_t)
 

refpolicy/policy/modules/admin/quota.te

@@ -52,7 +52,7 @@ files_getattr_all_sockets(quota_t)
 files_read_etc_runtime_files(quota_t)
 
 init_use_fd(quota_t)
-init_use_script_pty(quota_t)
+init_use_script_ptys(quota_t)
 
 libs_use_ld_so(quota_t)
 libs_use_shared_libs(quota_t)
@@ -62,8 +62,8 @@ logging_send_syslog_msg(quota_t)
 userdom_dontaudit_use_unpriv_user_fd(quota_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(quota_t)
-	term_dontaudit_use_generic_pty(quota_t)
+	term_dontaudit_use_unallocated_ttys(quota_t)
+	term_dontaudit_use_generic_ptys(quota_t)
 	files_dontaudit_read_root_files(quota_t)
 ')
 

refpolicy/policy/modules/admin/readahead.te

@@ -55,7 +55,7 @@ term_dontaudit_use_console(readahead_t)
 auth_dontaudit_read_shadow(readahead_t)
 
 init_use_fd(readahead_t)
-init_use_script_pty(readahead_t)
+init_use_script_ptys(readahead_t)
 init_getattr_initctl(readahead_t)
 
 libs_use_ld_so(readahead_t)
@@ -70,8 +70,8 @@ userdom_dontaudit_search_sysadm_home_dir(readahead_t)
 
 ifdef(`targeted_policy',`
 	files_dontaudit_read_root_files(readahead_t)
-	term_dontaudit_use_unallocated_tty(readahead_t)
-	term_dontaudit_use_generic_pty(readahead_t)
+	term_dontaudit_use_unallocated_ttys(readahead_t)
+	term_dontaudit_use_generic_ptys(readahead_t)
 ')
 
 optional_policy(`selinuxutil',`

refpolicy/policy/modules/admin/rpm.if

@@ -31,7 +31,7 @@ interface(`rpm_domtrans',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`rpm_script_domtrans',`
+interface(`rpm_domtrans_script',`
 	gen_require(`
 		type rpm_script_t;
 	')
@@ -67,7 +67,7 @@ interface(`rpm_run',`
 	rpm_domtrans($1)
 	role $2 types rpm_t;
 	role $2 types rpm_script_t;
-	seutil_run_loadpol(rpm_script_t,$2,$3)
+	seutil_run_loadpolicy(rpm_script_t,$2,$3)
 	allow rpm_t $3:chr_file rw_term_perms;
 ')
 
@@ -95,7 +95,7 @@ interface(`rpm_use_fd',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`rpm_read_pipe',`
+interface(`rpm_read_pipes',`
 	gen_require(`
 		type rpm_t;
 	')
@@ -111,7 +111,7 @@ interface(`rpm_read_pipe',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`rpm_rw_pipe',`
+interface(`rpm_rw_pipes',`
 	gen_require(`
 		type rpm_t;
 	')
@@ -132,7 +132,7 @@ interface(`rpm_manage_log',`
 		type rpm_log_t;
 	')
 
-	logging_rw_log_dir($1)
+	logging_rw_generic_log_dirs($1)
 	allow $1 rpm_log_t:file create_file_perms;
 ')
 

refpolicy/policy/modules/admin/rpm.te

@@ -9,9 +9,9 @@ policy_module(rpm,1.2.1)
 type rpm_t;
 type rpm_exec_t;
 init_system_domain(rpm_t,rpm_exec_t)
-domain_obj_id_change_exempt(rpm_t)
-domain_role_change_exempt(rpm_t)
-domain_system_change_exempt(rpm_t)
+domain_obj_id_change_exemption(rpm_t)
+domain_role_change_exemption(rpm_t)
+domain_system_change_exemption(rpm_t)
 domain_wide_inherit_fd(rpm_t)
 role system_r types rpm_t;
 
@@ -33,8 +33,8 @@ typealias rpm_var_lib_t alias var_lib_rpm_t;
 
 type rpm_script_t;
 type rpm_script_exec_t;
-domain_obj_id_change_exempt(rpm_script_t)
-domain_system_change_exempt(rpm_script_t)
+domain_obj_id_change_exemption(rpm_script_t)
+domain_system_change_exemption(rpm_script_t)
 corecmd_shell_entry_type(rpm_script_t)
 domain_type(rpm_script_t)
 domain_entry_file(rpm_t,rpm_script_exec_t)
@@ -138,7 +138,7 @@ auth_dontaudit_read_shadow(rpm_t)
 corecmd_exec_bin(rpm_t)
 corecmd_exec_sbin(rpm_t)
 # transition to rpm script:
-rpm_script_domtrans(rpm_t)
+rpm_domtrans_script(rpm_t)
 
 domain_exec_all_entry_files(rpm_t)
 domain_read_all_domains_state(rpm_t)
@@ -166,8 +166,8 @@ libs_domtrans_ldconfig(rpm_t)
 logging_send_syslog_msg(rpm_t)
 
 # allow compiling and loading new policy
-seutil_manage_src_pol(rpm_t)
-seutil_manage_binary_pol(rpm_t)
+seutil_manage_src_policy(rpm_t)
+seutil_manage_bin_policy(rpm_t)
 
 sysnet_read_config(rpm_t)
 
@@ -324,10 +324,10 @@ miscfiles_read_localization(rpm_script_t)
 modutils_domtrans_depmod(rpm_script_t)
 modutils_domtrans_insmod(rpm_script_t)
 
-seutil_domtrans_loadpol(rpm_script_t)
+seutil_domtrans_loadpolicy(rpm_script_t)
 seutil_domtrans_restorecon(rpm_script_t)
 
-userdom_use_all_user_fd(rpm_script_t)
+userdom_use_all_users_fd(rpm_script_t)
 
 ifdef(`distro_redhat',`
 	unconfined_domain_template(rpm_script_t)

refpolicy/policy/modules/admin/su.if

@@ -52,7 +52,7 @@ template(`su_restricted_domain_template', `
 	domain_use_wide_inherit_fd($1_su_t)
 
 	init_dontaudit_use_fd($1_su_t)
-	init_dontaudit_use_script_pty($1_su_t)
+	init_dontaudit_use_script_ptys($1_su_t)
 	# Write to utmp.
 	init_rw_utmp($1_su_t)
 
@@ -64,7 +64,7 @@ template(`su_restricted_domain_template', `
 	miscfiles_read_localization($1_su_t)
 
 	optional_policy(`cron',`
-		cron_read_pipe($1_su_t)
+		cron_read_pipes($1_su_t)
 	')
 
 	optional_policy(`kerberos',`
@@ -72,7 +72,7 @@ template(`su_restricted_domain_template', `
 	')
 
 	optional_policy(`nscd',`
-		nscd_use_socket($1_su_t)
+		nscd_socket_use($1_su_t)
 	')
 
 	ifdef(`TODO',`
@@ -205,7 +205,7 @@ template(`su_per_userdomain_template',`
 	')
 
 	optional_policy(`cron',`
-		cron_read_pipe($1_su_t)
+		cron_read_pipes($1_su_t)
 	')
 
 	optional_policy(`kerberos',`
@@ -213,7 +213,7 @@ template(`su_per_userdomain_template',`
 	')
 
 	optional_policy(`nscd',`
-		nscd_use_socket($1_su_t)
+		nscd_socket_use($1_su_t)
 	')
 
 	ifdef(`TODO',`

refpolicy/policy/modules/admin/sudo.if

@@ -90,9 +90,9 @@ template(`sudo_per_userdomain_template',`
 
 	auth_domtrans_chk_passwd($1_sudo_t)
 
-	corecmd_getattr_bin_file($1_sudo_t)
-	corecmd_read_sbin_symlink($1_sudo_t)
-	corecmd_getattr_sbin_file($1_sudo_t)
+	corecmd_getattr_bin_files($1_sudo_t)
+	corecmd_read_sbin_symlinks($1_sudo_t)
+	corecmd_getattr_sbin_files($1_sudo_t)
 
 	domain_use_wide_inherit_fd($1_sudo_t)
 	domain_sigchld_wide_inherit_fd($1_sudo_t)
@@ -128,7 +128,7 @@ template(`sudo_per_userdomain_template',`
 	')
 
 	optional_policy(`nscd',`
-		nscd_use_socket($1_sudo_t)
+		nscd_socket_use($1_sudo_t)
 	')
 
 	ifdef(`TODO',`

refpolicy/policy/modules/admin/updfstab.te

@@ -67,7 +67,7 @@ files_dontaudit_search_home(updfstab_t)
 files_read_etc_runtime_files(updfstab_t)
 
 init_use_fd(updfstab_t)
-init_use_script_pty(updfstab_t)
+init_use_script_ptys(updfstab_t)
 
 libs_use_ld_so(updfstab_t)
 libs_use_shared_libs(updfstab_t)
@@ -81,13 +81,13 @@ seutil_read_config(updfstab_t)
 seutil_read_default_contexts(updfstab_t)
 seutil_read_file_contexts(updfstab_t)
 
-userdom_use_sysadm_tty(updfstab_t)
+userdom_use_sysadm_ttys(updfstab_t)
 userdom_dontaudit_search_all_users_home(updfstab_t)
 userdom_dontaudit_use_unpriv_user_fd(updfstab_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(updfstab_t)
-	term_dontaudit_use_generic_pty(updfstab_t)
+	term_dontaudit_use_unallocated_ttys(updfstab_t)
+	term_dontaudit_use_generic_ptys(updfstab_t)
 	files_dontaudit_read_root_files(updfstab_t)
 ')
 
@@ -99,7 +99,7 @@ optional_policy(`dbus',`
 	init_dbus_chat_script(updfstab_t)
 
 	dbus_system_bus_client_template(updfstab,updfstab_t)
-	dbus_send_system_bus_msg(updfstab_t)
+	dbus_send_system_bus(updfstab_t)
 ')
 
 optional_policy(`hal',`
@@ -108,13 +108,13 @@ optional_policy(`hal',`
 ')
 
 optional_policy(`modutils',`
-	modutils_read_module_conf(updfstab_t)
+	modutils_read_module_config(updfstab_t)
 	modutils_exec_insmod(updfstab_t)
-	modutils_read_mods_deps(updfstab_t)
+	modutils_read_module_deps(updfstab_t)
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(updfstab_t)
+	nscd_socket_use(updfstab_t)
 ')
 
 optional_policy(`selinuxutil',`

refpolicy/policy/modules/admin/usbmodules.te

@@ -37,7 +37,7 @@ init_use_fd(usbmodules_t)
 libs_use_ld_so(usbmodules_t)
 libs_use_shared_libs(usbmodules_t)
 
-modutils_read_mods_deps(usbmodules_t)
+modutils_read_module_deps(usbmodules_t)
 
 optional_policy(`hotplug',`
 	hotplug_read_config(usbmodules_t)

refpolicy/policy/modules/admin/usermanage.te

@@ -10,7 +10,7 @@ type admin_passwd_exec_t;
 files_type(admin_passwd_exec_t)
 
 type chfn_t;
-domain_obj_id_change_exempt(chfn_t)
+domain_obj_id_change_exemption(chfn_t)
 domain_type(chfn_t)
 role system_r types chfn_t;
 
@@ -32,12 +32,12 @@ files_tmp_file(crack_tmp_t)
 
 type groupadd_t;
 type groupadd_exec_t;
-domain_obj_id_change_exempt(groupadd_t)
+domain_obj_id_change_exemption(groupadd_t)
 init_system_domain(groupadd_t,groupadd_exec_t)
 role system_r types groupadd_t;
 
 type passwd_t;
-domain_obj_id_change_exempt(passwd_t)
+domain_obj_id_change_exemption(passwd_t)
 domain_type(passwd_t)
 role system_r types passwd_t;
 
@@ -45,7 +45,7 @@ type passwd_exec_t;
 domain_entry_file(passwd_t,passwd_exec_t)
 
 type sysadm_passwd_t;
-domain_obj_id_change_exempt(sysadm_passwd_t)
+domain_obj_id_change_exemption(sysadm_passwd_t)
 domain_type(sysadm_passwd_t)
 domain_entry_file(sysadm_passwd_t,admin_passwd_exec_t)
 role system_r types sysadm_passwd_t;
@@ -55,7 +55,7 @@ files_tmp_file(sysadm_passwd_tmp_t)
 
 type useradd_t;
 type useradd_exec_t;
-domain_obj_id_change_exempt(useradd_t)
+domain_obj_id_change_exemption(useradd_t)
 init_system_domain(useradd_t,useradd_exec_t)
 role system_r types useradd_t;
 
@@ -137,7 +137,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(chfn_t)
+	nscd_socket_use(chfn_t)
 ')
 
 ########################################
@@ -253,12 +253,12 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(groupadd_t)
+	nscd_socket_use(groupadd_t)
 ')
 
 optional_policy(`rpm',`
 	rpm_use_fd(groupadd_t)
-	rpm_rw_pipe(groupadd_t)
+	rpm_rw_pipes(groupadd_t)
 ')
 
 ########################################
@@ -333,7 +333,7 @@ seutil_dontaudit_search_config(passwd_t)
 userdom_use_unpriv_users_fd(passwd_t)
 # make sure that getcon succeeds
 userdom_getattr_all_userdomains(passwd_t)
-userdom_read_all_userdomains_state(passwd_t)
+userdom_read_all_users_state(passwd_t)
 # user generally runs this from their home directory, so do not audit a search
 # on user home dir
 userdom_dontaudit_search_all_users_home(passwd_t)
@@ -343,7 +343,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(passwd_t)
+	nscd_socket_use(passwd_t)
 ')
 
 ########################################
@@ -513,10 +513,10 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(useradd_t)
+	nscd_socket_use(useradd_t)
 ')
 
 optional_policy(`rpm',`
 	rpm_use_fd(useradd_t)
-	rpm_rw_pipe(useradd_t)
+	rpm_rw_pipes(useradd_t)
 ')

refpolicy/policy/modules/admin/vpn.te

@@ -99,7 +99,7 @@ sysnet_exec_ifconfig(vpnc_t)
 sysnet_filetrans_config(vpnc_t)
 sysnet_manage_config(vpnc_t)
 
-userdom_use_all_user_fd(vpnc_t)
+userdom_use_all_users_fd(vpnc_t)
 userdom_dontaudit_search_all_users_home(vpnc_t)
 
 optional_policy(`dbus',`
@@ -115,5 +115,5 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(vpnc_t)
+	nscd_socket_use(vpnc_t)
 ')

refpolicy/policy/modules/apps/java.if

@@ -145,7 +145,7 @@ template(`java_per_userdomain_template',`
 
 		libs_legacy_use_shared_libs($1_javaplugin_t)
 		libs_legacy_use_ld_so($1_javaplugin_t)
-		libs_use_lib($1_javaplugin_t)
+		libs_use_lib_files($1_javaplugin_t)
 
 		miscfiles_legacy_read_localization($1_javaplugin_t)
 	')
@@ -155,7 +155,7 @@ template(`java_per_userdomain_template',`
 	')
 
 	optional_policy(`nscd',`
-		nscd_use_socket($1_javaplugin_t)
+		nscd_socket_use($1_javaplugin_t)
 	')
 
 	ifdef(`TODO',`

refpolicy/policy/modules/apps/screen.if

@@ -97,15 +97,15 @@ template(`screen_per_userdomain_template',`
 	kernel_read_kernel_sysctls($1_screen_t)
 
 	corecmd_list_bin($1_screen_t)
-	corecmd_read_bin_file($1_screen_t)
-	corecmd_read_bin_symlink($1_screen_t)
-	corecmd_read_bin_pipe($1_screen_t)
-	corecmd_read_bin_socket($1_screen_t)
+	corecmd_read_bin_files($1_screen_t)
+	corecmd_read_bin_symlinks($1_screen_t)
+	corecmd_read_bin_pipes($1_screen_t)
+	corecmd_read_bin_sockets($1_screen_t)
 	corecmd_list_sbin($1_screen_t)
-	corecmd_read_sbin_symlink($1_screen_t)
-	corecmd_read_sbin_file($1_screen_t)
-	corecmd_read_sbin_pipe($1_screen_t)
-	corecmd_read_sbin_socket($1_screen_t)
+	corecmd_read_sbin_symlinks($1_screen_t)
+	corecmd_read_sbin_files($1_screen_t)
+	corecmd_read_sbin_pipes($1_screen_t)
+	corecmd_read_sbin_sockets($1_screen_t)
 	# Revert to the user domain when a shell is executed.
 	corecmd_shell_domtrans($1_screen_t,$2)
 	corecmd_bin_domtrans($1_screen_t,$2)
@@ -185,7 +185,7 @@ template(`screen_per_userdomain_template',`
 	')
 
 	optional_policy(`nscd',`
-		nscd_use_socket($1_screen_t)
+		nscd_socket_use($1_screen_t)
 	')
 
 	ifdef(`TODO',`

refpolicy/policy/modules/apps/userhelper.if

@@ -38,10 +38,10 @@ template(`userhelper_per_userdomain_template',`
 	type $1_userhelper_t;
 	domain_type($1_userhelper_t)
 	domain_entry_file($1_userhelper_t,userhelper_exec_t)
-	domain_role_change_exempt($1_userhelper_t)
-	domain_obj_id_change_exempt($1_userhelper_t)
+	domain_role_change_exemption($1_userhelper_t)
+	domain_obj_id_change_exemption($1_userhelper_t)
 	domain_wide_inherit_fd($1_userhelper_t)
-	domain_subj_id_change_exempt($1_userhelper_t)
+	domain_subj_id_change_exemption($1_userhelper_t)
 	role system_r types $1_userhelper_t;
 	
 	########################################
@@ -177,7 +177,7 @@ template(`userhelper_per_userdomain_template',`
 	')
 
 	optional_policy(`nscd',`
-		nscd_use_socket($1_userhelper_t)
+		nscd_socket_use($1_userhelper_t)
 	')
 
 	ifdef(`TODO',`

refpolicy/policy/modules/apps/webalizer.te

@@ -93,8 +93,8 @@ apache_read_log(webalizer_t)
 apache_manage_sys_content(webalizer_t)
 
 ifdef(`targeted_policy',`
-	term_use_generic_pty(webalizer_t)
-	term_use_unallocated_tty(webalizer_t)
+	term_use_generic_ptys(webalizer_t)
+	term_use_unallocated_ttys(webalizer_t)
 ')
 
 optional_policy(`ftp',`
@@ -106,7 +106,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(webalizer_t)
+	nscd_socket_use(webalizer_t)
 ')
 
 optional_policy(`cron',`

refpolicy/policy/modules/kernel/bootloader.if

@@ -55,7 +55,7 @@ interface(`bootloader_run',`
 ##	Domain to not audit.
 ## </param>
 #
-interface(`bootloader_getattr_boot_dir',`
+interface(`bootloader_getattr_boot_dirs',`
 	gen_require(`
 		type boot_t;
 	')
@@ -72,7 +72,7 @@ interface(`bootloader_getattr_boot_dir',`
 ##	Domain to not audit.
 ## </param>
 #
-interface(`bootloader_dontaudit_getattr_boot_dir',`
+interface(`bootloader_dontaudit_getattr_boot_dirs',`
 	gen_require(`
 		type boot_t;
 	')
@@ -261,7 +261,7 @@ interface(`bootloader_rw_config',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`bootloader_rw_tmp_file',`
+interface(`bootloader_rw_tmp_files',`
 	gen_require(`
 		type bootloader_tmp_t;
 	')

refpolicy/policy/modules/kernel/bootloader.te

@@ -118,7 +118,7 @@ fs_getattr_xattr_fs(bootloader_t)
 fs_read_tmpfs_symlinks(bootloader_t)
 
 term_getattr_all_user_ttys(bootloader_t)
-term_dontaudit_manage_pty_dir(bootloader_t)
+term_dontaudit_manage_pty_dirs(bootloader_t)
 
 corecmd_exec_bin(bootloader_t)
 corecmd_exec_sbin(bootloader_t)
@@ -137,13 +137,13 @@ files_read_var_files(bootloader_t)
 files_dontaudit_search_pids(bootloader_t)
 
 init_getattr_initctl(bootloader_t)
-init_use_script_pty(bootloader_t)
+init_use_script_ptys(bootloader_t)
 init_use_script_fd(bootloader_t)
-init_rw_script_pipe(bootloader_t)
+init_rw_script_pipes(bootloader_t)
 
 libs_use_ld_so(bootloader_t)
 libs_use_shared_libs(bootloader_t)
-libs_read_lib(bootloader_t)
+libs_read_lib_files(bootloader_t)
 libs_exec_lib_files(bootloader_t)
 
 logging_send_syslog_msg(bootloader_t)
@@ -151,8 +151,8 @@ logging_rw_generic_logs(bootloader_t)
 
 miscfiles_read_localization(bootloader_t)
 
-seutil_read_binary_pol(bootloader_t)
-seutil_read_loadpol(bootloader_t)
+seutil_read_bin_policy(bootloader_t)
+seutil_read_loadpolicy(bootloader_t)
 seutil_dontaudit_search_config(bootloader_t)
 
 ifdef(`distro_debian',`
@@ -195,8 +195,8 @@ ifdef(`distro_redhat',`
 ')
 
 ifdef(`targeted_policy',`
-	term_use_unallocated_tty(bootloader_t)
-	term_use_generic_pty(bootloader_t)
+	term_use_unallocated_ttys(bootloader_t)
+	term_use_generic_ptys(bootloader_t)
 ')
 
 optional_policy(`fstools',`
@@ -212,19 +212,19 @@ optional_policy(`lvm',`
 
 optional_policy(`modutils',`
 	modutils_exec_insmod(bootloader_t)
-	modutils_read_mods_deps(bootloader_t)
-	modutils_read_module_conf(bootloader_t)
+	modutils_read_module_deps(bootloader_t)
+	modutils_read_module_config(bootloader_t)
 	modutils_exec_insmod(bootloader_t)
 	modutils_exec_depmod(bootloader_t)
 	modutils_exec_update_mods(bootloader_t)
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(bootloader_t)
+	nscd_socket_use(bootloader_t)
 ')
 
 optional_policy(`rpm',`
-	rpm_rw_pipe(bootloader_t)
+	rpm_rw_pipes(bootloader_t)
 ')
 
 optional_policy(`userdomain',`

refpolicy/policy/modules/kernel/corecommands.if

@@ -84,7 +84,7 @@ interface(`corecmd_list_bin',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`corecmd_getattr_bin_file',`
+interface(`corecmd_getattr_bin_files',`
 	gen_require(`
 		type bin_t;
 	')
@@ -100,7 +100,7 @@ interface(`corecmd_getattr_bin_file',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`corecmd_read_bin_file',`
+interface(`corecmd_read_bin_files',`
 	gen_require(`
 		type bin_t;
 	')
@@ -117,7 +117,7 @@ interface(`corecmd_read_bin_file',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`corecmd_read_bin_symlink',`
+interface(`corecmd_read_bin_symlinks',`
 	gen_require(`
 		type bin_t;
 	')
@@ -134,7 +134,7 @@ interface(`corecmd_read_bin_symlink',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`corecmd_read_bin_pipe',`
+interface(`corecmd_read_bin_pipes',`
 	gen_require(`
 		type bin_t;
 	')
@@ -151,7 +151,7 @@ interface(`corecmd_read_bin_pipe',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`corecmd_read_bin_socket',`
+interface(`corecmd_read_bin_sockets',`
 	gen_require(`
 		type bin_t;
 	')
@@ -351,9 +351,9 @@ interface(`corecmd_list_sbin',`
 
 ########################################
 #
-# corecmd_getattr_sbin_file(domain)
+# corecmd_getattr_sbin_files(domain)
 #
-interface(`corecmd_getattr_sbin_file',`
+interface(`corecmd_getattr_sbin_files',`
 	gen_require(`
 		type sbin_t;
 	')
@@ -363,9 +363,9 @@ interface(`corecmd_getattr_sbin_file',`
 
 ########################################
 #
-# corecmd_dontaudit_getattr_sbin_file(domain)
+# corecmd_dontaudit_getattr_sbin_files(domain)
 #
-interface(`corecmd_dontaudit_getattr_sbin_file',`
+interface(`corecmd_dontaudit_getattr_sbin_files',`
 	gen_require(`
 		type sbin_t;
 	')
@@ -381,7 +381,7 @@ interface(`corecmd_dontaudit_getattr_sbin_file',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`corecmd_read_sbin_file',`
+interface(`corecmd_read_sbin_files',`
 	gen_require(`
 		type sbin_t;
 	')
@@ -398,7 +398,7 @@ interface(`corecmd_read_sbin_file',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`corecmd_read_sbin_symlink',`
+interface(`corecmd_read_sbin_symlinks',`
 	gen_require(`
 		type sbin_t;
 	')
@@ -415,7 +415,7 @@ interface(`corecmd_read_sbin_symlink',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`corecmd_read_sbin_pipe',`
+interface(`corecmd_read_sbin_pipes',`
 	gen_require(`
 		type sbin_t;
 	')
@@ -432,7 +432,7 @@ interface(`corecmd_read_sbin_pipe',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`corecmd_read_sbin_socket',`
+interface(`corecmd_read_sbin_sockets',`
 	gen_require(`
 		type sbin_t;
 	')

refpolicy/policy/modules/kernel/domain.if

@@ -89,7 +89,7 @@ interface(`domain_type',`
 	# these 3 seem highly questionable:
 	optional_policy(`rpm',`
 		rpm_use_fd($1)
-		rpm_read_pipe($1)
+		rpm_read_pipes($1)
 	')
 
 	optional_policy(`selinux',`
@@ -161,7 +161,7 @@ interface(`domain_dyntrans_type',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`domain_system_change_exempt',`
+interface(`domain_system_change_exemption',`
 	gen_require(`
 		attribute can_system_change;
 	')
@@ -178,7 +178,7 @@ interface(`domain_system_change_exempt',`
 ##	The process type to make an exception to the constraint.
 ## </param>
 #
-interface(`domain_subj_id_change_exempt',`
+interface(`domain_subj_id_change_exemption',`
 	gen_require(`
 		attribute can_change_process_identity;
 	')
@@ -195,7 +195,7 @@ interface(`domain_subj_id_change_exempt',`
 ##	The process type to make an exception to the constraint.
 ## </param>
 #
-interface(`domain_role_change_exempt',`
+interface(`domain_role_change_exemption',`
 	gen_require(`
 		attribute can_change_process_role;
 	')
@@ -212,7 +212,7 @@ interface(`domain_role_change_exempt',`
 ##	The process type to make an exception to the constraint.
 ## </param>
 #
-interface(`domain_obj_id_change_exempt',`
+interface(`domain_obj_id_change_exemption',`
 	gen_require(`
 		attribute can_change_object_identity;
 	')
@@ -678,7 +678,7 @@ interface(`domain_dontaudit_read_all_domains_state',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`domain_dontaudit_list_all_domains_proc',`
+interface(`domain_dontaudit_list_all_domains_state',`
 	gen_require(`
 		attribute domain;
 	')
@@ -1048,7 +1048,7 @@ interface(`domain_mmap_all_entry_files',`
 ## </param>
 #
 # cjp: added for userhelper
-interface(`domain_entry_spec_domtrans',`
+interface(`domain_entry_file_spec_domtrans',`
 	gen_require(`
 		attribute entry_type;
 	')

refpolicy/policy/modules/kernel/files.if

@@ -730,7 +730,7 @@ interface(`files_relabel_all_files',`
 	allow $1 { file_type $2 }:chr_file { getattr relabelfrom };
 
 	# satisfy the assertions:
-	seutil_relabelto_binary_pol($1)
+	seutil_relabelto_bin_policy($1)
 ')
 
 ########################################
@@ -758,7 +758,7 @@ interface(`files_manage_all_files',`
 	allow $1 { file_type $2 }:sock_file create_file_perms;
 
 	# satisfy the assertions:
-	seutil_create_binary_pol($1)
+	seutil_create_bin_policy($1)
 	bootloader_manage_kernel_modules($1)
 ')
 

refpolicy/policy/modules/kernel/kernel.te

@@ -266,7 +266,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`portmap',`
-	portmap_udp_sendto(kernel_t)
+	portmap_udp_send(kernel_t)
 ')
 
 optional_policy(`rpc',`
@@ -293,7 +293,7 @@ optional_policy(`rpc',`
 	rpc_manage_nfs_ro_content(kernel_t)
 	rpc_manage_nfs_rw_content(kernel_t)
 	rpc_udp_rw_nfs_sockets(kernel_t) 
-	rpc_udp_sendto_nfs(kernel_t)
+	rpc_udp_send_nfs(kernel_t)
 
 	tunable_policy(`nfs_export_all_ro',`
 		fs_list_noxattr_fs(kernel_t) 
@@ -316,7 +316,7 @@ optional_policy(`rpc',`
 
 optional_policy(`selinuxutil',`
 	seutil_read_config(kernel_t)
-	seutil_read_binary_pol(kernel_t)
+	seutil_read_bin_policy(kernel_t)
 ')
 
 ########################################

refpolicy/policy/modules/kernel/storage.if

@@ -9,7 +9,7 @@
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`storage_getattr_fixed_disk',`
+interface(`storage_getattr_fixed_disk_dev',`
 	gen_require(`
 		type fixed_disk_device_t;
 	')
@@ -27,7 +27,7 @@ interface(`storage_getattr_fixed_disk',`
 ##	The type of the process to not audit.
 ## </param>
 #
-interface(`storage_dontaudit_getattr_fixed_disk',`
+interface(`storage_dontaudit_getattr_fixed_disk_dev',`
 	gen_require(`
 		type fixed_disk_device_t;
 	')
@@ -44,7 +44,7 @@ interface(`storage_dontaudit_getattr_fixed_disk',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`storage_setattr_fixed_disk',`
+interface(`storage_setattr_fixed_disk_dev',`
 	gen_require(`
 		type fixed_disk_device_t;
 	')
@@ -62,7 +62,7 @@ interface(`storage_setattr_fixed_disk',`
 ##	The type of the process to not audit.
 ## </param>
 #
-interface(`storage_dontaudit_setattr_fixed_disk',`
+interface(`storage_dontaudit_setattr_fixed_disk_dev',`
 	gen_require(`
 		type fixed_disk_device_t;
 	')
@@ -295,7 +295,7 @@ interface(`storage_raw_write_lvm_volume',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`storage_getattr_scsi_generic',`
+interface(`storage_getattr_scsi_generic_dev',`
 	gen_require(`
 		type scsi_generic_device_t;
 	')
@@ -313,7 +313,7 @@ interface(`storage_getattr_scsi_generic',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`storage_setattr_scsi_generic',`
+interface(`storage_setattr_scsi_generic_dev',`
 	gen_require(`
 		type scsi_generic_device_t;
 	')
@@ -377,7 +377,7 @@ interface(`storage_write_scsi_generic',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`storage_set_scsi_generic_attributes',`
+interface(`storage_setattr_scsi_generic_dev_dev',`
 	gen_require(`
 		type scsi_generic_device_t;
 	')
@@ -412,7 +412,7 @@ interface(`storage_dontaudit_rw_scsi_generic',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`storage_getattr_removable_device',`
+interface(`storage_getattr_removable_dev',`
 	gen_require(`
 		type removable_device_t;
 	')
@@ -430,7 +430,7 @@ interface(`storage_getattr_removable_device',`
 ##	The type of the process to not audit.
 ## </param>
 #
-interface(`storage_dontaudit_getattr_removable_device',`
+interface(`storage_dontaudit_getattr_removable_dev',`
 	gen_require(`
 		type removable_device_t;
 	')
@@ -465,7 +465,7 @@ interface(`storage_dontaudit_read_removable_device',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`storage_setattr_removable_device',`
+interface(`storage_setattr_removable_dev',`
 	gen_require(`
 		type removable_device_t;
 	')
@@ -483,7 +483,7 @@ interface(`storage_setattr_removable_device',`
 ##	The type of the process to not audit.
 ## </param>
 #
-interface(`storage_dontaudit_setattr_removable_device',`
+interface(`storage_dontaudit_setattr_removable_dev',`
 	gen_require(`
 		type removable_device_t;
 	')
@@ -574,7 +574,7 @@ interface(`storage_dontaudit_raw_write_removable_device',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`storage_read_tape_device',`
+interface(`storage_read_tape',`
 	gen_require(`
 		type tape_device_t;
 	')
@@ -592,7 +592,7 @@ interface(`storage_read_tape_device',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`storage_write_tape_device',`
+interface(`storage_write_tape',`
 	gen_require(`
 		type tape_device_t;
 	')
@@ -610,7 +610,7 @@ interface(`storage_write_tape_device',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`storage_getattr_tape_device',`
+interface(`storage_getattr_tape_dev',`
 	gen_require(`
 		type tape_device_t;
 	')
@@ -628,7 +628,7 @@ interface(`storage_getattr_tape_device',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`storage_setattr_tape_device',`
+interface(`storage_setattr_tape_dev',`
 	gen_require(`
 		type tape_device_t;
 	')

refpolicy/policy/modules/kernel/terminal.if

@@ -237,7 +237,7 @@ interface(`term_setattr_console',`
 ##	The type of the process to not audit.
 ## </param>
 #
-interface(`term_dontaudit_getattr_pty_dir',`
+interface(`term_dontaudit_getattr_pty_dirs',`
 	gen_require(`
 		type devpts_t;
 	')
@@ -324,7 +324,7 @@ interface(`term_dontaudit_list_ptys',`
 ##	The type of the process to not audit.
 ## </param>
 #
-interface(`term_dontaudit_manage_pty_dir',`
+interface(`term_dontaudit_manage_pty_dirs',`
 	gen_require(`
 		type devpts_t;
 	')
@@ -341,7 +341,7 @@ interface(`term_dontaudit_manage_pty_dir',`
 ## </param>
 #
 # cjp: added for ppp
-interface(`term_ioctl_generic_pty',`
+interface(`term_ioctl_generic_ptys',`
 	gen_require(`
 		type devpts_t;
 	')
@@ -361,7 +361,7 @@ interface(`term_ioctl_generic_pty',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`term_use_generic_pty',`
+interface(`term_use_generic_ptys',`
 	gen_require(`
 		type devpts_t;
 	')
@@ -381,7 +381,7 @@ interface(`term_use_generic_pty',`
 ##	The type of the process to not audit.
 ## </param>
 #
-interface(`term_dontaudit_use_generic_pty',`
+interface(`term_dontaudit_use_generic_ptys',`
 	gen_require(`
 		type devpts_t;
 	')
@@ -703,7 +703,7 @@ interface(`term_write_unallocated_ttys',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`term_use_unallocated_tty',`
+interface(`term_use_unallocated_ttys',`
 	gen_require(`
 		type tty_device_t;
 	')
@@ -721,7 +721,7 @@ interface(`term_use_unallocated_tty',`
 ##	The type of the process to not audit.
 ## </param>
 #
-interface(`term_dontaudit_use_unallocated_tty',`
+interface(`term_dontaudit_use_unallocated_ttys',`
 	gen_require(`
 		type tty_device_t;
 	')

refpolicy/policy/modules/services/apache.if

@@ -176,7 +176,7 @@ template(`apache_content_template',`
 		files_read_etc_runtime_files(httpd_$1_script_t)
 		files_read_usr_files(httpd_$1_script_t)
 
-		libs_read_lib(httpd_$1_script_t)
+		libs_read_lib_files(httpd_$1_script_t)
 
 		miscfiles_read_localization(httpd_$1_script_t)
 
@@ -226,7 +226,7 @@ template(`apache_content_template',`
 	')
 
 	optional_policy(`nscd',`
-		nscd_use_socket(httpd_$1_script_t)
+		nscd_socket_use(httpd_$1_script_t)
 	')
 ')
 
@@ -400,7 +400,7 @@ interface(`apache_use_fd',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`apache_dontaudit_rw_stream_socket',`
+interface(`apache_dontaudit_rw_stream_sockets',`
 	gen_require(`
 		type httpd_t;
 	')
@@ -417,7 +417,7 @@ interface(`apache_dontaudit_rw_stream_socket',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`apache_dontaudit_rw_tcp_socket',`
+interface(`apache_dontaudit_rw_tcp_sockets',`
 	gen_require(`
 		type httpd_t;
 	')
@@ -642,7 +642,7 @@ interface(`apache_domtrans_sys_script',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`apache_dontaudit_rw_sys_script_stream_socket',`
+interface(`apache_dontaudit_rw_sys_script_stream_sockets',`
 	gen_require(`
 		type httpd_sys_script_t;
 	')

refpolicy/policy/modules/services/apache.te

@@ -263,11 +263,11 @@ files_read_etc_files(httpd_t)
 files_read_var_lib_symlinks(httpd_t)
 
 init_use_fd(httpd_t)
-init_use_script_pty(httpd_t)
+init_use_script_ptys(httpd_t)
 
 libs_use_ld_so(httpd_t)
 libs_use_shared_libs(httpd_t)
-libs_read_lib(httpd_t)
+libs_read_lib_files(httpd_t)
 
 logging_send_syslog_msg(httpd_t)
 
@@ -287,8 +287,8 @@ userdom_dontaudit_search_sysadm_home_dir(httpd_t)
 mta_send_mail(httpd_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(httpd_t)
-	term_dontaudit_use_generic_pty(httpd_t)
+	term_dontaudit_use_unallocated_ttys(httpd_t)
+	term_dontaudit_use_generic_ptys(httpd_t)
 	files_dontaudit_read_root_files(httpd_t)
 
 	tunable_policy(`httpd_enable_homedirs',`
@@ -413,16 +413,16 @@ optional_policy(`mailman',`
 
 optional_policy(`mysql',`
 	mysql_stream_connect(httpd_t)
-	mysql_rw_db_socket(httpd_t)
+	mysql_rw_db_sockets(httpd_t)
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(httpd_t)
+	nscd_socket_use(httpd_t)
 ')
 
 optional_policy(`postgresql',` 
 	# Allow httpd to work with postgresql
-	postgresql_unix_connect(httpd_t)
+	postgresql_stream_connect(httpd_t)
 ')
 
 optional_policy(`selinuxutil',`
@@ -645,7 +645,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(httpd_suexec_t)
+	nscd_socket_use(httpd_suexec_t)
 ')
 
 ########################################
@@ -680,7 +680,7 @@ ifdef(`targeted_policy',`
 
 optional_policy(`mysql',`
 	mysql_stream_connect(httpd_sys_script_t)
-	mysql_rw_db_socket(httpd_sys_script_t)
+	mysql_rw_db_sockets(httpd_sys_script_t)
 ')
 
 ########################################
@@ -695,5 +695,5 @@ optional_policy(`cron',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(httpd_unconfined_script_t)
+	nscd_socket_use(httpd_unconfined_script_t)
 ')

refpolicy/policy/modules/services/apm.if

@@ -46,7 +46,7 @@ interface(`apm_use_fd',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`apm_write_pipe',`
+interface(`apm_write_pipes',`
 	gen_require(`
 		type apmd_t;
 	')
@@ -62,7 +62,7 @@ interface(`apm_write_pipe',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`apm_rw_stream_socket',`
+interface(`apm_rw_stream_sockets',`
 	gen_require(`
 		type apmd_t;
 	')

refpolicy/policy/modules/services/apm.te

@@ -115,7 +115,7 @@ domain_read_all_domains_state(apmd_t)
 domain_use_wide_inherit_fd(apmd_t)
 domain_dontaudit_getattr_all_sockets(apmd_t)
 domain_dontaudit_getattr_all_key_sockets(apmd_t) # Excessive?
-domain_dontaudit_list_all_domains_proc(apmd_t) # Excessive?
+domain_dontaudit_list_all_domains_state(apmd_t) # Excessive?
 
 files_exec_etc_files(apmd_t)
 files_read_etc_runtime_files(apmd_t)
@@ -126,7 +126,7 @@ files_dontaudit_getattr_all_sockets(apmd_t) # Excessive?
 
 init_domtrans_script(apmd_t)
 init_use_fd(apmd_t)
-init_use_script_pty(apmd_t)
+init_use_script_ptys(apmd_t)
 init_rw_utmp(apmd_t)
 init_write_initctl(apmd_t)
 
@@ -141,7 +141,7 @@ miscfiles_read_localization(apmd_t)
 miscfiles_read_hwdata(apmd_t)
 
 modutils_domtrans_insmod(apmd_t)
-modutils_read_module_conf(apmd_t)
+modutils_read_module_config(apmd_t)
 
 seutil_dontaudit_read_config(apmd_t)
 
@@ -180,8 +180,8 @@ ifdef(`distro_suse',`
 ')
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(apmd_t)
-	term_dontaudit_use_generic_pty(apmd_t)
+	term_dontaudit_use_unallocated_ttys(apmd_t)
+	term_dontaudit_use_generic_ptys(apmd_t)
 	files_dontaudit_read_root_files(apmd_t)
 	unconfined_domain_template(apmd_t)
 ')
@@ -197,7 +197,7 @@ optional_policy(`clock',`
 
 optional_policy(`cron',`
 	cron_system_entry(apmd_t, apmd_exec_t)
-	cron_domtrans_anacron_system_job(apmd_t)
+	cron_anacron_domtrans_system_job(apmd_t)
 ')
 
 optional_policy(`dbus',`
@@ -217,7 +217,7 @@ optional_policy(`mta',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(apmd_t)
+	nscd_socket_use(apmd_t)
 ')
 
 optional_policy(`pcmcia',`

refpolicy/policy/modules/services/arpwatch.if

@@ -74,7 +74,7 @@ interface(`arpwatch_manage_tmp_files',`
 ##	Domain to not audit.
 ## </param>
 #
-interface(`arpwatch_dontaudit_rw_packet_socket',`
+interface(`arpwatch_dontaudit_rw_packet_sockets',`
 	gen_require(`
 		type arpwatch_t;
 	')

refpolicy/policy/modules/services/arpwatch.te

@@ -68,7 +68,7 @@ fs_search_auto_mountpoints(arpwatch_t)
 
 term_dontaudit_use_console(arpwatch_t)
 
-corecmd_read_sbin_symlink(arpwatch_t)
+corecmd_read_sbin_symlinks(arpwatch_t)
 
 domain_use_wide_inherit_fd(arpwatch_t)
 
@@ -77,7 +77,7 @@ files_read_usr_files(arpwatch_t)
 files_search_var_lib(arpwatch_t)
 
 init_use_fd(arpwatch_t)
-init_use_script_pty(arpwatch_t)
+init_use_script_ptys(arpwatch_t)
 
 libs_use_ld_so(arpwatch_t)
 libs_use_shared_libs(arpwatch_t)
@@ -94,8 +94,8 @@ userdom_dontaudit_search_sysadm_home_dir(arpwatch_t)
 mta_send_mail(arpwatch_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(arpwatch_t)
-	term_dontaudit_use_generic_pty(arpwatch_t)
+	term_dontaudit_use_unallocated_ttys(arpwatch_t)
+	term_dontaudit_use_generic_ptys(arpwatch_t)
 	files_dontaudit_read_root_files(arpwatch_t)
 ')
 

refpolicy/policy/modules/services/automount.te

@@ -63,7 +63,7 @@ kernel_read_proc_symlinks(automount_t)
 kernel_read_system_state(automount_t)
 kernel_list_proc(automount_t)
 
-bootloader_getattr_boot_dir(automount_t)
+bootloader_getattr_boot_dirs(automount_t)
 
 corecmd_exec_sbin(automount_t)
 corecmd_exec_bin(automount_t)
@@ -108,10 +108,10 @@ fs_search_auto_mountpoints(automount_t)
 fs_manage_auto_mountpoints(automount_t)
 
 term_dontaudit_use_console(automount_t)
-term_dontaudit_getattr_pty_dir(automount_t)
+term_dontaudit_getattr_pty_dirs(automount_t)
 
 init_use_fd(automount_t)
-init_use_script_pty(automount_t)
+init_use_script_ptys(automount_t)
 
 libs_use_ld_so(automount_t)
 libs_use_shared_libs(automount_t)
@@ -133,8 +133,8 @@ userdom_dontaudit_search_sysadm_home_dir(automount_t)
 
 ifdef(`targeted_policy', `
 	files_dontaudit_read_root_files(automount_t)
-	term_dontaudit_use_unallocated_tty(automount_t)
-	term_dontaudit_use_generic_pty(automount_t)
+	term_dontaudit_use_unallocated_ttys(automount_t)
+	term_dontaudit_use_generic_ptys(automount_t)
 ')
 
 optional_policy(`apm',`

refpolicy/policy/modules/services/avahi.te

@@ -65,7 +65,7 @@ domain_use_wide_inherit_fd(avahi_t)
 files_read_etc_files(avahi_t)
 
 init_use_fd(avahi_t)
-init_use_script_pty(avahi_t)
+init_use_script_ptys(avahi_t)
 init_signal_script(avahi_t)
 init_signull_script(avahi_t)
 
@@ -82,15 +82,15 @@ userdom_dontaudit_use_unpriv_user_fd(avahi_t)
 userdom_dontaudit_search_sysadm_home_dir(avahi_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(avahi_t)
-	term_dontaudit_use_generic_pty(avahi_t)
+	term_dontaudit_use_unallocated_ttys(avahi_t)
+	term_dontaudit_use_generic_ptys(avahi_t)
 	files_dontaudit_read_root_files(avahi_t)
 ')
 
 optional_policy(`dbus',`
 	dbus_system_bus_client_template(avahi,avahi_t)
 	dbus_connect_system_bus(avahi_t)
-	dbus_send_system_bus_msg(avahi_t)
+	dbus_send_system_bus(avahi_t)
 ')
 
 optional_policy(`nis',`

refpolicy/policy/modules/services/bind.if

@@ -143,7 +143,7 @@ interface(`bind_write_config',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`bind_manage_config_dir',`
+interface(`bind_manage_config_dirs',`
 	gen_require(`
 		type named_conf_t;
 	')
@@ -200,7 +200,7 @@ interface(`bind_manage_cache',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`bind_setattr_pid_dir',`
+interface(`bind_setattr_pid_dirs',`
 	gen_require(`
 		type named_var_run_t;
 	')

refpolicy/policy/modules/services/bind.te

@@ -131,7 +131,7 @@ files_read_etc_files(named_t)
 files_read_etc_runtime_files(named_t)
 
 init_use_fd(named_t)
-init_use_script_pty(named_t)
+init_use_script_ptys(named_t)
 
 libs_use_ld_so(named_t)
 libs_use_shared_libs(named_t)
@@ -146,8 +146,8 @@ userdom_dontaudit_use_unpriv_user_fd(named_t)
 userdom_dontaudit_search_sysadm_home_dir(named_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(named_t)
-	term_dontaudit_use_generic_pty(named_t)
+	term_dontaudit_use_unallocated_ttys(named_t)
+	term_dontaudit_use_generic_ptys(named_t)
 	files_dontaudit_read_root_files(named_t)
 ')
 
@@ -170,7 +170,7 @@ optional_policy(`dbus',`
 
 	dbus_system_bus_client_template(named,named_t)
 	dbus_connect_system_bus(named_t)
-	dbus_send_system_bus_msg(named_t)
+	dbus_send_system_bus(named_t)
 
 	optional_policy(`networkmanager',`
 		networkmanager_dbus_chat(named_t)
@@ -185,9 +185,9 @@ optional_policy(`networkmanager',`
 	# this seems like fds that arent being
 	# closed.  these should probably be
 	# dontaudits instead.
-	networkmanager_rw_udp_socket(named_t)
-	networkmanager_rw_packet_socket(named_t)
-	networkmanager_rw_routing_socket(named_t)
+	networkmanager_rw_udp_sockets(named_t)
+	networkmanager_rw_packet_sockets(named_t)
+	networkmanager_rw_routing_sockets(named_t)
 ')
 
 optional_policy(`nis',`
@@ -195,7 +195,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(named_t)
+	nscd_socket_use(named_t)
 ')
 
 optional_policy(`selinuxutil',`
@@ -256,7 +256,7 @@ files_read_etc_files(ndc_t)
 files_search_pids(ndc_t)
 
 init_use_fd(ndc_t)
-init_use_script_pty(ndc_t)
+init_use_script_ptys(ndc_t)
 
 libs_use_ld_so(ndc_t)
 libs_use_shared_libs(ndc_t)
@@ -276,8 +276,8 @@ ifdef(`distro_redhat',`
 ifdef(`targeted_policy',`
 	kernel_dontaudit_read_unlabeled_files(ndc_t)
 
-	term_use_unallocated_tty(ndc_t)
-	term_use_generic_pty(ndc_t)
+	term_use_unallocated_ttys(ndc_t)
+	term_use_generic_ptys(ndc_t)
 ')
 
 optional_policy(`nis',`
@@ -285,7 +285,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(ndc_t)
+	nscd_socket_use(ndc_t)
 ')
 
 optional_policy(`ppp',`

refpolicy/policy/modules/services/bluetooth.te

@@ -108,7 +108,7 @@ fs_search_auto_mountpoints(bluetooth_t)
 
 term_dontaudit_use_console(bluetooth_t)
 #Handle bluetooth serial devices
-term_use_unallocated_tty(bluetooth_t)
+term_use_unallocated_ttys(bluetooth_t)
 
 corecmd_exec_bin(bluetooth_t)
 corecmd_exec_shell(bluetooth_t)
@@ -120,7 +120,7 @@ files_read_etc_runtime_files(bluetooth_t)
 files_read_usr_files(bluetooth_t)
 
 init_use_fd(bluetooth_t)
-init_use_script_pty(bluetooth_t)
+init_use_script_ptys(bluetooth_t)
 
 libs_use_ld_so(bluetooth_t)
 libs_use_shared_libs(bluetooth_t)
@@ -133,18 +133,18 @@ miscfiles_read_fonts(bluetooth_t)
 sysnet_read_config(bluetooth_t)
 
 userdom_dontaudit_use_unpriv_user_fd(bluetooth_t)
-userdom_dontaudit_use_sysadm_pty(bluetooth_t)
+userdom_dontaudit_use_sysadm_ptys(bluetooth_t)
 userdom_dontaudit_search_sysadm_home_dir(bluetooth_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(bluetooth_t)
-	term_dontaudit_use_generic_pty(bluetooth_t)
+	term_dontaudit_use_unallocated_ttys(bluetooth_t)
+	term_dontaudit_use_generic_ptys(bluetooth_t)
 	files_dontaudit_read_root_files(bluetooth_t)
 ')
 
 optional_policy(`dbus',`
 	dbus_system_bus_client_template(bluetooth,bluetooth_t)
-	dbus_send_system_bus_msg(bluetooth_t)
+	dbus_send_system_bus(bluetooth_t)
 ')
 
 optional_policy(`nis',`
@@ -204,7 +204,7 @@ miscfiles_read_fonts(bluetooth_helper_t)
 userdom_search_all_users_home(bluetooth_helper_t)
 
 optional_policy(`nscd',`
-	nscd_use_socket(bluetooth_helper_t)
+	nscd_socket_use(bluetooth_helper_t)
 ')
 
 ifdef(`TODO',`

refpolicy/policy/modules/services/canna.te

@@ -73,7 +73,7 @@ files_search_tmp(canna_t)
 files_dontaudit_read_root_files(canna_t)
 
 init_use_fd(canna_t)
-init_use_script_pty(canna_t)
+init_use_script_ptys(canna_t)
 
 libs_use_ld_so(canna_t)
 libs_use_shared_libs(canna_t)
@@ -88,8 +88,8 @@ userdom_dontaudit_use_unpriv_user_fd(canna_t)
 userdom_dontaudit_search_sysadm_home_dir(canna_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(canna_t)
-	term_dontaudit_use_generic_pty(canna_t)
+	term_dontaudit_use_unallocated_ttys(canna_t)
+	term_dontaudit_use_generic_ptys(canna_t)
 	files_dontaudit_read_root_files(canna_t)
 ')
 

refpolicy/policy/modules/services/comsat.te

@@ -76,7 +76,7 @@ miscfiles_read_localization(comsat_t)
 
 sysnet_read_config(comsat_t)
 
-userdom_dontaudit_getattr_sysadm_tty(comsat_t)
+userdom_dontaudit_getattr_sysadm_ttys(comsat_t)
 
 mta_getattr_spool(comsat_t)
 
@@ -89,7 +89,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(comsat_t)
+	nscd_socket_use(comsat_t)
 ')
 
 

refpolicy/policy/modules/services/cpucontrol.te

@@ -46,7 +46,7 @@ domain_use_wide_inherit_fd(cpucontrol_t)
 files_list_usr(cpucontrol_t)
 
 init_use_fd(cpucontrol_t)
-init_use_script_pty(cpucontrol_t)
+init_use_script_ptys(cpucontrol_t)
 
 libs_use_ld_so(cpucontrol_t)
 libs_use_shared_libs(cpucontrol_t)
@@ -56,13 +56,13 @@ logging_send_syslog_msg(cpucontrol_t)
 userdom_dontaudit_use_unpriv_user_fd(cpucontrol_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(cpucontrol_t)
-	term_dontaudit_use_generic_pty(cpucontrol_t)
+	term_dontaudit_use_unallocated_ttys(cpucontrol_t)
+	term_dontaudit_use_generic_ptys(cpucontrol_t)
 	files_dontaudit_read_root_files(cpucontrol_t)
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(cpucontrol_t)
+	nscd_socket_use(cpucontrol_t)
 ')
 
 optional_policy(`selinuxutil',`
@@ -98,7 +98,7 @@ files_read_etc_runtime_files(cpuspeed_t)
 files_list_usr(cpuspeed_t)
 
 init_use_fd(cpuspeed_t)
-init_use_script_pty(cpuspeed_t)
+init_use_script_ptys(cpuspeed_t)
 
 libs_use_ld_so(cpuspeed_t)
 libs_use_shared_libs(cpuspeed_t)
@@ -110,13 +110,13 @@ miscfiles_read_localization(cpuspeed_t)
 userdom_dontaudit_use_unpriv_user_fd(cpuspeed_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(cpuspeed_t)
-	term_dontaudit_use_generic_pty(cpuspeed_t)
+	term_dontaudit_use_unallocated_ttys(cpuspeed_t)
+	term_dontaudit_use_generic_ptys(cpuspeed_t)
 	files_dontaudit_read_root_files(cpuspeed_t)
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(cpuspeed_t)
+	nscd_socket_use(cpuspeed_t)
 ')
 
 optional_policy(`selinuxutil',`

refpolicy/policy/modules/services/cron.if

@@ -370,7 +370,7 @@ interface(`cron_sigchld',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`cron_read_pipe',`
+interface(`cron_read_pipes',`
 	gen_require(`
 		type crond_t;
 	')
@@ -386,7 +386,7 @@ interface(`cron_read_pipe',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`cron_dontaudit_write_pipe',`
+interface(`cron_dontaudit_write_pipes',`
 	gen_require(`
 		type crond_t;
 	')
@@ -402,7 +402,7 @@ interface(`cron_dontaudit_write_pipe',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`cron_rw_pipe',`
+interface(`cron_rw_pipes',`
 	gen_require(`
 		type crond_t;
 	')
@@ -452,7 +452,7 @@ interface(`cron_search_spool',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`cron_domtrans_anacron_system_job',`
+interface(`cron_anacron_domtrans_system_job',`
 	gen_require(`
 		type system_crond_t, anacron_exec_t;
 	')
@@ -490,7 +490,7 @@ interface(`cron_use_system_job_fd',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`cron_write_system_job_pipe',`
+interface(`cron_write_system_job_pipes',`
 	gen_require(`
 		type system_crond_t;
 	')
@@ -506,7 +506,7 @@ interface(`cron_write_system_job_pipe',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`cron_rw_system_job_pipe',`
+interface(`cron_rw_system_job_pipes',`
 	gen_require(`
 		type system_crond_t;
 	')

refpolicy/policy/modules/services/cron.te

@@ -119,7 +119,7 @@ files_search_var_lib(crond_t)
 files_search_default(crond_t)
 
 init_use_fd(crond_t)
-init_use_script_pty(crond_t)
+init_use_script_ptys(crond_t)
 init_rw_utmp(crond_t)
 
 libs_use_ld_so(crond_t)
@@ -184,17 +184,17 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(crond_t)
+	nscd_socket_use(crond_t)
 ')
 
 optional_policy(`rpm',`
 	# Commonly used from postinst scripts
-	rpm_read_pipe(crond_t)
+	rpm_read_pipes(crond_t)
 ')
 
 optional_policy(`postgresql',`
 	# allow crond to find /usr/lib/postgresql/bin/do.maintenance
-	postgresql_search_db_dir(crond_t)
+	postgresql_search_db(crond_t)
 ')
 
 optional_policy(`udev',`
@@ -330,7 +330,7 @@ ifdef(`targeted_policy',`
 
 	init_use_fd(system_crond_t)
 	init_use_script_fd(system_crond_t)
-	init_use_script_pty(system_crond_t)
+	init_use_script_ptys(system_crond_t)
 	init_read_utmp(system_crond_t)
 	init_dontaudit_rw_utmp(system_crond_t)
 	# prelink tells init to restart it self, we either need to allow or dontaudit
@@ -398,7 +398,7 @@ ifdef(`targeted_policy',`
 	')
 
 	optional_policy(`nscd',`
-		nscd_use_socket(system_crond_t)
+		nscd_socket_use(system_crond_t)
 	')
 
 	optional_policy(`prelink',`

refpolicy/policy/modules/services/cups.te

@@ -171,13 +171,13 @@ files_read_world_readable_files(cupsd_t)
 files_read_world_readable_symlinks(cupsd_t)
 
 init_use_fd(cupsd_t)
-init_use_script_pty(cupsd_t)
+init_use_script_ptys(cupsd_t)
 init_exec_script(cupsd_t)
 
 libs_use_ld_so(cupsd_t)
 libs_use_shared_libs(cupsd_t)
 # Read /usr/lib/gconv/gconv-modules.* and /usr/lib/python2.2/.*
-libs_read_lib(cupsd_t)
+libs_read_lib_files(cupsd_t)
 
 logging_send_syslog_msg(cupsd_t)
 
@@ -196,8 +196,8 @@ userdom_dontaudit_search_all_users_home(cupsd_t)
 lpd_manage_spool(cupsd_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(cupsd_t)
-	term_dontaudit_use_generic_pty(cupsd_t)
+	term_dontaudit_use_unallocated_ttys(cupsd_t)
+	term_dontaudit_use_generic_ptys(cupsd_t)
 	files_dontaudit_read_root_files(cupsd_t)
 ')
 
@@ -207,7 +207,7 @@ optional_policy(`cron',`
 
 optional_policy(`dbus',`
 	dbus_system_bus_client_template(cupsd,cupsd_t)
-	dbus_send_system_bus_msg(cupsd_t)
+	dbus_send_system_bus(cupsd_t)
 
 	userdom_dbus_send_all_users(cupsd_t)
 
@@ -229,11 +229,11 @@ optional_policy(`mount',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(cupsd_t)
+	nscd_socket_use(cupsd_t)
 ')
 
 optional_policy(`portmap',`
-	portmap_udp_sendrecv(cupsd_t)
+	portmap_udp_chat(cupsd_t)
 ')
 
 optional_policy(`samba',`
@@ -333,7 +333,7 @@ files_read_etc_files(ptal_t)
 files_read_etc_runtime_files(ptal_t)
 
 init_use_fd(ptal_t)
-init_use_script_pty(ptal_t)
+init_use_script_ptys(ptal_t)
 
 libs_use_ld_so(ptal_t)
 libs_use_shared_libs(ptal_t)
@@ -348,8 +348,8 @@ userdom_dontaudit_use_unpriv_user_fd(ptal_t)
 userdom_dontaudit_search_all_users_home(ptal_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(ptal_t)
-	term_dontaudit_use_generic_pty(ptal_t)
+	term_dontaudit_use_unallocated_ttys(ptal_t)
+	term_dontaudit_use_generic_ptys(ptal_t)
 	files_dontaudit_read_root_files(ptal_t)
 ')
 
@@ -430,7 +430,7 @@ files_read_etc_runtime_files(hplip_t)
 files_read_usr_files(hplip_t)
 
 init_use_fd(hplip_t)
-init_use_script_pty(hplip_t)
+init_use_script_ptys(hplip_t)
 
 libs_use_ld_so(hplip_t)
 libs_use_shared_libs(hplip_t)
@@ -447,8 +447,8 @@ userdom_dontaudit_search_sysadm_home_dir(hplip_t)
 lpd_read_config(cupsd_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(hplip_t)
-	term_dontaudit_use_generic_pty(hplip_t)
+	term_dontaudit_use_unallocated_ttys(hplip_t)
+	term_dontaudit_use_generic_ptys(hplip_t)
 	files_dontaudit_read_root_files(hplip_t)
 ')
 
@@ -549,7 +549,7 @@ files_read_etc_files(cupsd_config_t)
 files_read_etc_runtime_files(cupsd_config_t)
 
 init_use_fd(cupsd_config_t)
-init_use_script_pty(cupsd_config_t)
+init_use_script_ptys(cupsd_config_t)
 
 libs_use_ld_so(cupsd_config_t)
 libs_use_shared_libs(cupsd_config_t)
@@ -574,8 +574,8 @@ ifdef(`distro_redhat',`
 ')
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(cupsd_config_t)
-	term_dontaudit_use_generic_pty(cupsd_config_t)
+	term_dontaudit_use_unallocated_ttys(cupsd_config_t)
+	term_dontaudit_use_generic_ptys(cupsd_config_t)
 	files_dontaudit_read_root_files(cupsd_config_t)
 ')
 
@@ -586,7 +586,7 @@ optional_policy(`cron',`
 optional_policy(`dbus',`
 	dbus_system_bus_client_template(cupsd_config,cupsd_config_t)
 	dbus_connect_system_bus(cupsd_config_t)
-	dbus_send_system_bus_msg(cupsd_config_t)
+	dbus_send_system_bus(cupsd_config_t)
 
 	optional_policy(`hal',`
 		hal_dbus_chat(cupsd_config_t)
@@ -610,7 +610,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(cupsd_config_t)
+	nscd_socket_use(cupsd_config_t)
 ')
 
 optional_policy(`rpm',`
@@ -633,9 +633,9 @@ allow cupsd_config_t printconf_t:file { getattr read };
 allow cupsd_config_t initrc_exec_t:file getattr;
 
 ifdef(`targeted_policy', `
-	init_unix_connect_script(cupsd_t)
+	init_stream_connect_script(cupsd_t)
 
-	unconfined_read_pipe(cupsd_t)
+	unconfined_read_pipes(cupsd_t)
 
 	optional_policy(`dbus',`
 		init_dbus_chat_script(cupsd_t)
@@ -647,9 +647,9 @@ ifdef(`targeted_policy', `
 ')
 
 ifdef(`targeted_policy',`
-	term_use_generic_pty(cupsd_config_t)
+	term_use_generic_ptys(cupsd_config_t)
 
-	unconfined_read_pipe(cupsd_config_t)
+	unconfined_read_pipes(cupsd_config_t)
 ')
 
 ########################################
@@ -725,5 +725,5 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(cupsd_lpd_t)
+	nscd_socket_use(cupsd_lpd_t)
 ')

refpolicy/policy/modules/services/cvs.te

@@ -104,5 +104,5 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(cvs_t)
+	nscd_socket_use(cvs_t)
 ')

refpolicy/policy/modules/services/cyrus.te

@@ -92,7 +92,7 @@ files_read_etc_files(cyrus_t)
 files_read_etc_runtime_files(cyrus_t)
 
 init_use_fd(cyrus_t)
-init_use_script_pty(cyrus_t)
+init_use_script_ptys(cyrus_t)
 
 libs_use_ld_so(cyrus_t)
 libs_use_shared_libs(cyrus_t)
@@ -108,13 +108,13 @@ sysnet_read_config(cyrus_t)
 userdom_dontaudit_use_unpriv_user_fd(cyrus_t)
 userdom_dontaudit_search_sysadm_home_dir(cyrus_t)
 userdom_use_unpriv_users_fd(cyrus_t)
-userdom_use_sysadm_pty(cyrus_t)
+userdom_use_sysadm_ptys(cyrus_t)
 
 mta_manage_spool(cyrus_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(cyrus_t)
-	term_dontaudit_use_generic_pty(cyrus_t)
+	term_dontaudit_use_unallocated_ttys(cyrus_t)
+	term_dontaudit_use_generic_ptys(cyrus_t)
 	files_dontaudit_read_root_files(cyrus_t)
 ')
 

refpolicy/policy/modules/services/dbskk.te

@@ -81,5 +81,5 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(dbskkd_t)
+	nscd_socket_use(dbskkd_t)
 ')

refpolicy/policy/modules/services/dbus.if

@@ -121,15 +121,15 @@ template(`dbus_per_userdomain_template',`
 	selinux_compute_user_contexts($1_dbusd_t)
 
 	corecmd_list_bin($1_dbusd_t)
-	corecmd_read_bin_symlink($1_dbusd_t)
-	corecmd_read_bin_file($1_dbusd_t)
-	corecmd_read_bin_pipe($1_dbusd_t)
-	corecmd_read_bin_socket($1_dbusd_t)
+	corecmd_read_bin_symlinks($1_dbusd_t)
+	corecmd_read_bin_files($1_dbusd_t)
+	corecmd_read_bin_pipes($1_dbusd_t)
+	corecmd_read_bin_sockets($1_dbusd_t)
 	corecmd_list_sbin($1_dbusd_t)
-	corecmd_read_sbin_symlink($1_dbusd_t)
-	corecmd_read_sbin_file($1_dbusd_t)
-	corecmd_read_sbin_pipe($1_dbusd_t)
-	corecmd_read_sbin_socket($1_dbusd_t)
+	corecmd_read_sbin_symlinks($1_dbusd_t)
+	corecmd_read_sbin_files($1_dbusd_t)
+	corecmd_read_sbin_pipes($1_dbusd_t)
+	corecmd_read_sbin_sockets($1_dbusd_t)
 
 	files_read_etc_files($1_dbusd_t)
 	files_list_home($1_dbusd_t)
@@ -161,7 +161,7 @@ template(`dbus_per_userdomain_template',`
 	')
 
 	optional_policy(`nscd',`
-		nscd_use_socket($1_dbusd_t)
+		nscd_socket_use($1_dbusd_t)
 	')
 
 	ifdef(`TODO',`
@@ -246,7 +246,7 @@ interface(`dbus_connect_system_bus',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`dbus_send_system_bus_msg',`
+interface(`dbus_send_system_bus',`
 	gen_require(`
 		type system_dbusd_t;
 		class dbus send_msg;

refpolicy/policy/modules/services/dbus.te

@@ -76,15 +76,15 @@ auth_use_nsswitch(system_dbusd_t)
 auth_read_pam_console_data(system_dbusd_t)
 
 corecmd_list_bin(system_dbusd_t)
-corecmd_read_bin_symlink(system_dbusd_t)
-corecmd_read_bin_file(system_dbusd_t)
-corecmd_read_bin_pipe(system_dbusd_t)
-corecmd_read_bin_socket(system_dbusd_t)
+corecmd_read_bin_symlinks(system_dbusd_t)
+corecmd_read_bin_files(system_dbusd_t)
+corecmd_read_bin_pipes(system_dbusd_t)
+corecmd_read_bin_sockets(system_dbusd_t)
 corecmd_list_sbin(system_dbusd_t)
-corecmd_read_sbin_symlink(system_dbusd_t)
-corecmd_read_sbin_file(system_dbusd_t)
-corecmd_read_sbin_pipe(system_dbusd_t)
-corecmd_read_sbin_socket(system_dbusd_t)
+corecmd_read_sbin_symlinks(system_dbusd_t)
+corecmd_read_sbin_files(system_dbusd_t)
+corecmd_read_sbin_pipes(system_dbusd_t)
+corecmd_read_sbin_sockets(system_dbusd_t)
 corecmd_exec_sbin(system_dbusd_t)
 
 domain_use_wide_inherit_fd(system_dbusd_t)
@@ -94,7 +94,7 @@ files_list_home(system_dbusd_t)
 files_read_usr_files(system_dbusd_t)
 
 init_use_fd(system_dbusd_t)
-init_use_script_pty(system_dbusd_t)
+init_use_script_ptys(system_dbusd_t)
 
 libs_use_ld_so(system_dbusd_t)
 libs_use_shared_libs(system_dbusd_t)
@@ -111,8 +111,8 @@ userdom_dontaudit_use_unpriv_user_fd(system_dbusd_t)
 userdom_dontaudit_search_sysadm_home_dir(system_dbusd_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(system_dbusd_t)
-	term_dontaudit_use_generic_pty(system_dbusd_t)
+	term_dontaudit_use_unallocated_ttys(system_dbusd_t)
+	term_dontaudit_use_generic_ptys(system_dbusd_t)
 	files_dontaudit_read_root_files(system_dbusd_t)
 ')
 
@@ -129,7 +129,7 @@ optional_policy(`bind',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(system_dbusd_t)
+	nscd_socket_use(system_dbusd_t)
 ')
 
 optional_policy(`sysnetwork',`

refpolicy/policy/modules/services/dhcp.te

@@ -90,7 +90,7 @@ files_read_etc_runtime_files(dhcpd_t)
 files_search_var_lib(dhcpd_t)
 
 init_use_fd(dhcpd_t)
-init_use_script_pty(dhcpd_t)
+init_use_script_ptys(dhcpd_t)
 
 libs_use_ld_so(dhcpd_t)
 libs_use_shared_libs(dhcpd_t)
@@ -110,8 +110,8 @@ ifdef(`distro_gentoo',`
 ')
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(dhcpd_t)
-	term_dontaudit_use_generic_pty(dhcpd_t)
+	term_dontaudit_use_unallocated_ttys(dhcpd_t)
+	term_dontaudit_use_generic_ptys(dhcpd_t)
 	files_dontaudit_read_root_files(dhcpd_t)
 ')
 
@@ -129,7 +129,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(dhcpd_t)
+	nscd_socket_use(dhcpd_t)
 ')
 
 optional_policy(`selinuxutil',`

refpolicy/policy/modules/services/dictd.if

@@ -9,7 +9,7 @@
 ##	Domain allowed access.
 ## </param>
 #
-interface(`dictd_use',`
+interface(`dictd_tcp_connect',`
 	gen_require(`
 		type dictd_t;
 	')

refpolicy/policy/modules/services/dictd.te

@@ -68,7 +68,7 @@ files_search_var_lib(dictd_t)
 files_dontaudit_search_pids(dictd_t)
 
 init_use_fd(dictd_t)
-init_use_script_pty(dictd_t)
+init_use_script_ptys(dictd_t)
 
 libs_use_ld_so(dictd_t)
 libs_use_shared_libs(dictd_t)
@@ -82,8 +82,8 @@ sysnet_read_config(dictd_t)
 userdom_dontaudit_use_unpriv_user_fd(dictd_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(dictd_t)
-	term_dontaudit_use_generic_pty(dictd_t)
+	term_dontaudit_use_unallocated_ttys(dictd_t)
+	term_dontaudit_use_generic_ptys(dictd_t)
 	files_dontaudit_read_root_files(dictd_t)
 ')
 
@@ -92,7 +92,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(dictd_t)
+	nscd_socket_use(dictd_t)
 ')
 
 optional_policy(`selinuxutil',`

refpolicy/policy/modules/services/distcc.te

@@ -66,7 +66,7 @@ fs_search_auto_mountpoints(distccd_t)
 term_dontaudit_use_console(distccd_t)
 
 corecmd_exec_bin(distccd_t)
-corecmd_read_sbin_symlink(distccd_t)
+corecmd_read_sbin_symlinks(distccd_t)
 
 domain_use_wide_inherit_fd(distccd_t)
 
@@ -74,7 +74,7 @@ files_read_etc_files(distccd_t)
 files_read_etc_runtime_files(distccd_t)
 
 init_use_fd(distccd_t)
-init_use_script_pty(distccd_t)
+init_use_script_ptys(distccd_t)
 
 libs_use_ld_so(distccd_t)
 libs_use_shared_libs(distccd_t)
@@ -90,8 +90,8 @@ userdom_dontaudit_use_unpriv_user_fd(distccd_t)
 userdom_dontaudit_search_sysadm_home_dir(distccd_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(distccd_t)
-	term_dontaudit_use_generic_pty(distccd_t)
+	term_dontaudit_use_unallocated_ttys(distccd_t)
+	term_dontaudit_use_generic_ptys(distccd_t)
 	files_dontaudit_read_root_files(distccd_t)
 ')
 

refpolicy/policy/modules/services/dovecot.te

@@ -98,7 +98,7 @@ files_search_tmp(dovecot_t)
 files_dontaudit_list_default(dovecot_t)
 
 init_use_fd(dovecot_t)
-init_use_script_pty(dovecot_t)
+init_use_script_ptys(dovecot_t)
 init_getattr_utmp(dovecot_t)
 
 libs_use_ld_so(dovecot_t)
@@ -119,8 +119,8 @@ userdom_priveleged_home_dir_manager(dovecot_t)
 mta_manage_spool(dovecot_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(dovecot_t)
-	term_dontaudit_use_generic_pty(dovecot_t)
+	term_dontaudit_use_unallocated_ttys(dovecot_t)
+	term_dontaudit_use_generic_ptys(dovecot_t)
 	files_dontaudit_read_root_files(dovecot_t)
 ')
 
@@ -193,5 +193,5 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(dovecot_auth_t)
+	nscd_socket_use(dovecot_auth_t)
 ')

refpolicy/policy/modules/services/fetchmail.te

@@ -75,7 +75,7 @@ term_dontaudit_use_console(fetchmail_t)
 domain_use_wide_inherit_fd(fetchmail_t)
 
 init_use_fd(fetchmail_t)
-init_use_script_pty(fetchmail_t)
+init_use_script_ptys(fetchmail_t)
 
 libs_use_ld_so(fetchmail_t)
 libs_use_shared_libs(fetchmail_t)
@@ -91,8 +91,8 @@ userdom_dontaudit_use_unpriv_user_fd(fetchmail_t)
 userdom_dontaudit_search_sysadm_home_dir(fetchmail_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(fetchmail_t)
-	term_dontaudit_use_generic_pty(fetchmail_t)
+	term_dontaudit_use_unallocated_ttys(fetchmail_t)
+	term_dontaudit_use_generic_ptys(fetchmail_t)
 	files_dontaudit_read_root_files(fetchmail_t)
 ')
 

refpolicy/policy/modules/services/finger.te

@@ -84,7 +84,7 @@ files_read_etc_runtime_files(fingerd_t)
 init_read_utmp(fingerd_t)
 init_dontaudit_write_utmp(fingerd_t)
 init_use_fd(fingerd_t)
-init_use_script_pty(fingerd_t)
+init_use_script_ptys(fingerd_t)
 
 libs_use_ld_so(fingerd_t)
 libs_use_shared_libs(fingerd_t)
@@ -105,8 +105,8 @@ userdom_dontaudit_search_sysadm_home_dir(fingerd_t)
 userdom_dontaudit_search_user_home_dirs(fingerd_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(fingerd_t)
-	term_dontaudit_use_generic_pty(fingerd_t)
+	term_dontaudit_use_unallocated_ttys(fingerd_t)
+	term_dontaudit_use_generic_ptys(fingerd_t)
 	files_dontaudit_read_root_files(fingerd_t)
 ')
 
@@ -123,7 +123,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(fingerd_t)
+	nscd_socket_use(fingerd_t)
 ')
 
 optional_policy(`selinuxutil',`

refpolicy/policy/modules/services/ftp.te

@@ -112,7 +112,7 @@ auth_append_login_records(ftpd_t)
 auth_write_login_records(ftpd_t)
 
 init_use_fd(ftpd_t)
-init_use_script_pty(ftpd_t)
+init_use_script_ptys(ftpd_t)
 
 libs_use_ld_so(ftpd_t)
 libs_use_shared_libs(ftpd_t)
@@ -132,8 +132,8 @@ userdom_dontaudit_use_unpriv_user_fd(ftpd_t)
 ifdef(`targeted_policy',`
 	files_dontaudit_read_root_files(ftpd_t)
 
-	term_dontaudit_use_generic_pty(ftpd_t)
-	term_dontaudit_use_unallocated_tty(ftpd_t)
+	term_dontaudit_use_generic_ptys(ftpd_t)
+	term_dontaudit_use_unallocated_ttys(ftpd_t)
 
 	optional_policy(`ftp',`
 		tunable_policy(`ftpd_is_daemon',`
@@ -217,7 +217,7 @@ optional_policy(`mount',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(ftpd_t)
+	nscd_socket_use(ftpd_t)
 ')
 
 optional_policy(`selinuxutil',`

refpolicy/policy/modules/services/gpm.te

@@ -60,13 +60,13 @@ dev_rw_mouse(gpm_t)
 fs_getattr_all_fs(gpm_t)
 fs_search_auto_mountpoints(gpm_t)
 
-term_use_unallocated_tty(gpm_t)
+term_use_unallocated_ttys(gpm_t)
 term_dontaudit_use_console(gpm_t)
 
 domain_use_wide_inherit_fd(gpm_t)
 
 init_use_fd(gpm_t)
-init_use_script_pty(gpm_t)
+init_use_script_ptys(gpm_t)
 
 libs_use_ld_so(gpm_t)
 libs_use_shared_libs(gpm_t)
@@ -79,8 +79,8 @@ userdom_dontaudit_use_unpriv_user_fd(gpm_t)
 userdom_dontaudit_search_sysadm_home_dir(gpm_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(gpm_t)
-	term_dontaudit_use_generic_pty(gpm_t)
+	term_dontaudit_use_unallocated_ttys(gpm_t)
+	term_dontaudit_use_generic_ptys(gpm_t)
 	files_dontaudit_read_root_files(gpm_t)
 ')
 

refpolicy/policy/modules/services/hal.te

@@ -50,7 +50,7 @@ kernel_read_kernel_sysctls(hald_t)
 kernel_read_fs_sysctls(hald_t)
 kernel_write_proc_files(hald_t)
 
-bootloader_getattr_boot_dir(hald_t)
+bootloader_getattr_boot_dirs(hald_t)
 
 corecmd_exec_bin(hald_t)
 corecmd_exec_sbin(hald_t)
@@ -111,10 +111,10 @@ storage_raw_write_fixed_disk(hald_t)
 
 term_dontaudit_use_console(hald_t)
 term_dontaudit_ioctl_unallocated_ttys(hald_t)
-term_dontaudit_use_unallocated_tty(hald_t)
+term_dontaudit_use_unallocated_ttys(hald_t)
 
 init_use_fd(hald_t)
-init_use_script_pty(hald_t)
+init_use_script_ptys(hald_t)
 init_domtrans_script(hald_t)
 init_write_initctl(hald_t)
 init_read_utmp(hald_t)
@@ -138,8 +138,8 @@ userdom_dontaudit_use_unpriv_user_fd(hald_t)
 userdom_dontaudit_search_sysadm_home_dir(hald_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(hald_t)
-	term_dontaudit_use_generic_pty(hald_t)
+	term_dontaudit_use_unallocated_ttys(hald_t)
+	term_dontaudit_use_generic_ptys(hald_t)
 	files_dontaudit_read_root_files(hald_t)
 	files_dontaudit_getattr_home_dir(hald_t)
 ')
@@ -165,7 +165,7 @@ optional_policy(`cups',`
 
 optional_policy(`dbus',`
 	dbus_system_bus_client_template(hald,hald_t)
-	dbus_send_system_bus_msg(hald_t)
+	dbus_send_system_bus(hald_t)
 	dbus_connect_system_bus(hald_t)
 	allow hald_t self:dbus send_msg;
 
@@ -194,12 +194,12 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(hald_t)
+	nscd_socket_use(hald_t)
 ')
 
 optional_policy(`pcmcia',`
 	pcmcia_manage_pid(hald_t)
-	pcmcia_manage_runtime_chr(hald_t)
+	pcmcia_manage_pid_chr_files(hald_t)
 ')
 
 optional_policy(`rpc',`

refpolicy/policy/modules/services/howl.te

@@ -61,7 +61,7 @@ domain_use_wide_inherit_fd(howl_t)
 files_read_etc_files(howl_t)
 
 init_use_fd(howl_t)
-init_use_script_pty(howl_t)
+init_use_script_ptys(howl_t)
 init_rw_utmp(howl_t)
 
 libs_use_ld_so(howl_t)
@@ -77,8 +77,8 @@ userdom_dontaudit_use_unpriv_user_fd(howl_t)
 userdom_dontaudit_search_sysadm_home_dir(howl_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(howl_t)
-	term_dontaudit_use_generic_pty(howl_t)
+	term_dontaudit_use_unallocated_ttys(howl_t)
+	term_dontaudit_use_generic_ptys(howl_t)
 	files_dontaudit_read_root_files(howl_t)
 ')
 

refpolicy/policy/modules/services/i18n_input.te

@@ -70,8 +70,8 @@ files_read_etc_runtime_files(i18n_input_t)
 files_read_usr_files(i18n_input_t)
 
 init_use_fd(i18n_input_t)
-init_use_script_pty(i18n_input_t)
-init_unix_connect_script(i18n_input_t)
+init_use_script_ptys(i18n_input_t)
+init_stream_connect_script(i18n_input_t)
 
 libs_use_ld_so(i18n_input_t)
 libs_use_shared_libs(i18n_input_t)
@@ -87,8 +87,8 @@ userdom_dontaudit_search_sysadm_home_dir(i18n_input_t)
 userdom_read_unpriv_user_home_files(i18n_input_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(i18n_input_t)
-	term_dontaudit_use_generic_pty(i18n_input_t)
+	term_dontaudit_use_unallocated_ttys(i18n_input_t)
+	term_dontaudit_use_generic_ptys(i18n_input_t)
 	files_dontaudit_read_root_files(i18n_input_t)
 ')
 

refpolicy/policy/modules/services/inetd.if

@@ -220,7 +220,7 @@ interface(`inetd_udp_sendto',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`inetd_rw_tcp_socket',`
+interface(`inetd_rw_tcp_sockets',`
 	gen_require(`
 		type inetd_t;
 	')

refpolicy/policy/modules/services/inetd.te

@@ -100,14 +100,14 @@ term_dontaudit_use_console(inetd_t)
 
 # Run other daemons in the inetd_child_t domain.
 corecmd_search_bin(inetd_t)
-corecmd_read_sbin_symlink(inetd_t)
+corecmd_read_sbin_symlinks(inetd_t)
 
 domain_use_wide_inherit_fd(inetd_t)
 
 files_read_etc_files(inetd_t)
 
 init_use_fd(inetd_t)
-init_use_script_pty(inetd_t)
+init_use_script_ptys(inetd_t)
 
 libs_use_ld_so(inetd_t)
 libs_use_shared_libs(inetd_t)
@@ -122,8 +122,8 @@ userdom_dontaudit_use_unpriv_user_fd(inetd_t)
 userdom_dontaudit_search_sysadm_home_dir(inetd_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(inetd_t)
-	term_dontaudit_use_generic_pty(inetd_t)
+	term_dontaudit_use_unallocated_ttys(inetd_t)
+	term_dontaudit_use_generic_ptys(inetd_t)
 	files_dontaudit_read_root_files(inetd_t)
 ')
 
@@ -137,7 +137,7 @@ optional_policy(`mount',`
 
 # Communicate with the portmapper.
 optional_policy(`portmap',`
-	portmap_udp_sendto(inetd_t)
+	portmap_udp_send(inetd_t)
 ')
 
 optional_policy(`selinuxutil',`
@@ -232,5 +232,5 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(inetd_child_t)
+	nscd_socket_use(inetd_child_t)
 ')

refpolicy/policy/modules/services/inn.if

@@ -47,7 +47,7 @@ interface(`inn_manage_log',`
 		type innd_log_t;
 	')
 
-	logging_rw_log_dir($1)
+	logging_rw_generic_log_dirs($1)
 	allow $1 innd_log_t:dir search;
 	allow $1 innd_log_t:file create_file_perms;
 ')
@@ -133,7 +133,7 @@ interface(`inn_read_news_spool',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`inn_sendto_unix_dgram_socket',`
+interface(`inn_dgram_send',`
 	gen_require(`
 		type innd_t;
 	')

refpolicy/policy/modules/services/inn.te

@@ -88,7 +88,7 @@ term_dontaudit_use_console(innd_t)
 corecmd_exec_bin(innd_t)
 corecmd_exec_shell(innd_t)
 corecmd_search_sbin(innd_t)
-corecmd_read_sbin_symlink(innd_t)
+corecmd_read_sbin_symlinks(innd_t)
 
 domain_use_wide_inherit_fd(innd_t)
 
@@ -98,7 +98,7 @@ files_read_etc_runtime_files(innd_t)
 files_read_usr_files(innd_t)
 
 init_use_fd(innd_t)
-init_use_script_pty(innd_t)
+init_use_script_ptys(innd_t)
 
 libs_use_ld_so(innd_t)
 libs_use_shared_libs(innd_t)
@@ -117,8 +117,8 @@ userdom_dontaudit_search_sysadm_home_dir(innd_t)
 mta_send_mail(innd_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(innd_t)
-	term_dontaudit_use_generic_pty(innd_t)
+	term_dontaudit_use_unallocated_ttys(innd_t)
+	term_dontaudit_use_generic_ptys(innd_t)
 	files_dontaudit_read_root_files(innd_t)
 ')
 

refpolicy/policy/modules/services/irqbalance.te

@@ -39,7 +39,7 @@ term_dontaudit_use_console(irqbalance_t)
 domain_use_wide_inherit_fd(irqbalance_t)
 
 init_use_fd(irqbalance_t)
-init_use_script_pty(irqbalance_t)
+init_use_script_ptys(irqbalance_t)
 
 libs_use_ld_so(irqbalance_t)
 libs_use_shared_libs(irqbalance_t)
@@ -52,8 +52,8 @@ userdom_dontaudit_use_unpriv_user_fd(irqbalance_t)
 userdom_dontaudit_search_sysadm_home_dir(irqbalance_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(irqbalance_t)
-	term_dontaudit_use_generic_pty(irqbalance_t)
+	term_dontaudit_use_unallocated_ttys(irqbalance_t)
+	term_dontaudit_use_generic_ptys(irqbalance_t)
 	files_dontaudit_read_root_files(irqbalance_t)
 ')
 

refpolicy/policy/modules/services/kerberos.te

@@ -117,7 +117,7 @@ domain_use_wide_inherit_fd(kadmind_t)
 files_read_etc_files(kadmind_t)
 
 init_use_fd(kadmind_t)
-init_use_script_pty(kadmind_t)
+init_use_script_ptys(kadmind_t)
 
 libs_use_ld_so(kadmind_t)
 libs_use_shared_libs(kadmind_t)
@@ -132,8 +132,8 @@ userdom_dontaudit_use_unpriv_user_fd(kadmind_t)
 userdom_dontaudit_search_sysadm_home_dir(kadmind_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(kadmind_t)
-	term_dontaudit_use_generic_pty(kadmind_t)
+	term_dontaudit_use_unallocated_ttys(kadmind_t)
+	term_dontaudit_use_generic_ptys(kadmind_t)
 	files_dontaudit_read_root_files(kadmind_t)
 ')
 
@@ -217,7 +217,7 @@ domain_use_wide_inherit_fd(krb5kdc_t)
 files_read_etc_files(krb5kdc_t)
 
 init_use_fd(krb5kdc_t)
-init_use_script_pty(krb5kdc_t)
+init_use_script_ptys(krb5kdc_t)
 
 libs_use_ld_so(krb5kdc_t)
 libs_use_shared_libs(krb5kdc_t)
@@ -232,8 +232,8 @@ userdom_dontaudit_use_unpriv_user_fd(krb5kdc_t)
 userdom_dontaudit_search_sysadm_home_dir(krb5kdc_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(krb5kdc_t)
-	term_dontaudit_use_generic_pty(krb5kdc_t)
+	term_dontaudit_use_unallocated_ttys(krb5kdc_t)
+	term_dontaudit_use_generic_ptys(krb5kdc_t)
 	files_dontaudit_read_root_files(krb5kdc_t)
 ')
 

refpolicy/policy/modules/services/ktalk.te

@@ -81,5 +81,5 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(ktalkd_t)
+	nscd_socket_use(ktalkd_t)
 ')

refpolicy/policy/modules/services/ldap.if

@@ -9,7 +9,7 @@
 ##	Domain allowed access.
 ## </param>
 #
-interface(`ldap_list_db_dir',`
+interface(`ldap_list_db',`
 	gen_require(`
 		type slapd_db_t;
 	')

refpolicy/policy/modules/services/ldap.te

@@ -108,7 +108,7 @@ files_read_usr_files(slapd_t)
 files_list_var_lib(slapd_t)
 
 init_use_fd(slapd_t)
-init_use_script_pty(slapd_t)
+init_use_script_ptys(slapd_t)
 
 libs_use_ld_so(slapd_t)
 libs_use_shared_libs(slapd_t)
@@ -125,16 +125,16 @@ userdom_dontaudit_search_sysadm_home_dir(slapd_t)
 
 ifdef(`targeted_policy',`
 	#reh slapcat will want to talk to the terminal
-	term_use_generic_pty(slapd_t)
-	term_use_unallocated_tty(slapd_t)
+	term_use_generic_ptys(slapd_t)
+	term_use_unallocated_ttys(slapd_t)
 
 	userdom_search_generic_user_home_dir(slapd_t)
 	#need to be able to read ldif files created by root
 	# cjp: fix to not use templated interface:
 	userdom_read_user_home_files(user,slapd_t)
 
-	term_dontaudit_use_unallocated_tty(slapd_t)
-	term_dontaudit_use_generic_pty(slapd_t)
+	term_dontaudit_use_unallocated_ttys(slapd_t)
+	term_dontaudit_use_generic_ptys(slapd_t)
 	files_dontaudit_read_root_files(slapd_t)
 ')
 

refpolicy/policy/modules/services/lpd.if

@@ -134,7 +134,7 @@ template(`lpd_per_userdomain_template',`
 
 	# Access the terminal.
 	term_use_controlling_term($1_lpr_t)
-	term_use_generic_pty($1_lpr_t)
+	term_use_generic_ptys($1_lpr_t)
 	
 	libs_use_ld_so($1_lpr_t)
 	libs_use_shared_libs($1_lpr_t)
@@ -190,7 +190,7 @@ template(`lpd_per_userdomain_template',`
 	')
 
 	optional_policy(`nscd',`
-		nscd_use_socket($1_lpr_t)
+		nscd_socket_use($1_lpr_t)
 	')
 
 	optional_policy(`nis',`

refpolicy/policy/modules/services/lpd.te

@@ -90,7 +90,7 @@ domain_use_wide_inherit_fd(checkpc_t)
 files_read_etc_files(checkpc_t)
 files_read_etc_runtime_files(checkpc_t)
 
-init_use_script_pty(checkpc_t)
+init_use_script_ptys(checkpc_t)
 # Allow access to /dev/console through the fd:
 init_use_fd(checkpc_t)
 
@@ -100,8 +100,8 @@ libs_use_shared_libs(checkpc_t)
 sysnet_read_config(checkpc_t)
 
 ifdef(`targeted_policy',`
-	term_use_generic_pty(checkpc_t)
-	term_use_unallocated_tty(checkpc_t)
+	term_use_generic_ptys(checkpc_t)
+	term_use_unallocated_ttys(checkpc_t)
 ')
 
 optional_policy(`cron',`
@@ -202,7 +202,7 @@ files_read_var_lib_symlinks(lpd_t)
 files_read_etc_files(lpd_t)
 
 init_use_fd(lpd_t)
-init_use_script_pty(lpd_t)
+init_use_script_ptys(lpd_t)
 
 libs_use_ld_so(lpd_t)
 libs_use_shared_libs(lpd_t)
@@ -218,8 +218,8 @@ userdom_dontaudit_use_unpriv_user_fd(lpd_t)
 userdom_dontaudit_search_sysadm_home_dir(lpd_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(lpd_t)
-	term_dontaudit_use_generic_pty(lpd_t)
+	term_dontaudit_use_unallocated_ttys(lpd_t)
+	term_dontaudit_use_generic_ptys(lpd_t)
 	files_dontaudit_read_root_files(lpd_t)
 ')
 
@@ -229,7 +229,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`portmap',`
-	portmap_udp_sendto(lpd_t)
+	portmap_udp_send(lpd_t)
 ')
 
 optional_policy(`selinuxutil',`

refpolicy/policy/modules/services/mailman.te

@@ -61,7 +61,7 @@ optional_policy(`apache',`
 
 allow mailman_mail_t self:unix_dgram_socket create_socket_perms;
 
-mta_dontaudit_rw_delivery_tcp_socket(mailman_mail_t)
+mta_dontaudit_rw_delivery_tcp_sockets(mailman_mail_t)
 
 ifdef(`TODO',`
 optional_policy(`qmail',`
@@ -110,5 +110,5 @@ optional_policy(`cron',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(mailman_queue_t)
+	nscd_socket_use(mailman_queue_t)
 ')

refpolicy/policy/modules/services/mta.if

@@ -101,7 +101,7 @@ template(`mta_base_mail_template',`
 	')
 
 	optional_policy(`nscd',`
-		nscd_use_socket($1_mail_t)
+		nscd_socket_use($1_mail_t)
 	')
 
 	optional_policy(`postfix',`
@@ -422,8 +422,8 @@ interface(`mta_mailserver_user_agent',`
 
 	optional_policy(`apache',`
 		# apache should set close-on-exec
-		apache_dontaudit_rw_stream_socket($1)
-		apache_dontaudit_rw_sys_script_stream_socket($1)
+		apache_dontaudit_rw_stream_sockets($1)
+		apache_dontaudit_rw_sys_script_stream_sockets($1)
 	')
 ')
 
@@ -507,7 +507,7 @@ interface(`mta_read_aliases',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`mta_filetrans_etc_aliases',`
+interface(`mta_filetrans_aliases',`
 	gen_require(`
 		type etc_aliases_t;
 	')
@@ -537,7 +537,7 @@ interface(`mta_rw_aliases',`
 ##	Mail server domain.
 ## </param>
 #
-interface(`mta_dontaudit_rw_delivery_tcp_socket',`
+interface(`mta_dontaudit_rw_delivery_tcp_sockets',`
 	gen_require(`
 		attribute mailserver_delivery;
 	')
@@ -572,7 +572,7 @@ interface(`mta_tcp_connect_all_mailservers',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`mta_dontaudit_read_spool_symlink',`
+interface(`mta_dontaudit_read_spool_symlinks',`
 	gen_require(`
 		type mail_spool_t;
 	')
@@ -595,7 +595,7 @@ interface(`mta_getattr_spool',`
 	allow $1 mail_spool_t:file getattr;
 ')
 
-interface(`mta_dontaudit_getattr_spool',`
+interface(`mta_dontaudit_getattr_spool_files',`
 	gen_require(`
 		type mail_spool_t;
 	')
@@ -761,7 +761,7 @@ interface(`mta_read_sendmail_bin',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`mta_rw_user_mail_stream_socket',`
+interface(`mta_rw_user_mail_stream_sockets',`
 	gen_require(`
 		attribute user_mail_domain;
 	')

refpolicy/policy/modules/services/mta.te

@@ -55,7 +55,7 @@ dev_read_urand(system_mail_t)
 
 fs_read_eventpollfs(system_mail_t)
 
-init_use_script_pty(system_mail_t)
+init_use_script_ptys(system_mail_t)
 
 userdom_use_sysadm_terms(system_mail_t)
 
@@ -101,22 +101,22 @@ optional_policy(`apache',`
 
 	# apache should set close-on-exec
 	apache_dontaudit_append_log(system_mail_t)
-	apache_dontaudit_rw_stream_socket(system_mail_t)
-	apache_dontaudit_rw_tcp_socket(system_mail_t)
-	apache_dontaudit_rw_sys_script_stream_socket(system_mail_t)
+	apache_dontaudit_rw_stream_sockets(system_mail_t)
+	apache_dontaudit_rw_tcp_sockets(system_mail_t)
+	apache_dontaudit_rw_sys_script_stream_sockets(system_mail_t)
 ')
 
 optional_policy(`arpwatch',`
 	arpwatch_manage_tmp_files(system_mail_t)
 
 	ifdef(`hide_broken_symptoms', `
-		arpwatch_dontaudit_rw_packet_socket(system_mail_t)
+		arpwatch_dontaudit_rw_packet_sockets(system_mail_t)
 	')
 ')
 
 optional_policy(`cron',`
 	cron_read_system_job_tmp_files(system_mail_t)
-	cron_dontaudit_write_pipe(system_mail_t)
+	cron_dontaudit_write_pipes(system_mail_t)
 ')
 
 optional_policy(`cvs',`
@@ -157,7 +157,7 @@ optional_policy(`postfix',`
 ')
 
 optional_policy(`sendmail',`
-	userdom_dontaudit_use_unpriv_user_pty(system_mail_t)
+	userdom_dontaudit_use_unpriv_users_ptys(system_mail_t)
 
 	optional_policy(`cron',`
 		cron_dontaudit_append_system_job_tmp_files(system_mail_t)
@@ -165,7 +165,7 @@ optional_policy(`sendmail',`
 ')
 
 optional_policy(`smartmon',`
-	smartmon_read_tmp(system_mail_t)
+	smartmon_read_tmp_files(system_mail_t)
 ')
 
 # should break this up among sections:
@@ -175,7 +175,7 @@ optional_policy(`arpwatch',`
 	arpwatch_search_data(mailserver_delivery)
 	arpwatch_manage_tmp_files(mta_user_agent)
 	ifdef(`hide_broken_symptoms', `
-		arpwatch_dontaudit_rw_packet_socket(mta_user_agent)
+		arpwatch_dontaudit_rw_packet_sockets(mta_user_agent)
 	')
 	optional_policy(`cron',`
 		cron_read_system_job_tmp_files(mta_user_agent)

refpolicy/policy/modules/services/mysql.if

@@ -63,7 +63,7 @@ interface(`mysql_read_config',`
 #
 # cjp: "_dir" in the name is added to clarify that this
 # is not searching the database itself.
-interface(`mysql_search_db_dir',`
+interface(`mysql_search_db',`
 	gen_require(`
 		type mysqld_db_t;
 	')
@@ -80,7 +80,7 @@ interface(`mysql_search_db_dir',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`mysql_rw_db_dir',`
+interface(`mysql_rw_db_dirs',`
 	gen_require(`
 		type mysqld_db_t;
 	')
@@ -97,7 +97,7 @@ interface(`mysql_rw_db_dir',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`mysql_manage_db_dir',`
+interface(`mysql_manage_db_dirs',`
 	gen_require(`
 		type mysqld_db_t;
 	')
@@ -115,7 +115,7 @@ interface(`mysql_manage_db_dir',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`mysql_rw_db_socket',`
+interface(`mysql_rw_db_sockets',`
 	gen_require(`
 		type mysqld_db_t;
 	')

refpolicy/policy/modules/services/mysql.te

@@ -95,7 +95,7 @@ files_read_usr_files(mysqld_t)
 files_search_var_lib(mysqld_t)
 
 init_use_fd(mysqld_t)
-init_use_script_pty(mysqld_t)
+init_use_script_ptys(mysqld_t)
 
 libs_use_ld_so(mysqld_t)
 libs_use_shared_libs(mysqld_t)
@@ -116,8 +116,8 @@ ifdef(`distro_redhat',`
 ')
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(mysqld_t)
-	term_dontaudit_use_generic_pty(mysqld_t)
+	term_dontaudit_use_unallocated_ttys(mysqld_t)
+	term_dontaudit_use_generic_ptys(mysqld_t)
 	files_dontaudit_read_root_files(mysqld_t)
 ')
 
@@ -134,7 +134,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(mysqld_t)
+	nscd_socket_use(mysqld_t)
 ')
 
 optional_policy(`selinuxutil',`

refpolicy/policy/modules/services/networkmanager.if

@@ -9,7 +9,7 @@
 ## </param>
 #
 # cjp: added for named.
-interface(`networkmanager_rw_udp_socket',`
+interface(`networkmanager_rw_udp_sockets',`
 	gen_require(`
 		type NetworkManager_t;
 	')
@@ -26,7 +26,7 @@ interface(`networkmanager_rw_udp_socket',`
 ## </param>
 #
 # cjp: added for named.
-interface(`networkmanager_rw_packet_socket',`
+interface(`networkmanager_rw_packet_sockets',`
 	gen_require(`
 		type NetworkManager_t;
 	')
@@ -44,7 +44,7 @@ interface(`networkmanager_rw_packet_socket',`
 ## </param>
 #
 # cjp: added for named.
-interface(`networkmanager_rw_routing_socket',`
+interface(`networkmanager_rw_routing_sockets',`
 	gen_require(`
 		type NetworkManager_t;
 	')

refpolicy/policy/modules/services/networkmanager.te

@@ -79,7 +79,7 @@ files_read_etc_runtime_files(NetworkManager_t)
 files_read_usr_files(NetworkManager_t)
 
 init_use_fd(NetworkManager_t)
-init_use_script_pty(NetworkManager_t)
+init_use_script_ptys(NetworkManager_t)
 init_read_utmp(NetworkManager_t)
 init_domtrans_script(NetworkManager_t)
 
@@ -106,11 +106,11 @@ sysnet_filetrans_config(NetworkManager_t)
 
 userdom_dontaudit_use_unpriv_user_fd(NetworkManager_t)
 userdom_dontaudit_search_sysadm_home_dir(NetworkManager_t)
-userdom_dontaudit_use_unpriv_user_tty(NetworkManager_t)
+userdom_dontaudit_use_unpriv_users_ttys(NetworkManager_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(NetworkManager_t)
-	term_dontaudit_use_generic_pty(NetworkManager_t)
+	term_dontaudit_use_unallocated_ttys(NetworkManager_t)
+	term_dontaudit_use_generic_ptys(NetworkManager_t)
 	files_dontaudit_read_root_files(NetworkManager_t)
 ')
 
@@ -137,7 +137,7 @@ optional_policy(`dbus',`
 
 	dbus_system_bus_client_template(NetworkManager,NetworkManager_t)
 	dbus_connect_system_bus(NetworkManager_t)
-	dbus_send_system_bus_msg(NetworkManager_t)
+	dbus_send_system_bus(NetworkManager_t)
 ')
 
 optional_policy(`howl',`
@@ -153,7 +153,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(NetworkManager_t)
+	nscd_socket_use(NetworkManager_t)
 ')
 
 optional_policy(`selinuxutil',`

refpolicy/policy/modules/services/nis.if

@@ -180,7 +180,7 @@ interface(`nis_list_var_yp',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`nis_udp_sendto_ypbind',`
+interface(`nis_udp_send_ypbind',`
 	gen_require(`
 		type ypbind_t;
 	')

refpolicy/policy/modules/services/nis.te

@@ -22,7 +22,7 @@ files_pid_file(ypbind_var_run_t)
 type yppasswdd_t;
 type yppasswdd_exec_t;
 init_daemon_domain(yppasswdd_t,yppasswdd_exec_t)
-domain_obj_id_change_exempt(yppasswdd_t)
+domain_obj_id_change_exemption(yppasswdd_t)
 
 type yppasswdd_var_run_t;
 files_pid_file(yppasswdd_var_run_t)
@@ -100,8 +100,8 @@ files_read_etc_files(ypbind_t)
 files_list_var(ypbind_t)
 
 init_use_fd(ypbind_t)
-init_use_script_pty(ypbind_t)
-init_udp_sendto_script(ypbind_t)
+init_use_script_ptys(ypbind_t)
+init_udp_send_script(ypbind_t)
 
 libs_use_ld_so(ypbind_t)
 libs_use_shared_libs(ypbind_t)
@@ -115,11 +115,11 @@ sysnet_read_config(ypbind_t)
 userdom_dontaudit_use_unpriv_user_fd(ypbind_t)
 userdom_dontaudit_search_sysadm_home_dir(ypbind_t)
 
-portmap_udp_sendto(ypbind_t)
+portmap_udp_send(ypbind_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(ypbind_t)
-	term_dontaudit_use_generic_pty(ypbind_t)
+	term_dontaudit_use_unallocated_ttys(ypbind_t)
+	term_dontaudit_use_generic_ptys(ypbind_t)
 	files_dontaudit_read_root_files(ypbind_t)
 ')
 
@@ -201,8 +201,8 @@ files_read_etc_runtime_files(yppasswdd_t)
 files_relabel_etc_files(yppasswdd_t)
 
 init_use_fd(yppasswdd_t)
-init_use_script_pty(yppasswdd_t)
-init_udp_sendto_script(yppasswdd_t)
+init_use_script_ptys(yppasswdd_t)
+init_udp_send_script(yppasswdd_t)
 
 libs_use_ld_so(yppasswdd_t)
 libs_use_shared_libs(yppasswdd_t)
@@ -216,11 +216,11 @@ sysnet_read_config(yppasswdd_t)
 userdom_dontaudit_use_unpriv_user_fd(yppasswdd_t)
 userdom_dontaudit_search_sysadm_home_dir(yppasswdd_t)
 
-portmap_udp_sendto(yppasswdd_t)
+portmap_udp_send(yppasswdd_t)
 
 ifdef(`targeted_policy',`
-        term_dontaudit_use_unallocated_tty(yppasswdd_t)
-        term_dontaudit_use_generic_pty(yppasswdd_t)
+        term_dontaudit_use_unallocated_ttys(yppasswdd_t)
+        term_dontaudit_use_generic_ptys(yppasswdd_t)
         files_dontaudit_read_root_files(yppasswdd_t)
 ')
 
@@ -296,8 +296,8 @@ domain_use_wide_inherit_fd(ypserv_t)
 files_read_var_files(ypserv_t)
 
 init_use_fd(ypserv_t)
-init_use_script_pty(ypserv_t)
-init_udp_sendto_script(ypserv_t)
+init_use_script_ptys(ypserv_t)
+init_udp_send_script(ypserv_t)
 
 libs_use_ld_so(ypserv_t)
 libs_use_shared_libs(ypserv_t)
@@ -311,11 +311,11 @@ sysnet_read_config(ypserv_t)
 userdom_dontaudit_use_unpriv_user_fd(ypserv_t)
 userdom_dontaudit_search_sysadm_home_dir(ypserv_t)
 
-portmap_udp_sendto(ypserv_t)
+portmap_udp_send(ypserv_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(ypserv_t)
-	term_dontaudit_use_generic_pty(ypserv_t)
+	term_dontaudit_use_unallocated_ttys(ypserv_t)
+	term_dontaudit_use_generic_ptys(ypserv_t)
 	files_dontaudit_read_root_files(ypserv_t)
 ')
 

refpolicy/policy/modules/services/nscd.if

@@ -31,7 +31,7 @@ interface(`nscd_domtrans',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`nscd_use_socket',`
+interface(`nscd_socket_use',`
 	gen_require(`
 		type nscd_t, nscd_var_run_t;
 		class nscd { getpwd getgrp gethost shmempwd shmemgrp shmemhost };
@@ -59,7 +59,7 @@ interface(`nscd_use_socket',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`nscd_use_shared_mem',`
+interface(`nscd_shm_use',`
 	gen_require(`
 		type nscd_t, nscd_var_run_t;
 		class nscd { getpwd getgrp gethost shmempwd shmemgrp shmemhost };

refpolicy/policy/modules/services/nscd.te

@@ -94,7 +94,7 @@ files_read_etc_files(nscd_t)
 files_read_generic_tmp_symlinks(nscd_t)
 
 init_use_fd(nscd_t)
-init_use_script_pty(nscd_t)
+init_use_script_ptys(nscd_t)
 
 libs_use_ld_so(nscd_t)
 libs_use_shared_libs(nscd_t)
@@ -114,11 +114,11 @@ userdom_dontaudit_use_unpriv_user_fd(nscd_t)
 userdom_dontaudit_search_sysadm_home_dir(nscd_t)
 
 ifdef(`targeted_policy',`
-	term_use_unallocated_tty(nscd_t)
-	term_use_generic_pty(nscd_t)
+	term_use_unallocated_ttys(nscd_t)
+	term_use_generic_ptys(nscd_t)
 
-	term_dontaudit_use_unallocated_tty(nscd_t)
-	term_dontaudit_use_generic_pty(nscd_t)
+	term_dontaudit_use_unallocated_ttys(nscd_t)
+	term_dontaudit_use_generic_ptys(nscd_t)
 	files_dontaudit_read_root_files(nscd_t)
 ')
 
@@ -127,7 +127,7 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`samba',`
-	samba_connect_winbind(nscd_t)
+	samba_stream_connect_winbind(nscd_t)
 ')
 
 optional_policy(`udev',`

refpolicy/policy/modules/services/ntp.te

@@ -92,7 +92,7 @@ corecmd_exec_ls(ntpd_t)
 corecmd_exec_shell(ntpd_t)
 
 domain_use_wide_inherit_fd(ntpd_t)
-domain_dontaudit_list_all_domains_proc(ntpd_t)
+domain_dontaudit_list_all_domains_state(ntpd_t)
 
 files_read_etc_files(ntpd_t)
 files_read_etc_runtime_files(ntpd_t)
@@ -101,7 +101,7 @@ files_list_var_lib(ntpd_t)
 
 init_exec_script(ntpd_t)
 init_use_fd(ntpd_t)
-init_use_script_pty(ntpd_t)
+init_use_script_ptys(ntpd_t)
 
 libs_use_ld_so(ntpd_t)
 libs_use_shared_libs(ntpd_t)
@@ -117,8 +117,8 @@ userdom_list_sysadm_home_dir(ntpd_t)
 userdom_dontaudit_list_sysadm_home_dir(ntpd_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(ntpd_t)
-	term_dontaudit_use_generic_pty(ntpd_t)
+	term_dontaudit_use_unallocated_ttys(ntpd_t)
+	term_dontaudit_use_generic_ptys(ntpd_t)
 	files_dontaudit_read_root_files(ntpd_t)
 ')
 
@@ -144,11 +144,11 @@ optional_policy(`nis',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(ntpd_t)
+	nscd_socket_use(ntpd_t)
 ')
 
 optional_policy(`samba',`
-	samba_connect_winbind(ntpd_t)
+	samba_stream_connect_winbind(ntpd_t)
 ')
 
 optional_policy(`selinuxutil',`

refpolicy/policy/modules/services/openct.te

@@ -44,7 +44,7 @@ fs_search_auto_mountpoints(openct_t)
 term_dontaudit_use_console(openct_t)
 
 init_use_fd(openct_t)
-init_use_script_pty(openct_t)
+init_use_script_ptys(openct_t)
 
 libs_use_ld_so(openct_t)
 libs_use_shared_libs(openct_t)
@@ -57,8 +57,8 @@ userdom_dontaudit_use_unpriv_user_fd(openct_t)
 userdom_dontaudit_search_sysadm_home_dir(openct_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_unallocated_tty(openct_t)
-	term_dontaudit_use_generic_pty(openct_t)
+	term_dontaudit_use_unallocated_ttys(openct_t)
+	term_dontaudit_use_generic_ptys(openct_t)
 	files_dontaudit_read_root_files(openct_t)
 ')
 

refpolicy/policy/modules/services/pegasus.te

@@ -98,7 +98,7 @@ files_read_var_lib_files(pegasus_t)
 files_read_var_lib_symlinks(pegasus_t)
 
 init_use_fd(pegasus_t)
-init_use_script_pty(pegasus_t)
+init_use_script_ptys(pegasus_t)
 init_rw_utmp(pegasus_t)
 
 libs_use_ld_so(pegasus_t)
@@ -112,8 +112,8 @@ userdom_dontaudit_use_unpriv_user_fd(pegasus_t)
 userdom_dontaudit_search_sysadm_home_dir(pegasus_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(pegasus_t)
-	term_dontaudit_use_generic_pty(pegasus_t)
+	term_dontaudit_use_unallocated_ttys(pegasus_t)
+	term_dontaudit_use_generic_ptys(pegasus_t)
 	files_dontaudit_read_root_files(pegasus_t)
 ')
 
@@ -122,7 +122,7 @@ optional_policy(`logging',`
 ')
 
 optional_policy(`nscd',`
-	nscd_use_socket(pegasus_t)
+	nscd_socket_use(pegasus_t)
 ')
 
 optional_policy(`selinuxutil',`

refpolicy/policy/modules/services/portmap.if

@@ -64,7 +64,7 @@ interface(`portmap_run_helper',`
 ##	The type of the process performing this action.
 ## </param>
 #
-interface(`portmap_udp_sendto',`
+interface(`portmap_udp_send',`
 	gen_require(`
 		type portmap_t;
 	')
@@ -81,7 +81,7 @@ interface(`portmap_udp_sendto',`
 ##	Domain allowed access.
 ## </param>
 #
-interface(`portmap_udp_sendrecv',`
+interface(`portmap_udp_chat',`
 	gen_require(`
 		type portmap_t;
 	')