trunk: remove unnecessary semicolons after interface/template calls.
This commit is contained in:
parent
c9c0d846de
commit
26410ddf54
@ -92,10 +92,10 @@ dev_dontaudit_getattr_all_blk_files(apmd_t) # Excessive?
|
|||||||
fs_dontaudit_list_tmpfs(apmd_t)
|
fs_dontaudit_list_tmpfs(apmd_t)
|
||||||
fs_getattr_all_fs(apmd_t)
|
fs_getattr_all_fs(apmd_t)
|
||||||
fs_search_auto_mountpoints(apmd_t)
|
fs_search_auto_mountpoints(apmd_t)
|
||||||
fs_dontaudit_getattr_all_files(apmd_t); # Excessive?
|
fs_dontaudit_getattr_all_files(apmd_t) # Excessive?
|
||||||
fs_dontaudit_getattr_all_symlinks(apmd_t); # Excessive?
|
fs_dontaudit_getattr_all_symlinks(apmd_t) # Excessive?
|
||||||
fs_dontaudit_getattr_all_pipes(apmd_t); # Excessive?
|
fs_dontaudit_getattr_all_pipes(apmd_t) # Excessive?
|
||||||
fs_dontaudit_getattr_all_sockets(apmd_t); # Excessive?
|
fs_dontaudit_getattr_all_sockets(apmd_t) # Excessive?
|
||||||
|
|
||||||
selinux_search_fs(apmd_t)
|
selinux_search_fs(apmd_t)
|
||||||
|
|
||||||
|
@ -24,7 +24,7 @@ template(`milter_template',`
|
|||||||
|
|
||||||
# Type for the milter data (e.g. the socket used to communicate with the MTA)
|
# Type for the milter data (e.g. the socket used to communicate with the MTA)
|
||||||
type $1_milter_data_t, milter_data_type;
|
type $1_milter_data_t, milter_data_type;
|
||||||
files_type($1_milter_data_t);
|
files_type($1_milter_data_t)
|
||||||
|
|
||||||
allow $1_milter_t self:fifo_file rw_fifo_file_perms;
|
allow $1_milter_t self:fifo_file rw_fifo_file_perms;
|
||||||
|
|
||||||
|
@ -42,7 +42,7 @@ kernel_read_kernel_sysctls(greylist_milter_t)
|
|||||||
# Allow the milter to read a GeoIP database in /usr/share
|
# Allow the milter to read a GeoIP database in /usr/share
|
||||||
files_read_usr_files(greylist_milter_t)
|
files_read_usr_files(greylist_milter_t)
|
||||||
# The milter runs from /var/lib/milter-greylist and maintains files there
|
# The milter runs from /var/lib/milter-greylist and maintains files there
|
||||||
files_search_var_lib(greylist_milter_t);
|
files_search_var_lib(greylist_milter_t)
|
||||||
|
|
||||||
# Look up username for dropping privs
|
# Look up username for dropping privs
|
||||||
auth_use_nsswitch(greylist_milter_t)
|
auth_use_nsswitch(greylist_milter_t)
|
||||||
|
@ -12,7 +12,7 @@ init_daemon_domain(pingd_t, pingd_exec_t)
|
|||||||
|
|
||||||
# type for config
|
# type for config
|
||||||
type pingd_etc_t;
|
type pingd_etc_t;
|
||||||
files_type(pingd_etc_t);
|
files_type(pingd_etc_t)
|
||||||
|
|
||||||
type pingd_initrc_exec_t;
|
type pingd_initrc_exec_t;
|
||||||
init_script_file(pingd_initrc_exec_t)
|
init_script_file(pingd_initrc_exec_t)
|
||||||
|
@ -74,8 +74,8 @@ fs_search_auto_mountpoints(tftpd_t)
|
|||||||
|
|
||||||
domain_use_interactive_fds(tftpd_t)
|
domain_use_interactive_fds(tftpd_t)
|
||||||
|
|
||||||
files_read_etc_files(tftpd_t);
|
files_read_etc_files(tftpd_t)
|
||||||
files_read_etc_runtime_files(tftpd_t);
|
files_read_etc_runtime_files(tftpd_t)
|
||||||
files_read_var_files(tftpd_t)
|
files_read_var_files(tftpd_t)
|
||||||
files_read_var_symlinks(tftpd_t)
|
files_read_var_symlinks(tftpd_t)
|
||||||
files_search_var(tftpd_t)
|
files_search_var(tftpd_t)
|
||||||
|
@ -21,7 +21,7 @@ allow zos_remote_t self:unix_stream_socket create_stream_socket_perms;
|
|||||||
|
|
||||||
files_read_etc_files(zos_remote_t)
|
files_read_etc_files(zos_remote_t)
|
||||||
|
|
||||||
auth_use_nsswitch(zos_remote_t);
|
auth_use_nsswitch(zos_remote_t)
|
||||||
|
|
||||||
miscfiles_read_localization(zos_remote_t)
|
miscfiles_read_localization(zos_remote_t)
|
||||||
|
|
||||||
|
@ -76,7 +76,7 @@ files_pid_filetrans(ipsec_t, ipsec_var_run_t, { file sock_file })
|
|||||||
|
|
||||||
can_exec(ipsec_t, ipsec_mgmt_exec_t)
|
can_exec(ipsec_t, ipsec_mgmt_exec_t)
|
||||||
|
|
||||||
# pluto runs an updown script (by calling popen()!); as this is by default
|
# pluto runs an updown script (by calling popen()!) as this is by default
|
||||||
# a shell script, we need to find a way to make things work without
|
# a shell script, we need to find a way to make things work without
|
||||||
# letting all sorts of stuff possibly be run...
|
# letting all sorts of stuff possibly be run...
|
||||||
# so try flipping back into the ipsec_mgmt_t domain
|
# so try flipping back into the ipsec_mgmt_t domain
|
||||||
|
@ -259,7 +259,7 @@ allow ifconfig_t self:packet_socket create_socket_perms;
|
|||||||
allow ifconfig_t self:netlink_route_socket create_netlink_socket_perms;
|
allow ifconfig_t self:netlink_route_socket create_netlink_socket_perms;
|
||||||
allow ifconfig_t self:netlink_xfrm_socket { create_netlink_socket_perms nlmsg_read };
|
allow ifconfig_t self:netlink_xfrm_socket { create_netlink_socket_perms nlmsg_read };
|
||||||
allow ifconfig_t self:tcp_socket { create ioctl };
|
allow ifconfig_t self:tcp_socket { create ioctl };
|
||||||
files_read_etc_files(ifconfig_t);
|
files_read_etc_files(ifconfig_t)
|
||||||
|
|
||||||
kernel_use_fds(ifconfig_t)
|
kernel_use_fds(ifconfig_t)
|
||||||
kernel_read_system_state(ifconfig_t)
|
kernel_read_system_state(ifconfig_t)
|
||||||
|
@ -8,8 +8,8 @@ policy_module(xen, 1.8.2)
|
|||||||
|
|
||||||
# console ptys
|
# console ptys
|
||||||
type xen_devpts_t;
|
type xen_devpts_t;
|
||||||
term_pty(xen_devpts_t);
|
term_pty(xen_devpts_t)
|
||||||
files_type(xen_devpts_t);
|
files_type(xen_devpts_t)
|
||||||
|
|
||||||
# Xen Image files
|
# Xen Image files
|
||||||
type xen_image_t; # customizable
|
type xen_image_t; # customizable
|
||||||
@ -239,7 +239,7 @@ domain_dontaudit_ptrace_all_domains(xenconsoled_t)
|
|||||||
|
|
||||||
files_read_usr_files(xenconsoled_t)
|
files_read_usr_files(xenconsoled_t)
|
||||||
|
|
||||||
term_create_pty(xenconsoled_t,xen_devpts_t);
|
term_create_pty(xenconsoled_t,xen_devpts_t)
|
||||||
term_use_generic_ptys(xenconsoled_t)
|
term_use_generic_ptys(xenconsoled_t)
|
||||||
term_use_console(xenconsoled_t)
|
term_use_console(xenconsoled_t)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user