trunk: remove redundant shared lib calls.
This commit is contained in:
parent
2a98379a24
commit
2cca6b79b4
@ -59,9 +59,6 @@ init_use_fds(acct_t)
|
|||||||
init_use_script_ptys(acct_t)
|
init_use_script_ptys(acct_t)
|
||||||
init_exec_script_files(acct_t)
|
init_exec_script_files(acct_t)
|
||||||
|
|
||||||
libs_use_ld_so(acct_t)
|
|
||||||
libs_use_shared_libs(acct_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(acct_t)
|
logging_send_syslog_msg(acct_t)
|
||||||
|
|
||||||
miscfiles_read_localization(acct_t)
|
miscfiles_read_localization(acct_t)
|
||||||
|
@ -54,9 +54,6 @@ auth_use_nsswitch(alsa_t)
|
|||||||
|
|
||||||
init_use_fds(alsa_t)
|
init_use_fds(alsa_t)
|
||||||
|
|
||||||
libs_use_ld_so(alsa_t)
|
|
||||||
libs_use_shared_libs(alsa_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(alsa_t)
|
logging_send_syslog_msg(alsa_t)
|
||||||
|
|
||||||
miscfiles_read_localization(alsa_t)
|
miscfiles_read_localization(alsa_t)
|
||||||
|
@ -158,9 +158,6 @@ term_use_unallocated_ttys(amanda_t)
|
|||||||
auth_use_nsswitch(amanda_t)
|
auth_use_nsswitch(amanda_t)
|
||||||
auth_read_shadow(amanda_t)
|
auth_read_shadow(amanda_t)
|
||||||
|
|
||||||
libs_use_ld_so(amanda_t)
|
|
||||||
libs_use_shared_libs(amanda_t)
|
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
logging_send_syslog_msg(amanda_t)
|
logging_send_syslog_msg(amanda_t)
|
||||||
')
|
')
|
||||||
@ -226,9 +223,6 @@ auth_use_nsswitch(amanda_recover_t)
|
|||||||
fstools_domtrans(amanda_t)
|
fstools_domtrans(amanda_t)
|
||||||
fstools_signal(amanda_t)
|
fstools_signal(amanda_t)
|
||||||
|
|
||||||
libs_use_ld_so(amanda_recover_t)
|
|
||||||
libs_use_shared_libs(amanda_recover_t)
|
|
||||||
|
|
||||||
logging_search_logs(amanda_recover_t)
|
logging_search_logs(amanda_recover_t)
|
||||||
|
|
||||||
miscfiles_read_localization(amanda_recover_t)
|
miscfiles_read_localization(amanda_recover_t)
|
||||||
|
@ -21,9 +21,6 @@ files_manage_boot_files(amtu_t)
|
|||||||
files_read_etc_runtime_files(amtu_t)
|
files_read_etc_runtime_files(amtu_t)
|
||||||
files_read_etc_files(amtu_t)
|
files_read_etc_files(amtu_t)
|
||||||
|
|
||||||
libs_use_ld_so(amtu_t)
|
|
||||||
libs_use_shared_libs(amtu_t)
|
|
||||||
|
|
||||||
logging_send_audit_msgs(amtu_t)
|
logging_send_audit_msgs(amtu_t)
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
|
@ -108,8 +108,6 @@ term_create_pty(apt_t, apt_devpts_t)
|
|||||||
term_list_ptys(apt_t)
|
term_list_ptys(apt_t)
|
||||||
term_use_all_terms(apt_t)
|
term_use_all_terms(apt_t)
|
||||||
|
|
||||||
libs_use_ld_so(apt_t)
|
|
||||||
libs_use_shared_libs(apt_t)
|
|
||||||
libs_exec_ld_so(apt_t)
|
libs_exec_ld_so(apt_t)
|
||||||
libs_exec_lib_files(apt_t)
|
libs_exec_lib_files(apt_t)
|
||||||
|
|
||||||
|
@ -67,9 +67,6 @@ fs_list_all(backup_t)
|
|||||||
|
|
||||||
auth_read_shadow(backup_t)
|
auth_read_shadow(backup_t)
|
||||||
|
|
||||||
libs_use_ld_so(backup_t)
|
|
||||||
libs_use_shared_libs(backup_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(backup_t)
|
logging_send_syslog_msg(backup_t)
|
||||||
|
|
||||||
sysnet_read_config(backup_t)
|
sysnet_read_config(backup_t)
|
||||||
|
@ -121,8 +121,6 @@ init_use_script_ptys(bootloader_t)
|
|||||||
init_use_script_fds(bootloader_t)
|
init_use_script_fds(bootloader_t)
|
||||||
init_rw_script_pipes(bootloader_t)
|
init_rw_script_pipes(bootloader_t)
|
||||||
|
|
||||||
libs_use_ld_so(bootloader_t)
|
|
||||||
libs_use_shared_libs(bootloader_t)
|
|
||||||
libs_read_lib_files(bootloader_t)
|
libs_read_lib_files(bootloader_t)
|
||||||
libs_exec_lib_files(bootloader_t)
|
libs_exec_lib_files(bootloader_t)
|
||||||
|
|
||||||
|
@ -35,9 +35,6 @@ files_read_etc_files(brctl_t)
|
|||||||
|
|
||||||
term_dontaudit_use_console(brctl_t)
|
term_dontaudit_use_console(brctl_t)
|
||||||
|
|
||||||
libs_use_ld_so(brctl_t)
|
|
||||||
libs_use_shared_libs(brctl_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(brctl_t)
|
miscfiles_read_localization(brctl_t)
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
|
@ -27,9 +27,6 @@ files_list_tmp(certwatch_t)
|
|||||||
|
|
||||||
fs_list_inotifyfs(certwatch_t)
|
fs_list_inotifyfs(certwatch_t)
|
||||||
|
|
||||||
libs_use_ld_so(certwatch_t)
|
|
||||||
libs_use_shared_libs(certwatch_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(certwatch_t)
|
logging_send_syslog_msg(certwatch_t)
|
||||||
|
|
||||||
miscfiles_read_certs(certwatch_t)
|
miscfiles_read_certs(certwatch_t)
|
||||||
|
@ -54,9 +54,6 @@ domain_use_interactive_fds(consoletype_t)
|
|||||||
files_dontaudit_read_root_files(consoletype_t)
|
files_dontaudit_read_root_files(consoletype_t)
|
||||||
files_list_usr(consoletype_t)
|
files_list_usr(consoletype_t)
|
||||||
|
|
||||||
libs_use_ld_so(consoletype_t)
|
|
||||||
libs_use_shared_libs(consoletype_t)
|
|
||||||
|
|
||||||
ifdef(`distro_redhat',`
|
ifdef(`distro_redhat',`
|
||||||
fs_rw_tmpfs_chr_files(consoletype_t)
|
fs_rw_tmpfs_chr_files(consoletype_t)
|
||||||
')
|
')
|
||||||
|
@ -40,8 +40,6 @@ term_use_all_user_ttys(ddcprobe_t)
|
|||||||
term_use_all_user_ptys(ddcprobe_t)
|
term_use_all_user_ptys(ddcprobe_t)
|
||||||
|
|
||||||
libs_read_lib_files(ddcprobe_t)
|
libs_read_lib_files(ddcprobe_t)
|
||||||
libs_use_ld_so(ddcprobe_t)
|
|
||||||
libs_use_shared_libs(ddcprobe_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(ddcprobe_t)
|
miscfiles_read_localization(ddcprobe_t)
|
||||||
|
|
||||||
|
@ -42,9 +42,6 @@ files_dontaudit_search_isid_type_dirs(dmesg_t)
|
|||||||
init_use_fds(dmesg_t)
|
init_use_fds(dmesg_t)
|
||||||
init_use_script_ptys(dmesg_t)
|
init_use_script_ptys(dmesg_t)
|
||||||
|
|
||||||
libs_use_ld_so(dmesg_t)
|
|
||||||
libs_use_shared_libs(dmesg_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(dmesg_t)
|
logging_send_syslog_msg(dmesg_t)
|
||||||
logging_write_generic_logs(dmesg_t)
|
logging_write_generic_logs(dmesg_t)
|
||||||
|
|
||||||
|
@ -28,7 +28,4 @@ term_list_ptys(dmidecode_t)
|
|||||||
|
|
||||||
files_list_usr(dmidecode_t)
|
files_list_usr(dmidecode_t)
|
||||||
|
|
||||||
libs_use_ld_so(dmidecode_t)
|
|
||||||
libs_use_shared_libs(dmidecode_t)
|
|
||||||
|
|
||||||
locallogin_use_fds(dmidecode_t)
|
locallogin_use_fds(dmidecode_t)
|
||||||
|
@ -152,8 +152,6 @@ files_exec_etc_files(dpkg_t)
|
|||||||
init_domtrans_script(dpkg_t)
|
init_domtrans_script(dpkg_t)
|
||||||
init_use_script_ptys(dpkg_t)
|
init_use_script_ptys(dpkg_t)
|
||||||
|
|
||||||
libs_use_ld_so(dpkg_t)
|
|
||||||
libs_use_shared_libs(dpkg_t)
|
|
||||||
libs_exec_ld_so(dpkg_t)
|
libs_exec_ld_so(dpkg_t)
|
||||||
libs_exec_lib_files(dpkg_t)
|
libs_exec_lib_files(dpkg_t)
|
||||||
libs_domtrans_ldconfig(dpkg_t)
|
libs_domtrans_ldconfig(dpkg_t)
|
||||||
@ -297,8 +295,6 @@ auth_manage_all_files_except_shadow(dpkg_script_t)
|
|||||||
init_domtrans_script(dpkg_script_t)
|
init_domtrans_script(dpkg_script_t)
|
||||||
init_use_script_fds(dpkg_script_t)
|
init_use_script_fds(dpkg_script_t)
|
||||||
|
|
||||||
libs_use_ld_so(dpkg_script_t)
|
|
||||||
libs_use_shared_libs(dpkg_script_t)
|
|
||||||
libs_exec_ld_so(dpkg_script_t)
|
libs_exec_ld_so(dpkg_script_t)
|
||||||
libs_exec_lib_files(dpkg_script_t)
|
libs_exec_lib_files(dpkg_script_t)
|
||||||
libs_domtrans_ldconfig(dpkg_script_t)
|
libs_domtrans_ldconfig(dpkg_script_t)
|
||||||
|
@ -67,8 +67,6 @@ files_manage_var_symlinks(firstboot_t)
|
|||||||
init_domtrans_script(firstboot_t)
|
init_domtrans_script(firstboot_t)
|
||||||
init_rw_utmp(firstboot_t)
|
init_rw_utmp(firstboot_t)
|
||||||
|
|
||||||
libs_use_ld_so(firstboot_t)
|
|
||||||
libs_use_shared_libs(firstboot_t)
|
|
||||||
libs_exec_ld_so(firstboot_t)
|
libs_exec_ld_so(firstboot_t)
|
||||||
libs_exec_lib_files(firstboot_t)
|
libs_exec_lib_files(firstboot_t)
|
||||||
|
|
||||||
|
@ -51,7 +51,4 @@ auth_use_nsswitch(kismet_t)
|
|||||||
|
|
||||||
files_read_etc_files(kismet_t)
|
files_read_etc_files(kismet_t)
|
||||||
|
|
||||||
libs_use_ld_so(kismet_t)
|
|
||||||
libs_use_shared_libs(kismet_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(kismet_t)
|
miscfiles_read_localization(kismet_t)
|
||||||
|
@ -110,8 +110,6 @@ init_ptrace(kudzu_t)
|
|||||||
# the inittab after configuring serial consoles
|
# the inittab after configuring serial consoles
|
||||||
init_telinit(kudzu_t)
|
init_telinit(kudzu_t)
|
||||||
|
|
||||||
libs_use_ld_so(kudzu_t)
|
|
||||||
libs_use_shared_libs(kudzu_t)
|
|
||||||
# Read /usr/lib/gconv/gconv-modules.*
|
# Read /usr/lib/gconv/gconv-modules.*
|
||||||
libs_read_lib_files(kudzu_t)
|
libs_read_lib_files(kudzu_t)
|
||||||
|
|
||||||
|
@ -111,9 +111,6 @@ logging_send_syslog_msg(logrotate_t)
|
|||||||
# cjp: why is this needed?
|
# cjp: why is this needed?
|
||||||
logging_exec_all_logs(logrotate_t)
|
logging_exec_all_logs(logrotate_t)
|
||||||
|
|
||||||
libs_use_ld_so(logrotate_t)
|
|
||||||
libs_use_shared_libs(logrotate_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(logrotate_t)
|
miscfiles_read_localization(logrotate_t)
|
||||||
|
|
||||||
seutil_dontaudit_read_config(logrotate_t)
|
seutil_dontaudit_read_config(logrotate_t)
|
||||||
|
@ -75,8 +75,6 @@ auth_dontaudit_read_shadow(logwatch_t)
|
|||||||
init_read_utmp(logwatch_t)
|
init_read_utmp(logwatch_t)
|
||||||
init_dontaudit_write_utmp(logwatch_t)
|
init_dontaudit_write_utmp(logwatch_t)
|
||||||
|
|
||||||
libs_use_ld_so(logwatch_t)
|
|
||||||
libs_use_shared_libs(logwatch_t)
|
|
||||||
libs_read_lib_files(logwatch_t)
|
libs_read_lib_files(logwatch_t)
|
||||||
|
|
||||||
logging_read_all_logs(logwatch_t)
|
logging_read_all_logs(logwatch_t)
|
||||||
|
@ -106,8 +106,6 @@ init_dontaudit_write_utmp(mrtg_t)
|
|||||||
auth_use_nsswitch(mrtg_t)
|
auth_use_nsswitch(mrtg_t)
|
||||||
|
|
||||||
libs_read_lib_files(mrtg_t)
|
libs_read_lib_files(mrtg_t)
|
||||||
libs_use_ld_so(mrtg_t)
|
|
||||||
libs_use_shared_libs(mrtg_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(mrtg_t)
|
logging_send_syslog_msg(mrtg_t)
|
||||||
|
|
||||||
|
@ -81,9 +81,6 @@ init_use_script_ptys(netutils_t)
|
|||||||
|
|
||||||
auth_use_nsswitch(netutils_t)
|
auth_use_nsswitch(netutils_t)
|
||||||
|
|
||||||
libs_use_ld_so(netutils_t)
|
|
||||||
libs_use_shared_libs(netutils_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(netutils_t)
|
logging_send_syslog_msg(netutils_t)
|
||||||
|
|
||||||
miscfiles_read_localization(netutils_t)
|
miscfiles_read_localization(netutils_t)
|
||||||
@ -132,9 +129,6 @@ files_dontaudit_search_var(ping_t)
|
|||||||
|
|
||||||
auth_use_nsswitch(ping_t)
|
auth_use_nsswitch(ping_t)
|
||||||
|
|
||||||
libs_use_ld_so(ping_t)
|
|
||||||
libs_use_shared_libs(ping_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(ping_t)
|
logging_send_syslog_msg(ping_t)
|
||||||
|
|
||||||
miscfiles_read_localization(ping_t)
|
miscfiles_read_localization(ping_t)
|
||||||
@ -199,9 +193,6 @@ init_use_fds(traceroute_t)
|
|||||||
|
|
||||||
auth_use_nsswitch(traceroute_t)
|
auth_use_nsswitch(traceroute_t)
|
||||||
|
|
||||||
libs_use_ld_so(traceroute_t)
|
|
||||||
libs_use_shared_libs(traceroute_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(traceroute_t)
|
logging_send_syslog_msg(traceroute_t)
|
||||||
|
|
||||||
miscfiles_read_localization(traceroute_t)
|
miscfiles_read_localization(traceroute_t)
|
||||||
|
@ -177,8 +177,6 @@ interface(`portage_compile_domain',`
|
|||||||
auth_read_all_files_except_shadow($1)
|
auth_read_all_files_except_shadow($1)
|
||||||
auth_read_all_symlinks_except_shadow($1)
|
auth_read_all_symlinks_except_shadow($1)
|
||||||
|
|
||||||
libs_use_ld_so($1)
|
|
||||||
libs_use_shared_libs($1)
|
|
||||||
libs_exec_lib_files($1)
|
libs_exec_lib_files($1)
|
||||||
# some config scripts use ldd
|
# some config scripts use ldd
|
||||||
libs_exec_ld_so($1)
|
libs_exec_ld_so($1)
|
||||||
|
@ -95,8 +95,6 @@ term_search_ptys(gcc_config_t)
|
|||||||
# seems to be ok without this
|
# seems to be ok without this
|
||||||
init_dontaudit_read_script_status_files(gcc_config_t)
|
init_dontaudit_read_script_status_files(gcc_config_t)
|
||||||
|
|
||||||
libs_use_ld_so(gcc_config_t)
|
|
||||||
libs_use_shared_libs(gcc_config_t)
|
|
||||||
libs_read_lib_files(gcc_config_t)
|
libs_read_lib_files(gcc_config_t)
|
||||||
libs_domtrans_ldconfig(gcc_config_t)
|
libs_domtrans_ldconfig(gcc_config_t)
|
||||||
libs_manage_shared_libs(gcc_config_t)
|
libs_manage_shared_libs(gcc_config_t)
|
||||||
@ -242,9 +240,6 @@ files_dontaudit_search_pids(portage_fetch_t)
|
|||||||
|
|
||||||
term_search_ptys(portage_fetch_t)
|
term_search_ptys(portage_fetch_t)
|
||||||
|
|
||||||
libs_use_ld_so(portage_fetch_t)
|
|
||||||
libs_use_shared_libs(portage_fetch_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(portage_fetch_t)
|
miscfiles_read_localization(portage_fetch_t)
|
||||||
|
|
||||||
sysnet_read_config(portage_fetch_t)
|
sysnet_read_config(portage_fetch_t)
|
||||||
|
@ -70,11 +70,9 @@ fs_getattr_xattr_fs(prelink_t)
|
|||||||
|
|
||||||
selinux_get_enforce_mode(prelink_t)
|
selinux_get_enforce_mode(prelink_t)
|
||||||
|
|
||||||
libs_use_ld_so(prelink_t)
|
|
||||||
libs_exec_ld_so(prelink_t)
|
libs_exec_ld_so(prelink_t)
|
||||||
libs_manage_ld_so(prelink_t)
|
libs_manage_ld_so(prelink_t)
|
||||||
libs_relabel_ld_so(prelink_t)
|
libs_relabel_ld_so(prelink_t)
|
||||||
libs_use_shared_libs(prelink_t)
|
|
||||||
libs_manage_shared_libs(prelink_t)
|
libs_manage_shared_libs(prelink_t)
|
||||||
libs_relabel_shared_libs(prelink_t)
|
libs_relabel_shared_libs(prelink_t)
|
||||||
libs_delete_lib_symlinks(prelink_t)
|
libs_delete_lib_symlinks(prelink_t)
|
||||||
|
@ -70,9 +70,6 @@ files_read_etc_runtime_files(quota_t)
|
|||||||
init_use_fds(quota_t)
|
init_use_fds(quota_t)
|
||||||
init_use_script_ptys(quota_t)
|
init_use_script_ptys(quota_t)
|
||||||
|
|
||||||
libs_use_ld_so(quota_t)
|
|
||||||
libs_use_shared_libs(quota_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(quota_t)
|
logging_send_syslog_msg(quota_t)
|
||||||
|
|
||||||
userdom_dontaudit_use_unpriv_user_fds(quota_t)
|
userdom_dontaudit_use_unpriv_user_fds(quota_t)
|
||||||
|
@ -71,9 +71,6 @@ init_use_fds(readahead_t)
|
|||||||
init_use_script_ptys(readahead_t)
|
init_use_script_ptys(readahead_t)
|
||||||
init_getattr_initctl(readahead_t)
|
init_getattr_initctl(readahead_t)
|
||||||
|
|
||||||
libs_use_ld_so(readahead_t)
|
|
||||||
libs_use_shared_libs(readahead_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(readahead_t)
|
logging_send_syslog_msg(readahead_t)
|
||||||
logging_dontaudit_search_audit_config(readahead_t)
|
logging_dontaudit_search_audit_config(readahead_t)
|
||||||
|
|
||||||
|
@ -158,8 +158,6 @@ files_exec_etc_files(rpm_t)
|
|||||||
|
|
||||||
init_domtrans_script(rpm_t)
|
init_domtrans_script(rpm_t)
|
||||||
|
|
||||||
libs_use_ld_so(rpm_t)
|
|
||||||
libs_use_shared_libs(rpm_t)
|
|
||||||
libs_exec_ld_so(rpm_t)
|
libs_exec_ld_so(rpm_t)
|
||||||
libs_exec_lib_files(rpm_t)
|
libs_exec_lib_files(rpm_t)
|
||||||
libs_domtrans_ldconfig(rpm_t)
|
libs_domtrans_ldconfig(rpm_t)
|
||||||
@ -299,8 +297,6 @@ files_exec_usr_files(rpm_script_t)
|
|||||||
|
|
||||||
init_domtrans_script(rpm_script_t)
|
init_domtrans_script(rpm_script_t)
|
||||||
|
|
||||||
libs_use_ld_so(rpm_script_t)
|
|
||||||
libs_use_shared_libs(rpm_script_t)
|
|
||||||
libs_exec_ld_so(rpm_script_t)
|
libs_exec_ld_so(rpm_script_t)
|
||||||
libs_exec_lib_files(rpm_script_t)
|
libs_exec_lib_files(rpm_script_t)
|
||||||
libs_domtrans_ldconfig(rpm_script_t)
|
libs_domtrans_ldconfig(rpm_script_t)
|
||||||
|
@ -86,9 +86,6 @@ template(`su_restricted_domain_template', `
|
|||||||
# Write to utmp.
|
# Write to utmp.
|
||||||
init_rw_utmp($1_su_t)
|
init_rw_utmp($1_su_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_su_t)
|
|
||||||
libs_use_shared_libs($1_su_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg($1_su_t)
|
logging_send_syslog_msg($1_su_t)
|
||||||
|
|
||||||
miscfiles_read_localization($1_su_t)
|
miscfiles_read_localization($1_su_t)
|
||||||
@ -223,9 +220,6 @@ template(`su_per_role_template',`
|
|||||||
|
|
||||||
mls_file_write_all_levels($1_su_t)
|
mls_file_write_all_levels($1_su_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_su_t)
|
|
||||||
libs_use_shared_libs($1_su_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg($1_su_t)
|
logging_send_syslog_msg($1_su_t)
|
||||||
|
|
||||||
miscfiles_read_localization($1_su_t)
|
miscfiles_read_localization($1_su_t)
|
||||||
|
@ -109,9 +109,6 @@ template(`sudo_per_role_template',`
|
|||||||
|
|
||||||
init_rw_utmp($1_sudo_t)
|
init_rw_utmp($1_sudo_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_sudo_t)
|
|
||||||
libs_use_shared_libs($1_sudo_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg($1_sudo_t)
|
logging_send_syslog_msg($1_sudo_t)
|
||||||
|
|
||||||
miscfiles_read_localization($1_sudo_t)
|
miscfiles_read_localization($1_sudo_t)
|
||||||
|
@ -73,9 +73,6 @@ auth_dontaudit_getattr_shadow(sxid_t)
|
|||||||
init_use_fds(sxid_t)
|
init_use_fds(sxid_t)
|
||||||
init_use_script_ptys(sxid_t)
|
init_use_script_ptys(sxid_t)
|
||||||
|
|
||||||
libs_use_ld_so(sxid_t)
|
|
||||||
libs_use_shared_libs(sxid_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(sxid_t)
|
logging_send_syslog_msg(sxid_t)
|
||||||
|
|
||||||
miscfiles_read_localization(sxid_t)
|
miscfiles_read_localization(sxid_t)
|
||||||
|
@ -32,9 +32,6 @@ files_setattr_all_tmp_dirs(tmpreaper_t)
|
|||||||
mls_file_read_all_levels(tmpreaper_t)
|
mls_file_read_all_levels(tmpreaper_t)
|
||||||
mls_file_write_all_levels(tmpreaper_t)
|
mls_file_write_all_levels(tmpreaper_t)
|
||||||
|
|
||||||
libs_use_ld_so(tmpreaper_t)
|
|
||||||
libs_use_shared_libs(tmpreaper_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(tmpreaper_t)
|
logging_send_syslog_msg(tmpreaper_t)
|
||||||
|
|
||||||
miscfiles_read_localization(tmpreaper_t)
|
miscfiles_read_localization(tmpreaper_t)
|
||||||
|
@ -79,9 +79,6 @@ files_read_all_symlinks(tripwire_t)
|
|||||||
files_getattr_all_pipes(tripwire_t)
|
files_getattr_all_pipes(tripwire_t)
|
||||||
files_getattr_all_sockets(tripwire_t)
|
files_getattr_all_sockets(tripwire_t)
|
||||||
|
|
||||||
libs_use_ld_so(tripwire_t)
|
|
||||||
libs_use_shared_libs(tripwire_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(tripwire_t)
|
logging_send_syslog_msg(tripwire_t)
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
@ -99,9 +96,6 @@ manage_lnk_files_pattern(twadmin_t, tripwire_etc_t, tripwire_etc_t)
|
|||||||
|
|
||||||
domain_use_interactive_fds(twadmin_t)
|
domain_use_interactive_fds(twadmin_t)
|
||||||
|
|
||||||
libs_use_ld_so(twadmin_t)
|
|
||||||
libs_use_shared_libs(twadmin_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(twadmin_t)
|
logging_send_syslog_msg(twadmin_t)
|
||||||
|
|
||||||
miscfiles_read_localization(twadmin_t)
|
miscfiles_read_localization(twadmin_t)
|
||||||
@ -126,9 +120,6 @@ files_search_var_lib(twprint_t)
|
|||||||
|
|
||||||
domain_use_interactive_fds(twprint_t)
|
domain_use_interactive_fds(twprint_t)
|
||||||
|
|
||||||
libs_use_ld_so(twprint_t)
|
|
||||||
libs_use_shared_libs(twprint_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(twprint_t)
|
logging_send_syslog_msg(twprint_t)
|
||||||
|
|
||||||
miscfiles_read_localization(twprint_t)
|
miscfiles_read_localization(twprint_t)
|
||||||
@ -143,9 +134,6 @@ domain_use_interactive_fds(siggen_t)
|
|||||||
# Need permission to read files
|
# Need permission to read files
|
||||||
files_read_all_files(siggen_t)
|
files_read_all_files(siggen_t)
|
||||||
|
|
||||||
libs_use_ld_so(siggen_t)
|
|
||||||
libs_use_shared_libs(siggen_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(siggen_t)
|
logging_send_syslog_msg(siggen_t)
|
||||||
|
|
||||||
miscfiles_read_localization(siggen_t)
|
miscfiles_read_localization(siggen_t)
|
||||||
|
@ -21,9 +21,6 @@ files_search_spool(tzdata_t)
|
|||||||
|
|
||||||
term_dontaudit_list_ptys(tzdata_t)
|
term_dontaudit_list_ptys(tzdata_t)
|
||||||
|
|
||||||
libs_use_ld_so(tzdata_t)
|
|
||||||
libs_use_shared_libs(tzdata_t)
|
|
||||||
|
|
||||||
locallogin_dontaudit_use_fds(tzdata_t)
|
locallogin_dontaudit_use_fds(tzdata_t)
|
||||||
|
|
||||||
miscfiles_read_localization(tzdata_t)
|
miscfiles_read_localization(tzdata_t)
|
||||||
|
@ -67,9 +67,6 @@ files_read_etc_runtime_files(updfstab_t)
|
|||||||
init_use_fds(updfstab_t)
|
init_use_fds(updfstab_t)
|
||||||
init_use_script_ptys(updfstab_t)
|
init_use_script_ptys(updfstab_t)
|
||||||
|
|
||||||
libs_use_ld_so(updfstab_t)
|
|
||||||
libs_use_shared_libs(updfstab_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(updfstab_t)
|
logging_send_syslog_msg(updfstab_t)
|
||||||
logging_search_logs(updfstab_t)
|
logging_search_logs(updfstab_t)
|
||||||
|
|
||||||
|
@ -33,9 +33,6 @@ term_write_console(usbmodules_t)
|
|||||||
|
|
||||||
init_use_fds(usbmodules_t)
|
init_use_fds(usbmodules_t)
|
||||||
|
|
||||||
libs_use_ld_so(usbmodules_t)
|
|
||||||
libs_use_shared_libs(usbmodules_t)
|
|
||||||
|
|
||||||
miscfiles_read_hwdata(usbmodules_t)
|
miscfiles_read_hwdata(usbmodules_t)
|
||||||
|
|
||||||
modutils_read_module_deps(usbmodules_t)
|
modutils_read_module_deps(usbmodules_t)
|
||||||
|
@ -109,9 +109,6 @@ files_dontaudit_search_home(chfn_t)
|
|||||||
# correctly without it. Do not audit write denials to utmp.
|
# correctly without it. Do not audit write denials to utmp.
|
||||||
init_dontaudit_rw_utmp(chfn_t)
|
init_dontaudit_rw_utmp(chfn_t)
|
||||||
|
|
||||||
libs_use_ld_so(chfn_t)
|
|
||||||
libs_use_shared_libs(chfn_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(chfn_t)
|
miscfiles_read_localization(chfn_t)
|
||||||
|
|
||||||
logging_send_syslog_msg(chfn_t)
|
logging_send_syslog_msg(chfn_t)
|
||||||
@ -154,9 +151,6 @@ files_read_usr_files(crack_t)
|
|||||||
|
|
||||||
corecmd_exec_bin(crack_t)
|
corecmd_exec_bin(crack_t)
|
||||||
|
|
||||||
libs_use_ld_so(crack_t)
|
|
||||||
libs_use_shared_libs(crack_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(crack_t)
|
logging_send_syslog_msg(crack_t)
|
||||||
|
|
||||||
sysadm_dontaudit_search_home_dirs(crack_t)
|
sysadm_dontaudit_search_home_dirs(crack_t)
|
||||||
@ -216,9 +210,6 @@ files_manage_etc_files(groupadd_t)
|
|||||||
files_relabel_etc_files(groupadd_t)
|
files_relabel_etc_files(groupadd_t)
|
||||||
files_read_etc_runtime_files(groupadd_t)
|
files_read_etc_runtime_files(groupadd_t)
|
||||||
|
|
||||||
libs_use_ld_so(groupadd_t)
|
|
||||||
libs_use_shared_libs(groupadd_t)
|
|
||||||
|
|
||||||
# Execute /usr/bin/{passwd,chfn,chsh} and /usr/sbin/{useradd,vipw}.
|
# Execute /usr/bin/{passwd,chfn,chsh} and /usr/sbin/{useradd,vipw}.
|
||||||
corecmd_exec_bin(groupadd_t)
|
corecmd_exec_bin(groupadd_t)
|
||||||
|
|
||||||
@ -318,9 +309,6 @@ files_relabel_etc_files(passwd_t)
|
|||||||
# correctly without it. Do not audit write denials to utmp.
|
# correctly without it. Do not audit write denials to utmp.
|
||||||
init_dontaudit_rw_utmp(passwd_t)
|
init_dontaudit_rw_utmp(passwd_t)
|
||||||
|
|
||||||
libs_use_ld_so(passwd_t)
|
|
||||||
libs_use_shared_libs(passwd_t)
|
|
||||||
|
|
||||||
logging_send_audit_msgs(passwd_t)
|
logging_send_audit_msgs(passwd_t)
|
||||||
logging_send_syslog_msg(passwd_t)
|
logging_send_syslog_msg(passwd_t)
|
||||||
|
|
||||||
@ -409,9 +397,6 @@ files_dontaudit_search_pids(sysadm_passwd_t)
|
|||||||
# correctly without it. Do not audit write denials to utmp.
|
# correctly without it. Do not audit write denials to utmp.
|
||||||
init_dontaudit_rw_utmp(sysadm_passwd_t)
|
init_dontaudit_rw_utmp(sysadm_passwd_t)
|
||||||
|
|
||||||
libs_use_ld_so(sysadm_passwd_t)
|
|
||||||
libs_use_shared_libs(sysadm_passwd_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(sysadm_passwd_t)
|
miscfiles_read_localization(sysadm_passwd_t)
|
||||||
|
|
||||||
logging_send_syslog_msg(sysadm_passwd_t)
|
logging_send_syslog_msg(sysadm_passwd_t)
|
||||||
@ -487,9 +472,6 @@ auth_use_nsswitch(useradd_t)
|
|||||||
init_use_fds(useradd_t)
|
init_use_fds(useradd_t)
|
||||||
init_rw_utmp(useradd_t)
|
init_rw_utmp(useradd_t)
|
||||||
|
|
||||||
libs_use_ld_so(useradd_t)
|
|
||||||
libs_use_shared_libs(useradd_t)
|
|
||||||
|
|
||||||
logging_send_audit_msgs(useradd_t)
|
logging_send_audit_msgs(useradd_t)
|
||||||
logging_send_syslog_msg(useradd_t)
|
logging_send_syslog_msg(useradd_t)
|
||||||
|
|
||||||
|
@ -25,9 +25,6 @@ dev_read_sysfs(vbetool_t)
|
|||||||
|
|
||||||
term_use_unallocated_ttys(vbetool_t)
|
term_use_unallocated_ttys(vbetool_t)
|
||||||
|
|
||||||
libs_use_ld_so(vbetool_t)
|
|
||||||
libs_use_shared_libs(vbetool_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(vbetool_t)
|
miscfiles_read_localization(vbetool_t)
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
|
@ -90,8 +90,6 @@ auth_use_nsswitch(vpnc_t)
|
|||||||
|
|
||||||
libs_exec_ld_so(vpnc_t)
|
libs_exec_ld_so(vpnc_t)
|
||||||
libs_exec_lib_files(vpnc_t)
|
libs_exec_lib_files(vpnc_t)
|
||||||
libs_use_ld_so(vpnc_t)
|
|
||||||
libs_use_shared_libs(vpnc_t)
|
|
||||||
|
|
||||||
locallogin_use_fds(vpnc_t)
|
locallogin_use_fds(vpnc_t)
|
||||||
|
|
||||||
|
@ -30,6 +30,3 @@ files_list_etc(authbind_t)
|
|||||||
term_use_console(authbind_t)
|
term_use_console(authbind_t)
|
||||||
|
|
||||||
logging_send_syslog_msg(authbind_t)
|
logging_send_syslog_msg(authbind_t)
|
||||||
|
|
||||||
libs_use_ld_so(authbind_t)
|
|
||||||
libs_use_shared_libs(authbind_t)
|
|
||||||
|
@ -48,8 +48,6 @@ files_read_etc_files(awstats_t)
|
|||||||
files_read_usr_files(awstats_t)
|
files_read_usr_files(awstats_t)
|
||||||
|
|
||||||
libs_read_lib_files(awstats_t)
|
libs_read_lib_files(awstats_t)
|
||||||
libs_use_ld_so(awstats_t)
|
|
||||||
libs_use_shared_libs(awstats_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(awstats_t)
|
miscfiles_read_localization(awstats_t)
|
||||||
|
|
||||||
|
@ -58,8 +58,6 @@ files_read_var_files(calamaris_t)
|
|||||||
files_read_etc_runtime_files(calamaris_t)
|
files_read_etc_runtime_files(calamaris_t)
|
||||||
|
|
||||||
libs_read_lib_files(calamaris_t)
|
libs_read_lib_files(calamaris_t)
|
||||||
libs_use_ld_so(calamaris_t)
|
|
||||||
libs_use_shared_libs(calamaris_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(calamaris_t)
|
logging_send_syslog_msg(calamaris_t)
|
||||||
|
|
||||||
|
@ -81,9 +81,6 @@ template(`cdrecord_per_role_template', `
|
|||||||
storage_raw_write_removable_device($1_cdrecord_t)
|
storage_raw_write_removable_device($1_cdrecord_t)
|
||||||
storage_write_scsi_generic($1_cdrecord_t)
|
storage_write_scsi_generic($1_cdrecord_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_cdrecord_t)
|
|
||||||
libs_use_shared_libs($1_cdrecord_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg($1_cdrecord_t)
|
logging_send_syslog_msg($1_cdrecord_t)
|
||||||
|
|
||||||
miscfiles_read_localization($1_cdrecord_t)
|
miscfiles_read_localization($1_cdrecord_t)
|
||||||
|
@ -124,8 +124,6 @@ template(`ethereal_per_role_template',`
|
|||||||
fs_search_auto_mountpoints($1_ethereal_t)
|
fs_search_auto_mountpoints($1_ethereal_t)
|
||||||
|
|
||||||
libs_read_lib_files($1_ethereal_t)
|
libs_read_lib_files($1_ethereal_t)
|
||||||
libs_use_ld_so($1_ethereal_t)
|
|
||||||
libs_use_shared_libs($1_ethereal_t)
|
|
||||||
|
|
||||||
miscfiles_read_fonts($1_ethereal_t)
|
miscfiles_read_fonts($1_ethereal_t)
|
||||||
miscfiles_read_localization($1_ethereal_t)
|
miscfiles_read_localization($1_ethereal_t)
|
||||||
|
@ -42,9 +42,6 @@ files_read_usr_files(tethereal_t)
|
|||||||
# /etc/nsswitch.conf
|
# /etc/nsswitch.conf
|
||||||
files_read_etc_files(tethereal_t)
|
files_read_etc_files(tethereal_t)
|
||||||
|
|
||||||
libs_use_ld_so(tethereal_t)
|
|
||||||
libs_use_shared_libs(tethereal_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(tethereal_t)
|
miscfiles_read_localization(tethereal_t)
|
||||||
|
|
||||||
seutil_use_newrole_fds(tethereal_t)
|
seutil_use_newrole_fds(tethereal_t)
|
||||||
|
@ -223,9 +223,6 @@ template(`evolution_per_role_template',`
|
|||||||
|
|
||||||
fs_search_auto_mountpoints($1_evolution_t)
|
fs_search_auto_mountpoints($1_evolution_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_evolution_t)
|
|
||||||
libs_use_shared_libs($1_evolution_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg($1_evolution_t)
|
logging_send_syslog_msg($1_evolution_t)
|
||||||
|
|
||||||
miscfiles_read_localization($1_evolution_t)
|
miscfiles_read_localization($1_evolution_t)
|
||||||
@ -501,9 +498,6 @@ template(`evolution_per_role_template',`
|
|||||||
|
|
||||||
fs_search_auto_mountpoints($1_evolution_alarm_t)
|
fs_search_auto_mountpoints($1_evolution_alarm_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_evolution_alarm_t)
|
|
||||||
libs_use_shared_libs($1_evolution_alarm_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization($1_evolution_alarm_t)
|
miscfiles_read_localization($1_evolution_alarm_t)
|
||||||
|
|
||||||
# Access evolution home
|
# Access evolution home
|
||||||
@ -603,9 +597,6 @@ template(`evolution_per_role_template',`
|
|||||||
# Access evolution home
|
# Access evolution home
|
||||||
fs_search_auto_mountpoints($1_evolution_exchange_t)
|
fs_search_auto_mountpoints($1_evolution_exchange_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_evolution_exchange_t)
|
|
||||||
libs_use_shared_libs($1_evolution_exchange_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization($1_evolution_exchange_t)
|
miscfiles_read_localization($1_evolution_exchange_t)
|
||||||
|
|
||||||
# Access evolution home
|
# Access evolution home
|
||||||
@ -693,9 +684,6 @@ template(`evolution_per_role_template',`
|
|||||||
|
|
||||||
fs_search_auto_mountpoints($1_evolution_server_t)
|
fs_search_auto_mountpoints($1_evolution_server_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_evolution_server_t)
|
|
||||||
libs_use_shared_libs($1_evolution_server_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization($1_evolution_server_t)
|
miscfiles_read_localization($1_evolution_server_t)
|
||||||
# Look in /etc/pki
|
# Look in /etc/pki
|
||||||
miscfiles_read_certs($1_evolution_server_t)
|
miscfiles_read_certs($1_evolution_server_t)
|
||||||
|
@ -122,9 +122,6 @@ template(`games_per_role_template',`
|
|||||||
|
|
||||||
logging_dontaudit_search_logs($1_games_t)
|
logging_dontaudit_search_logs($1_games_t)
|
||||||
|
|
||||||
libs_use_shared_libs($1_games_t)
|
|
||||||
libs_use_ld_so($1_games_t)
|
|
||||||
|
|
||||||
miscfiles_read_man_pages($1_games_t)
|
miscfiles_read_man_pages($1_games_t)
|
||||||
miscfiles_read_localization($1_games_t)
|
miscfiles_read_localization($1_games_t)
|
||||||
|
|
||||||
|
@ -50,9 +50,6 @@ domain_use_interactive_fds(games_t)
|
|||||||
init_use_fds(games_t)
|
init_use_fds(games_t)
|
||||||
init_use_script_ptys(games_t)
|
init_use_script_ptys(games_t)
|
||||||
|
|
||||||
libs_use_ld_so(games_t)
|
|
||||||
libs_use_shared_libs(games_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(games_t)
|
logging_send_syslog_msg(games_t)
|
||||||
|
|
||||||
miscfiles_read_localization(games_t)
|
miscfiles_read_localization(games_t)
|
||||||
|
@ -173,9 +173,6 @@ template(`gift_per_role_template',`
|
|||||||
# Read /etc/mtab
|
# Read /etc/mtab
|
||||||
files_read_etc_runtime_files($1_giftd_t)
|
files_read_etc_runtime_files($1_giftd_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_giftd_t)
|
|
||||||
libs_use_shared_libs($1_giftd_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization($1_giftd_t)
|
miscfiles_read_localization($1_giftd_t)
|
||||||
|
|
||||||
sysnet_read_config($1_giftd_t)
|
sysnet_read_config($1_giftd_t)
|
||||||
|
@ -86,9 +86,6 @@ template(`gnome_per_role_template',`
|
|||||||
|
|
||||||
files_read_etc_files($1_gconfd_t)
|
files_read_etc_files($1_gconfd_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_gconfd_t)
|
|
||||||
libs_use_shared_libs($1_gconfd_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization($1_gconfd_t)
|
miscfiles_read_localization($1_gconfd_t)
|
||||||
|
|
||||||
logging_send_syslog_msg($1_gconfd_t)
|
logging_send_syslog_msg($1_gconfd_t)
|
||||||
|
@ -115,9 +115,6 @@ template(`gpg_per_role_template',`
|
|||||||
files_read_usr_files($1_gpg_t)
|
files_read_usr_files($1_gpg_t)
|
||||||
files_dontaudit_search_var($1_gpg_t)
|
files_dontaudit_search_var($1_gpg_t)
|
||||||
|
|
||||||
libs_use_shared_libs($1_gpg_t)
|
|
||||||
libs_use_ld_so($1_gpg_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization($1_gpg_t)
|
miscfiles_read_localization($1_gpg_t)
|
||||||
|
|
||||||
logging_send_syslog_msg($1_gpg_t)
|
logging_send_syslog_msg($1_gpg_t)
|
||||||
@ -177,9 +174,6 @@ template(`gpg_per_role_template',`
|
|||||||
# for nscd
|
# for nscd
|
||||||
files_dontaudit_search_var($1_gpg_helper_t)
|
files_dontaudit_search_var($1_gpg_helper_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_gpg_helper_t)
|
|
||||||
libs_use_shared_libs($1_gpg_helper_t)
|
|
||||||
|
|
||||||
sysnet_read_config($1_gpg_helper_t)
|
sysnet_read_config($1_gpg_helper_t)
|
||||||
|
|
||||||
tunable_policy(`use_nfs_home_dirs',`
|
tunable_policy(`use_nfs_home_dirs',`
|
||||||
@ -238,9 +232,6 @@ template(`gpg_per_role_template',`
|
|||||||
|
|
||||||
domain_use_interactive_fds($1_gpg_agent_t)
|
domain_use_interactive_fds($1_gpg_agent_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_gpg_agent_t)
|
|
||||||
libs_use_shared_libs($1_gpg_agent_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization($1_gpg_agent_t)
|
miscfiles_read_localization($1_gpg_agent_t)
|
||||||
|
|
||||||
# Write to the user domain tty.
|
# Write to the user domain tty.
|
||||||
@ -288,9 +279,6 @@ template(`gpg_per_role_template',`
|
|||||||
# read /etc/X11/qtrc
|
# read /etc/X11/qtrc
|
||||||
files_read_etc_files($1_gpg_pinentry_t)
|
files_read_etc_files($1_gpg_pinentry_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_gpg_pinentry_t)
|
|
||||||
libs_use_shared_libs($1_gpg_pinentry_t)
|
|
||||||
|
|
||||||
miscfiles_read_fonts($1_gpg_pinentry_t)
|
miscfiles_read_fonts($1_gpg_pinentry_t)
|
||||||
miscfiles_read_localization($1_gpg_pinentry_t)
|
miscfiles_read_localization($1_gpg_pinentry_t)
|
||||||
|
|
||||||
|
@ -119,9 +119,6 @@ template(`irc_per_role_template',`
|
|||||||
init_read_utmp($1_irc_t)
|
init_read_utmp($1_irc_t)
|
||||||
init_dontaudit_lock_utmp($1_irc_t)
|
init_dontaudit_lock_utmp($1_irc_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_irc_t)
|
|
||||||
libs_use_shared_libs($1_irc_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization($1_irc_t)
|
miscfiles_read_localization($1_irc_t)
|
||||||
|
|
||||||
# Inherit and use descriptors from newrole.
|
# Inherit and use descriptors from newrole.
|
||||||
|
@ -123,9 +123,6 @@ template(`java_per_role_template',`
|
|||||||
fs_getattr_xattr_fs($1_javaplugin_t)
|
fs_getattr_xattr_fs($1_javaplugin_t)
|
||||||
fs_dontaudit_rw_tmpfs_files($1_javaplugin_t)
|
fs_dontaudit_rw_tmpfs_files($1_javaplugin_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_javaplugin_t)
|
|
||||||
libs_use_shared_libs($1_javaplugin_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg($1_javaplugin_t)
|
logging_send_syslog_msg($1_javaplugin_t)
|
||||||
|
|
||||||
miscfiles_read_localization($1_javaplugin_t)
|
miscfiles_read_localization($1_javaplugin_t)
|
||||||
|
@ -35,9 +35,6 @@ term_use_unallocated_ttys(loadkeys_t)
|
|||||||
init_dontaudit_use_fds(loadkeys_t)
|
init_dontaudit_use_fds(loadkeys_t)
|
||||||
init_dontaudit_use_script_ptys(loadkeys_t)
|
init_dontaudit_use_script_ptys(loadkeys_t)
|
||||||
|
|
||||||
libs_use_ld_so(loadkeys_t)
|
|
||||||
libs_use_shared_libs(loadkeys_t)
|
|
||||||
|
|
||||||
locallogin_use_fds(loadkeys_t)
|
locallogin_use_fds(loadkeys_t)
|
||||||
|
|
||||||
miscfiles_read_localization(loadkeys_t)
|
miscfiles_read_localization(loadkeys_t)
|
||||||
|
@ -69,9 +69,6 @@ template(`lockdev_per_role_template',`
|
|||||||
|
|
||||||
fs_getattr_xattr_fs($1_lockdev_t)
|
fs_getattr_xattr_fs($1_lockdev_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_lockdev_t)
|
|
||||||
libs_use_shared_libs($1_lockdev_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg($1_lockdev_t)
|
logging_send_syslog_msg($1_lockdev_t)
|
||||||
|
|
||||||
userdom_use_user_terminals($1, $1_lockdev_t)
|
userdom_use_user_terminals($1, $1_lockdev_t)
|
||||||
|
@ -172,9 +172,6 @@ template(`mozilla_per_role_template',`
|
|||||||
|
|
||||||
term_dontaudit_getattr_pty_dirs($1_mozilla_t)
|
term_dontaudit_getattr_pty_dirs($1_mozilla_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_mozilla_t)
|
|
||||||
libs_use_shared_libs($1_mozilla_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg($1_mozilla_t)
|
logging_send_syslog_msg($1_mozilla_t)
|
||||||
|
|
||||||
miscfiles_read_fonts($1_mozilla_t)
|
miscfiles_read_fonts($1_mozilla_t)
|
||||||
|
@ -98,9 +98,6 @@ template(`mplayer_per_role_template',`
|
|||||||
# Access to DVD/CD/V4L
|
# Access to DVD/CD/V4L
|
||||||
storage_raw_read_removable_device($1_mencoder_t)
|
storage_raw_read_removable_device($1_mencoder_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_mencoder_t)
|
|
||||||
libs_use_shared_libs($1_mencoder_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization($1_mencoder_t)
|
miscfiles_read_localization($1_mencoder_t)
|
||||||
|
|
||||||
userdom_use_user_terminals($1,$1_mencoder_t)
|
userdom_use_user_terminals($1,$1_mencoder_t)
|
||||||
@ -327,9 +324,6 @@ template(`mplayer_per_role_template',`
|
|||||||
fs_search_auto_mountpoints($1_mplayer_t)
|
fs_search_auto_mountpoints($1_mplayer_t)
|
||||||
fs_list_inotifyfs($1_mplayer_t)
|
fs_list_inotifyfs($1_mplayer_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_mplayer_t)
|
|
||||||
libs_use_shared_libs($1_mplayer_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization($1_mplayer_t)
|
miscfiles_read_localization($1_mplayer_t)
|
||||||
miscfiles_read_fonts($1_mplayer_t)
|
miscfiles_read_fonts($1_mplayer_t)
|
||||||
|
|
||||||
|
@ -26,9 +26,6 @@ dev_read_urand(podsleuth_t)
|
|||||||
|
|
||||||
files_read_etc_files(podsleuth_t)
|
files_read_etc_files(podsleuth_t)
|
||||||
|
|
||||||
libs_use_ld_so(podsleuth_t)
|
|
||||||
libs_use_shared_libs(podsleuth_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(podsleuth_t)
|
miscfiles_read_localization(podsleuth_t)
|
||||||
|
|
||||||
dbus_system_bus_client_template(podsleuth, podsleuth_t)
|
dbus_system_bus_client_template(podsleuth, podsleuth_t)
|
||||||
|
@ -191,9 +191,6 @@ template(`qemu_domain_template',`
|
|||||||
term_getattr_pty_fs($1_t)
|
term_getattr_pty_fs($1_t)
|
||||||
term_use_generic_ptys($1_t)
|
term_use_generic_ptys($1_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_t)
|
|
||||||
libs_use_shared_libs($1_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization($1_t)
|
miscfiles_read_localization($1_t)
|
||||||
|
|
||||||
sysnet_read_config($1_t)
|
sysnet_read_config($1_t)
|
||||||
|
@ -87,9 +87,6 @@ template(`rssh_per_role_template',`
|
|||||||
|
|
||||||
fs_search_auto_mountpoints($1_rssh_t)
|
fs_search_auto_mountpoints($1_rssh_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_rssh_t)
|
|
||||||
libs_use_shared_libs($1_rssh_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg($1_rssh_t)
|
logging_send_syslog_msg($1_rssh_t)
|
||||||
|
|
||||||
miscfiles_read_localization($1_rssh_t)
|
miscfiles_read_localization($1_rssh_t)
|
||||||
|
@ -142,9 +142,6 @@ template(`screen_per_role_template',`
|
|||||||
# Write to utmp.
|
# Write to utmp.
|
||||||
init_rw_utmp($1_screen_t)
|
init_rw_utmp($1_screen_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_screen_t)
|
|
||||||
libs_use_shared_libs($1_screen_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg($1_screen_t)
|
logging_send_syslog_msg($1_screen_t)
|
||||||
|
|
||||||
miscfiles_read_localization($1_screen_t)
|
miscfiles_read_localization($1_screen_t)
|
||||||
|
@ -52,9 +52,6 @@ fs_list_inotifyfs(locate_t)
|
|||||||
# getpwnam
|
# getpwnam
|
||||||
auth_use_nsswitch(locate_t)
|
auth_use_nsswitch(locate_t)
|
||||||
|
|
||||||
libs_use_shared_libs(locate_t)
|
|
||||||
libs_use_ld_so(locate_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(locate_t)
|
miscfiles_read_localization(locate_t)
|
||||||
|
|
||||||
ifdef(`enable_mls',`
|
ifdef(`enable_mls',`
|
||||||
|
@ -147,9 +147,6 @@ template(`thunderbird_per_role_template',`
|
|||||||
|
|
||||||
auth_use_nsswitch($1_thunderbird_t)
|
auth_use_nsswitch($1_thunderbird_t)
|
||||||
|
|
||||||
libs_use_shared_libs($1_thunderbird_t)
|
|
||||||
libs_use_ld_so($1_thunderbird_t)
|
|
||||||
|
|
||||||
miscfiles_read_fonts($1_thunderbird_t)
|
miscfiles_read_fonts($1_thunderbird_t)
|
||||||
miscfiles_read_localization($1_thunderbird_t)
|
miscfiles_read_localization($1_thunderbird_t)
|
||||||
|
|
||||||
|
@ -112,9 +112,6 @@ template(`tvtime_per_role_template',`
|
|||||||
# X access, Home files
|
# X access, Home files
|
||||||
fs_search_auto_mountpoints($1_tvtime_t)
|
fs_search_auto_mountpoints($1_tvtime_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_tvtime_t)
|
|
||||||
libs_use_shared_libs($1_tvtime_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization($1_tvtime_t)
|
miscfiles_read_localization($1_tvtime_t)
|
||||||
miscfiles_read_fonts($1_tvtime_t)
|
miscfiles_read_fonts($1_tvtime_t)
|
||||||
|
|
||||||
|
@ -176,8 +176,6 @@ template(`uml_per_role_template',`
|
|||||||
init_dontaudit_write_utmp($1_uml_t)
|
init_dontaudit_write_utmp($1_uml_t)
|
||||||
|
|
||||||
# for xterm
|
# for xterm
|
||||||
libs_use_ld_so($1_uml_t)
|
|
||||||
libs_use_shared_libs($1_uml_t)
|
|
||||||
libs_exec_lib_files($1_uml_t)
|
libs_exec_lib_files($1_uml_t)
|
||||||
|
|
||||||
# Inherit and use descriptors from newrole.
|
# Inherit and use descriptors from newrole.
|
||||||
|
@ -49,9 +49,6 @@ term_dontaudit_use_console(uml_switch_t)
|
|||||||
init_use_fds(uml_switch_t)
|
init_use_fds(uml_switch_t)
|
||||||
init_use_script_ptys(uml_switch_t)
|
init_use_script_ptys(uml_switch_t)
|
||||||
|
|
||||||
libs_use_ld_so(uml_switch_t)
|
|
||||||
libs_use_shared_libs(uml_switch_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(uml_switch_t)
|
logging_send_syslog_msg(uml_switch_t)
|
||||||
|
|
||||||
miscfiles_read_localization(uml_switch_t)
|
miscfiles_read_localization(uml_switch_t)
|
||||||
|
@ -139,9 +139,6 @@ template(`userhelper_per_role_template',`
|
|||||||
# Write to utmp.
|
# Write to utmp.
|
||||||
init_manage_utmp($1_userhelper_t)
|
init_manage_utmp($1_userhelper_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_userhelper_t)
|
|
||||||
libs_use_shared_libs($1_userhelper_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization($1_userhelper_t)
|
miscfiles_read_localization($1_userhelper_t)
|
||||||
|
|
||||||
seutil_read_config($1_userhelper_t)
|
seutil_read_config($1_userhelper_t)
|
||||||
|
@ -51,9 +51,6 @@ fs_search_auto_mountpoints(usernetctl_t)
|
|||||||
|
|
||||||
auth_use_nsswitch(usernetctl_t)
|
auth_use_nsswitch(usernetctl_t)
|
||||||
|
|
||||||
libs_use_ld_so(usernetctl_t)
|
|
||||||
libs_use_shared_libs(usernetctl_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(usernetctl_t)
|
logging_send_syslog_msg(usernetctl_t)
|
||||||
|
|
||||||
miscfiles_read_localization(usernetctl_t)
|
miscfiles_read_localization(usernetctl_t)
|
||||||
|
@ -146,8 +146,6 @@ template(`vmware_per_role_template',`
|
|||||||
storage_raw_read_removable_device($1_vmware_t)
|
storage_raw_read_removable_device($1_vmware_t)
|
||||||
storage_raw_write_removable_device($1_vmware_t)
|
storage_raw_write_removable_device($1_vmware_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_vmware_t)
|
|
||||||
libs_use_shared_libs($1_vmware_t)
|
|
||||||
# startup scripts run ldd
|
# startup scripts run ldd
|
||||||
libs_exec_ld_so($1_vmware_t)
|
libs_exec_ld_so($1_vmware_t)
|
||||||
# Access X11 config files
|
# Access X11 config files
|
||||||
|
@ -85,9 +85,6 @@ term_dontaudit_use_console(vmware_host_t)
|
|||||||
init_use_fds(vmware_host_t)
|
init_use_fds(vmware_host_t)
|
||||||
init_use_script_ptys(vmware_host_t)
|
init_use_script_ptys(vmware_host_t)
|
||||||
|
|
||||||
libs_use_ld_so(vmware_host_t)
|
|
||||||
libs_use_shared_libs(vmware_host_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(vmware_host_t)
|
logging_send_syslog_msg(vmware_host_t)
|
||||||
|
|
||||||
miscfiles_read_localization(vmware_host_t)
|
miscfiles_read_localization(vmware_host_t)
|
||||||
|
@ -72,9 +72,6 @@ fs_getattr_xattr_fs(webalizer_t)
|
|||||||
files_read_etc_files(webalizer_t)
|
files_read_etc_files(webalizer_t)
|
||||||
files_read_etc_runtime_files(webalizer_t)
|
files_read_etc_runtime_files(webalizer_t)
|
||||||
|
|
||||||
libs_use_ld_so(webalizer_t)
|
|
||||||
libs_use_shared_libs(webalizer_t)
|
|
||||||
|
|
||||||
logging_list_logs(webalizer_t)
|
logging_list_logs(webalizer_t)
|
||||||
logging_send_syslog_msg(webalizer_t)
|
logging_send_syslog_msg(webalizer_t)
|
||||||
|
|
||||||
|
@ -124,8 +124,6 @@ template(`wireshark_per_role_template',`
|
|||||||
fs_search_auto_mountpoints($1_wireshark_t)
|
fs_search_auto_mountpoints($1_wireshark_t)
|
||||||
|
|
||||||
libs_read_lib_files($1_wireshark_t)
|
libs_read_lib_files($1_wireshark_t)
|
||||||
libs_use_ld_so($1_wireshark_t)
|
|
||||||
libs_use_shared_libs($1_wireshark_t)
|
|
||||||
|
|
||||||
miscfiles_read_fonts($1_wireshark_t)
|
miscfiles_read_fonts($1_wireshark_t)
|
||||||
miscfiles_read_localization($1_wireshark_t)
|
miscfiles_read_localization($1_wireshark_t)
|
||||||
|
@ -86,9 +86,6 @@ fs_read_iso9660_files(yam_t)
|
|||||||
|
|
||||||
term_search_ptys(yam_t)
|
term_search_ptys(yam_t)
|
||||||
|
|
||||||
libs_use_ld_so(yam_t)
|
|
||||||
libs_use_shared_libs(yam_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(yam_t)
|
logging_send_syslog_msg(yam_t)
|
||||||
|
|
||||||
miscfiles_read_localization(yam_t)
|
miscfiles_read_localization(yam_t)
|
||||||
|
@ -105,9 +105,6 @@ files_read_etc_files(afs_bosserver_t)
|
|||||||
files_list_home(afs_bosserver_t)
|
files_list_home(afs_bosserver_t)
|
||||||
files_read_usr_files(afs_bosserver_t)
|
files_read_usr_files(afs_bosserver_t)
|
||||||
|
|
||||||
libs_use_ld_so(afs_bosserver_t)
|
|
||||||
libs_use_shared_libs(afs_bosserver_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(afs_bosserver_t)
|
miscfiles_read_localization(afs_bosserver_t)
|
||||||
|
|
||||||
seutil_read_config(afs_bosserver_t)
|
seutil_read_config(afs_bosserver_t)
|
||||||
@ -175,9 +172,6 @@ term_dontaudit_use_console(afs_fsserver_t)
|
|||||||
|
|
||||||
init_dontaudit_use_script_fds(afs_fsserver_t)
|
init_dontaudit_use_script_fds(afs_fsserver_t)
|
||||||
|
|
||||||
libs_use_ld_so(afs_fsserver_t)
|
|
||||||
libs_use_shared_libs(afs_fsserver_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(afs_fsserver_t)
|
logging_send_syslog_msg(afs_fsserver_t)
|
||||||
|
|
||||||
miscfiles_read_localization(afs_fsserver_t)
|
miscfiles_read_localization(afs_fsserver_t)
|
||||||
@ -225,9 +219,6 @@ files_read_etc_files(afs_kaserver_t)
|
|||||||
files_list_home(afs_kaserver_t)
|
files_list_home(afs_kaserver_t)
|
||||||
files_read_usr_files(afs_kaserver_t)
|
files_read_usr_files(afs_kaserver_t)
|
||||||
|
|
||||||
libs_use_ld_so(afs_kaserver_t)
|
|
||||||
libs_use_shared_libs(afs_kaserver_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(afs_kaserver_t)
|
miscfiles_read_localization(afs_kaserver_t)
|
||||||
|
|
||||||
seutil_read_config(afs_kaserver_t)
|
seutil_read_config(afs_kaserver_t)
|
||||||
@ -268,9 +259,6 @@ corenet_sendrecv_afs_pt_server_packets(afs_ptserver_t)
|
|||||||
|
|
||||||
files_read_etc_files(afs_ptserver_t)
|
files_read_etc_files(afs_ptserver_t)
|
||||||
|
|
||||||
libs_use_ld_so(afs_ptserver_t)
|
|
||||||
libs_use_shared_libs(afs_ptserver_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(afs_ptserver_t)
|
miscfiles_read_localization(afs_ptserver_t)
|
||||||
|
|
||||||
sysnet_read_config(afs_ptserver_t)
|
sysnet_read_config(afs_ptserver_t)
|
||||||
@ -309,9 +297,6 @@ corenet_sendrecv_afs_vl_server_packets(afs_vlserver_t)
|
|||||||
|
|
||||||
files_read_etc_files(afs_vlserver_t)
|
files_read_etc_files(afs_vlserver_t)
|
||||||
|
|
||||||
libs_use_ld_so(afs_vlserver_t)
|
|
||||||
libs_use_shared_libs(afs_vlserver_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(afs_vlserver_t)
|
miscfiles_read_localization(afs_vlserver_t)
|
||||||
|
|
||||||
sysnet_read_config(afs_vlserver_t)
|
sysnet_read_config(afs_vlserver_t)
|
||||||
|
@ -34,9 +34,6 @@ logging_log_filetrans(aide_t, aide_log_t, file)
|
|||||||
|
|
||||||
files_read_all_files(aide_t)
|
files_read_all_files(aide_t)
|
||||||
|
|
||||||
libs_use_ld_so(aide_t)
|
|
||||||
libs_use_shared_libs(aide_t)
|
|
||||||
|
|
||||||
logging_send_audit_msgs(aide_t)
|
logging_send_audit_msgs(aide_t)
|
||||||
|
|
||||||
seutil_use_newrole_fds(aide_t)
|
seutil_use_newrole_fds(aide_t)
|
||||||
|
@ -138,9 +138,6 @@ auth_dontaudit_read_shadow(amavis_t)
|
|||||||
|
|
||||||
init_stream_connect_script(amavis_t)
|
init_stream_connect_script(amavis_t)
|
||||||
|
|
||||||
libs_use_ld_so(amavis_t)
|
|
||||||
libs_use_shared_libs(amavis_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(amavis_t)
|
logging_send_syslog_msg(amavis_t)
|
||||||
|
|
||||||
miscfiles_read_localization(amavis_t)
|
miscfiles_read_localization(amavis_t)
|
||||||
|
@ -101,8 +101,6 @@ template(`apache_content_template',`
|
|||||||
files_read_etc_files(httpd_$1_script_t)
|
files_read_etc_files(httpd_$1_script_t)
|
||||||
files_search_home(httpd_$1_script_t)
|
files_search_home(httpd_$1_script_t)
|
||||||
|
|
||||||
libs_use_ld_so(httpd_$1_script_t)
|
|
||||||
libs_use_shared_libs(httpd_$1_script_t)
|
|
||||||
libs_exec_ld_so(httpd_$1_script_t)
|
libs_exec_ld_so(httpd_$1_script_t)
|
||||||
libs_exec_lib_files(httpd_$1_script_t)
|
libs_exec_lib_files(httpd_$1_script_t)
|
||||||
|
|
||||||
|
@ -336,8 +336,6 @@ files_read_var_lib_symlinks(httpd_t)
|
|||||||
|
|
||||||
fs_search_auto_mountpoints(httpd_sys_script_t)
|
fs_search_auto_mountpoints(httpd_sys_script_t)
|
||||||
|
|
||||||
libs_use_ld_so(httpd_t)
|
|
||||||
libs_use_shared_libs(httpd_t)
|
|
||||||
libs_read_lib_files(httpd_t)
|
libs_read_lib_files(httpd_t)
|
||||||
|
|
||||||
logging_send_syslog_msg(httpd_t)
|
logging_send_syslog_msg(httpd_t)
|
||||||
@ -513,9 +511,6 @@ allow httpd_helper_t httpd_config_t:file read_file_perms;
|
|||||||
|
|
||||||
allow httpd_helper_t httpd_log_t:file append_file_perms;
|
allow httpd_helper_t httpd_log_t:file append_file_perms;
|
||||||
|
|
||||||
libs_use_ld_so(httpd_helper_t)
|
|
||||||
libs_use_shared_libs(httpd_helper_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(httpd_helper_t)
|
logging_send_syslog_msg(httpd_helper_t)
|
||||||
|
|
||||||
tunable_policy(`httpd_tty_comm',`
|
tunable_policy(`httpd_tty_comm',`
|
||||||
@ -552,8 +547,6 @@ files_tmp_filetrans(httpd_php_t, httpd_php_tmp_t, { file dir })
|
|||||||
fs_search_auto_mountpoints(httpd_php_t)
|
fs_search_auto_mountpoints(httpd_php_t)
|
||||||
|
|
||||||
libs_exec_lib_files(httpd_php_t)
|
libs_exec_lib_files(httpd_php_t)
|
||||||
libs_use_ld_so(httpd_php_t)
|
|
||||||
libs_use_shared_libs(httpd_php_t)
|
|
||||||
|
|
||||||
userdom_use_unpriv_users_fds(httpd_php_t)
|
userdom_use_unpriv_users_fds(httpd_php_t)
|
||||||
|
|
||||||
@ -609,9 +602,6 @@ files_search_home(httpd_suexec_t)
|
|||||||
|
|
||||||
auth_use_nsswitch(httpd_suexec_t)
|
auth_use_nsswitch(httpd_suexec_t)
|
||||||
|
|
||||||
libs_use_ld_so(httpd_suexec_t)
|
|
||||||
libs_use_shared_libs(httpd_suexec_t)
|
|
||||||
|
|
||||||
logging_search_logs(httpd_suexec_t)
|
logging_search_logs(httpd_suexec_t)
|
||||||
logging_send_syslog_msg(httpd_suexec_t)
|
logging_send_syslog_msg(httpd_suexec_t)
|
||||||
|
|
||||||
@ -735,9 +725,6 @@ kernel_dontaudit_read_proc_symlinks(httpd_rotatelogs_t)
|
|||||||
|
|
||||||
files_read_etc_files(httpd_rotatelogs_t)
|
files_read_etc_files(httpd_rotatelogs_t)
|
||||||
|
|
||||||
libs_use_ld_so(httpd_rotatelogs_t)
|
|
||||||
libs_use_shared_libs(httpd_rotatelogs_t)
|
|
||||||
|
|
||||||
logging_search_logs(httpd_rotatelogs_t)
|
logging_search_logs(httpd_rotatelogs_t)
|
||||||
|
|
||||||
miscfiles_read_localization(httpd_rotatelogs_t)
|
miscfiles_read_localization(httpd_rotatelogs_t)
|
||||||
|
@ -82,9 +82,6 @@ term_use_unallocated_ttys(apcupsd_t)
|
|||||||
init_rw_utmp(apcupsd_t)
|
init_rw_utmp(apcupsd_t)
|
||||||
init_telinit(apcupsd_t)
|
init_telinit(apcupsd_t)
|
||||||
|
|
||||||
libs_use_ld_so(apcupsd_t)
|
|
||||||
libs_use_shared_libs(apcupsd_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(apcupsd_t)
|
logging_send_syslog_msg(apcupsd_t)
|
||||||
|
|
||||||
miscfiles_read_localization(apcupsd_t)
|
miscfiles_read_localization(apcupsd_t)
|
||||||
|
@ -50,9 +50,6 @@ term_use_all_terms(apm_t)
|
|||||||
|
|
||||||
domain_use_interactive_fds(apm_t)
|
domain_use_interactive_fds(apm_t)
|
||||||
|
|
||||||
libs_use_ld_so(apm_t)
|
|
||||||
libs_use_shared_libs(apm_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(apm_t)
|
logging_send_syslog_msg(apm_t)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
@ -123,9 +120,7 @@ init_rw_utmp(apmd_t)
|
|||||||
init_telinit(apmd_t)
|
init_telinit(apmd_t)
|
||||||
|
|
||||||
libs_exec_ld_so(apmd_t)
|
libs_exec_ld_so(apmd_t)
|
||||||
libs_use_ld_so(apmd_t)
|
|
||||||
libs_exec_lib_files(apmd_t)
|
libs_exec_lib_files(apmd_t)
|
||||||
libs_use_shared_libs(apmd_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(apmd_t)
|
logging_send_syslog_msg(apmd_t)
|
||||||
|
|
||||||
|
@ -73,9 +73,6 @@ files_search_var_lib(arpwatch_t)
|
|||||||
|
|
||||||
auth_use_nsswitch(arpwatch_t)
|
auth_use_nsswitch(arpwatch_t)
|
||||||
|
|
||||||
libs_use_ld_so(arpwatch_t)
|
|
||||||
libs_use_shared_libs(arpwatch_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(arpwatch_t)
|
logging_send_syslog_msg(arpwatch_t)
|
||||||
|
|
||||||
miscfiles_read_localization(arpwatch_t)
|
miscfiles_read_localization(arpwatch_t)
|
||||||
|
@ -116,9 +116,6 @@ files_read_usr_files(asterisk_t)
|
|||||||
fs_getattr_all_fs(asterisk_t)
|
fs_getattr_all_fs(asterisk_t)
|
||||||
fs_search_auto_mountpoints(asterisk_t)
|
fs_search_auto_mountpoints(asterisk_t)
|
||||||
|
|
||||||
libs_use_ld_so(asterisk_t)
|
|
||||||
libs_use_shared_libs(asterisk_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(asterisk_t)
|
logging_send_syslog_msg(asterisk_t)
|
||||||
|
|
||||||
miscfiles_read_localization(asterisk_t)
|
miscfiles_read_localization(asterisk_t)
|
||||||
|
@ -41,9 +41,6 @@ fs_search_auto_mountpoints(entropyd_t)
|
|||||||
|
|
||||||
domain_use_interactive_fds(entropyd_t)
|
domain_use_interactive_fds(entropyd_t)
|
||||||
|
|
||||||
libs_use_ld_so(entropyd_t)
|
|
||||||
libs_use_shared_libs(entropyd_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(entropyd_t)
|
logging_send_syslog_msg(entropyd_t)
|
||||||
|
|
||||||
miscfiles_read_localization(entropyd_t)
|
miscfiles_read_localization(entropyd_t)
|
||||||
|
@ -134,9 +134,6 @@ term_dontaudit_getattr_pty_dirs(automount_t)
|
|||||||
|
|
||||||
auth_use_nsswitch(automount_t)
|
auth_use_nsswitch(automount_t)
|
||||||
|
|
||||||
libs_use_ld_so(automount_t)
|
|
||||||
libs_use_shared_libs(automount_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(automount_t)
|
logging_send_syslog_msg(automount_t)
|
||||||
logging_search_logs(automount_t)
|
logging_search_logs(automount_t)
|
||||||
|
|
||||||
|
@ -70,9 +70,6 @@ auth_use_nsswitch(avahi_t)
|
|||||||
init_signal_script(avahi_t)
|
init_signal_script(avahi_t)
|
||||||
init_signull_script(avahi_t)
|
init_signull_script(avahi_t)
|
||||||
|
|
||||||
libs_use_ld_so(avahi_t)
|
|
||||||
libs_use_shared_libs(avahi_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(avahi_t)
|
logging_send_syslog_msg(avahi_t)
|
||||||
|
|
||||||
miscfiles_read_localization(avahi_t)
|
miscfiles_read_localization(avahi_t)
|
||||||
|
@ -139,9 +139,6 @@ fs_search_auto_mountpoints(named_t)
|
|||||||
|
|
||||||
auth_use_nsswitch(named_t)
|
auth_use_nsswitch(named_t)
|
||||||
|
|
||||||
libs_use_ld_so(named_t)
|
|
||||||
libs_use_shared_libs(named_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(named_t)
|
logging_send_syslog_msg(named_t)
|
||||||
|
|
||||||
miscfiles_read_localization(named_t)
|
miscfiles_read_localization(named_t)
|
||||||
@ -237,9 +234,6 @@ fs_getattr_xattr_fs(ndc_t)
|
|||||||
init_use_fds(ndc_t)
|
init_use_fds(ndc_t)
|
||||||
init_use_script_ptys(ndc_t)
|
init_use_script_ptys(ndc_t)
|
||||||
|
|
||||||
libs_use_ld_so(ndc_t)
|
|
||||||
libs_use_shared_libs(ndc_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(ndc_t)
|
logging_send_syslog_msg(ndc_t)
|
||||||
|
|
||||||
miscfiles_read_localization(ndc_t)
|
miscfiles_read_localization(ndc_t)
|
||||||
|
@ -78,7 +78,6 @@ files_search_pids(bitlbee_t)
|
|||||||
files_read_usr_files(bitlbee_t)
|
files_read_usr_files(bitlbee_t)
|
||||||
|
|
||||||
libs_legacy_use_shared_libs(bitlbee_t)
|
libs_legacy_use_shared_libs(bitlbee_t)
|
||||||
libs_use_ld_so(bitlbee_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(bitlbee_t)
|
miscfiles_read_localization(bitlbee_t)
|
||||||
|
|
||||||
|
@ -84,9 +84,6 @@ template(`bluetooth_per_role_template',`
|
|||||||
files_read_usr_files($1_bluetooth_t)
|
files_read_usr_files($1_bluetooth_t)
|
||||||
files_dontaudit_list_default($1_bluetooth_t)
|
files_dontaudit_list_default($1_bluetooth_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_bluetooth_t)
|
|
||||||
libs_use_shared_libs($1_bluetooth_t)
|
|
||||||
|
|
||||||
locallogin_dontaudit_use_fds($1_bluetooth_t)
|
locallogin_dontaudit_use_fds($1_bluetooth_t)
|
||||||
|
|
||||||
logging_send_syslog_msg($1_bluetooth_t)
|
logging_send_syslog_msg($1_bluetooth_t)
|
||||||
|
@ -110,9 +110,6 @@ files_read_etc_files(bluetooth_t)
|
|||||||
files_read_etc_runtime_files(bluetooth_t)
|
files_read_etc_runtime_files(bluetooth_t)
|
||||||
files_read_usr_files(bluetooth_t)
|
files_read_usr_files(bluetooth_t)
|
||||||
|
|
||||||
libs_use_ld_so(bluetooth_t)
|
|
||||||
libs_use_shared_libs(bluetooth_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(bluetooth_t)
|
logging_send_syslog_msg(bluetooth_t)
|
||||||
|
|
||||||
miscfiles_read_localization(bluetooth_t)
|
miscfiles_read_localization(bluetooth_t)
|
||||||
|
@ -71,9 +71,6 @@ files_read_usr_files(canna_t)
|
|||||||
files_search_tmp(canna_t)
|
files_search_tmp(canna_t)
|
||||||
files_dontaudit_read_root_files(canna_t)
|
files_dontaudit_read_root_files(canna_t)
|
||||||
|
|
||||||
libs_use_ld_so(canna_t)
|
|
||||||
libs_use_shared_libs(canna_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(canna_t)
|
logging_send_syslog_msg(canna_t)
|
||||||
|
|
||||||
miscfiles_read_localization(canna_t)
|
miscfiles_read_localization(canna_t)
|
||||||
|
@ -98,9 +98,6 @@ files_read_etc_runtime_files(ccs_t)
|
|||||||
|
|
||||||
init_rw_script_tmp_files(ccs_t)
|
init_rw_script_tmp_files(ccs_t)
|
||||||
|
|
||||||
libs_use_ld_so(ccs_t)
|
|
||||||
libs_use_shared_libs(ccs_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(ccs_t)
|
logging_send_syslog_msg(ccs_t)
|
||||||
|
|
||||||
miscfiles_read_localization(ccs_t)
|
miscfiles_read_localization(ccs_t)
|
||||||
|
@ -52,9 +52,6 @@ files_dontaudit_search_var(ciped_t)
|
|||||||
|
|
||||||
fs_search_auto_mountpoints(ciped_t)
|
fs_search_auto_mountpoints(ciped_t)
|
||||||
|
|
||||||
libs_use_ld_so(ciped_t)
|
|
||||||
libs_use_shared_libs(ciped_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(ciped_t)
|
logging_send_syslog_msg(ciped_t)
|
||||||
|
|
||||||
miscfiles_read_localization(ciped_t)
|
miscfiles_read_localization(ciped_t)
|
||||||
|
@ -107,9 +107,6 @@ files_read_etc_files(clamd_t)
|
|||||||
files_read_etc_runtime_files(clamd_t)
|
files_read_etc_runtime_files(clamd_t)
|
||||||
files_search_spool(clamd_t)
|
files_search_spool(clamd_t)
|
||||||
|
|
||||||
libs_use_ld_so(clamd_t)
|
|
||||||
libs_use_shared_libs(clamd_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(clamd_t)
|
logging_send_syslog_msg(clamd_t)
|
||||||
|
|
||||||
miscfiles_read_localization(clamd_t)
|
miscfiles_read_localization(clamd_t)
|
||||||
@ -175,9 +172,6 @@ domain_use_interactive_fds(freshclam_t)
|
|||||||
files_read_etc_files(freshclam_t)
|
files_read_etc_files(freshclam_t)
|
||||||
files_read_etc_runtime_files(freshclam_t)
|
files_read_etc_runtime_files(freshclam_t)
|
||||||
|
|
||||||
libs_use_ld_so(freshclam_t)
|
|
||||||
libs_use_shared_libs(freshclam_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(freshclam_t)
|
miscfiles_read_localization(freshclam_t)
|
||||||
|
|
||||||
sysnet_dns_name_resolve(freshclam_t)
|
sysnet_dns_name_resolve(freshclam_t)
|
||||||
@ -222,9 +216,6 @@ files_search_var_lib(clamscan_t)
|
|||||||
init_read_utmp(clamscan_t)
|
init_read_utmp(clamscan_t)
|
||||||
init_dontaudit_write_utmp(clamscan_t)
|
init_dontaudit_write_utmp(clamscan_t)
|
||||||
|
|
||||||
libs_use_ld_so(clamscan_t)
|
|
||||||
libs_use_shared_libs(clamscan_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(clamscan_t)
|
miscfiles_read_localization(clamscan_t)
|
||||||
miscfiles_read_public_files(clamscan_t)
|
miscfiles_read_public_files(clamscan_t)
|
||||||
|
|
||||||
|
@ -37,9 +37,6 @@ corenet_sendrecv_ntp_client_packets(clockspeed_cli_t)
|
|||||||
files_list_var_lib(clockspeed_cli_t)
|
files_list_var_lib(clockspeed_cli_t)
|
||||||
files_read_etc_files(clockspeed_cli_t)
|
files_read_etc_files(clockspeed_cli_t)
|
||||||
|
|
||||||
libs_use_ld_so(clockspeed_cli_t)
|
|
||||||
libs_use_shared_libs(clockspeed_cli_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(clockspeed_cli_t)
|
miscfiles_read_localization(clockspeed_cli_t)
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
@ -67,9 +64,6 @@ corenet_sendrecv_clockspeed_server_packets(clockspeed_srv_t)
|
|||||||
files_read_etc_files(clockspeed_srv_t)
|
files_read_etc_files(clockspeed_srv_t)
|
||||||
files_list_var_lib(clockspeed_srv_t)
|
files_list_var_lib(clockspeed_srv_t)
|
||||||
|
|
||||||
libs_use_ld_so(clockspeed_srv_t)
|
|
||||||
libs_use_shared_libs(clockspeed_srv_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(clockspeed_srv_t)
|
miscfiles_read_localization(clockspeed_srv_t)
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
|
@ -62,9 +62,6 @@ auth_use_nsswitch(comsat_t)
|
|||||||
init_read_utmp(comsat_t)
|
init_read_utmp(comsat_t)
|
||||||
init_dontaudit_write_utmp(comsat_t)
|
init_dontaudit_write_utmp(comsat_t)
|
||||||
|
|
||||||
libs_use_ld_so(comsat_t)
|
|
||||||
libs_use_shared_libs(comsat_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(comsat_t)
|
logging_send_syslog_msg(comsat_t)
|
||||||
|
|
||||||
miscfiles_read_localization(comsat_t)
|
miscfiles_read_localization(comsat_t)
|
||||||
|
@ -47,9 +47,6 @@ term_use_all_terms(consolekit_t)
|
|||||||
|
|
||||||
auth_use_nsswitch(consolekit_t)
|
auth_use_nsswitch(consolekit_t)
|
||||||
|
|
||||||
libs_use_ld_so(consolekit_t)
|
|
||||||
libs_use_shared_libs(consolekit_t)
|
|
||||||
|
|
||||||
miscfiles_read_localization(consolekit_t)
|
miscfiles_read_localization(consolekit_t)
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
|
@ -68,9 +68,6 @@ template(`courier_domain_template',`
|
|||||||
fs_getattr_xattr_fs(courier_$1_t)
|
fs_getattr_xattr_fs(courier_$1_t)
|
||||||
fs_search_auto_mountpoints(courier_$1_t)
|
fs_search_auto_mountpoints(courier_$1_t)
|
||||||
|
|
||||||
libs_use_ld_so(courier_$1_t)
|
|
||||||
libs_use_shared_libs(courier_$1_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(courier_$1_t)
|
logging_send_syslog_msg(courier_$1_t)
|
||||||
|
|
||||||
sysnet_read_config(courier_$1_t)
|
sysnet_read_config(courier_$1_t)
|
||||||
|
@ -51,9 +51,6 @@ files_list_usr(cpucontrol_t)
|
|||||||
init_use_fds(cpucontrol_t)
|
init_use_fds(cpucontrol_t)
|
||||||
init_use_script_ptys(cpucontrol_t)
|
init_use_script_ptys(cpucontrol_t)
|
||||||
|
|
||||||
libs_use_ld_so(cpucontrol_t)
|
|
||||||
libs_use_shared_libs(cpucontrol_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(cpucontrol_t)
|
logging_send_syslog_msg(cpucontrol_t)
|
||||||
|
|
||||||
userdom_dontaudit_use_unpriv_user_fds(cpucontrol_t)
|
userdom_dontaudit_use_unpriv_user_fds(cpucontrol_t)
|
||||||
@ -107,9 +104,6 @@ term_dontaudit_use_console(cpuspeed_t)
|
|||||||
init_use_fds(cpuspeed_t)
|
init_use_fds(cpuspeed_t)
|
||||||
init_use_script_ptys(cpuspeed_t)
|
init_use_script_ptys(cpuspeed_t)
|
||||||
|
|
||||||
libs_use_ld_so(cpuspeed_t)
|
|
||||||
libs_use_shared_libs(cpuspeed_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(cpuspeed_t)
|
logging_send_syslog_msg(cpuspeed_t)
|
||||||
|
|
||||||
miscfiles_read_localization(cpuspeed_t)
|
miscfiles_read_localization(cpuspeed_t)
|
||||||
|
@ -120,8 +120,6 @@ template(`cron_per_role_template',`
|
|||||||
# for nscd:
|
# for nscd:
|
||||||
files_dontaudit_search_pids($1_crond_t)
|
files_dontaudit_search_pids($1_crond_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_crond_t)
|
|
||||||
libs_use_shared_libs($1_crond_t)
|
|
||||||
libs_exec_lib_files($1_crond_t)
|
libs_exec_lib_files($1_crond_t)
|
||||||
libs_exec_ld_so($1_crond_t)
|
libs_exec_ld_so($1_crond_t)
|
||||||
|
|
||||||
@ -233,9 +231,6 @@ template(`cron_per_role_template',`
|
|||||||
files_read_etc_files($1_crontab_t)
|
files_read_etc_files($1_crontab_t)
|
||||||
files_dontaudit_search_pids($1_crontab_t)
|
files_dontaudit_search_pids($1_crontab_t)
|
||||||
|
|
||||||
libs_use_ld_so($1_crontab_t)
|
|
||||||
libs_use_shared_libs($1_crontab_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg($1_crontab_t)
|
logging_send_syslog_msg($1_crontab_t)
|
||||||
|
|
||||||
miscfiles_read_localization($1_crontab_t)
|
miscfiles_read_localization($1_crontab_t)
|
||||||
|
@ -145,9 +145,6 @@ init_rw_utmp(crond_t)
|
|||||||
|
|
||||||
auth_use_nsswitch(crond_t)
|
auth_use_nsswitch(crond_t)
|
||||||
|
|
||||||
libs_use_ld_so(crond_t)
|
|
||||||
libs_use_shared_libs(crond_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(crond_t)
|
logging_send_syslog_msg(crond_t)
|
||||||
|
|
||||||
seutil_read_config(crond_t)
|
seutil_read_config(crond_t)
|
||||||
@ -327,8 +324,6 @@ init_write_initctl(system_crond_t)
|
|||||||
|
|
||||||
auth_use_nsswitch(system_crond_t)
|
auth_use_nsswitch(system_crond_t)
|
||||||
|
|
||||||
libs_use_ld_so(system_crond_t)
|
|
||||||
libs_use_shared_libs(system_crond_t)
|
|
||||||
libs_exec_lib_files(system_crond_t)
|
libs_exec_lib_files(system_crond_t)
|
||||||
libs_exec_ld_so(system_crond_t)
|
libs_exec_ld_so(system_crond_t)
|
||||||
|
|
||||||
|
@ -206,8 +206,6 @@ init_exec_script_files(cupsd_t)
|
|||||||
|
|
||||||
auth_use_nsswitch(cupsd_t)
|
auth_use_nsswitch(cupsd_t)
|
||||||
|
|
||||||
libs_use_ld_so(cupsd_t)
|
|
||||||
libs_use_shared_libs(cupsd_t)
|
|
||||||
# Read /usr/lib/gconv/gconv-modules.* and /usr/lib/python2.2/.*
|
# Read /usr/lib/gconv/gconv-modules.* and /usr/lib/python2.2/.*
|
||||||
libs_read_lib_files(cupsd_t)
|
libs_read_lib_files(cupsd_t)
|
||||||
|
|
||||||
@ -347,9 +345,6 @@ init_getattr_script_files(cupsd_config_t)
|
|||||||
|
|
||||||
auth_use_nsswitch(cupsd_config_t)
|
auth_use_nsswitch(cupsd_config_t)
|
||||||
|
|
||||||
libs_use_ld_so(cupsd_config_t)
|
|
||||||
libs_use_shared_libs(cupsd_config_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(cupsd_config_t)
|
logging_send_syslog_msg(cupsd_config_t)
|
||||||
|
|
||||||
miscfiles_read_localization(cupsd_config_t)
|
miscfiles_read_localization(cupsd_config_t)
|
||||||
@ -470,9 +465,6 @@ files_read_etc_files(cupsd_lpd_t)
|
|||||||
|
|
||||||
auth_use_nsswitch(cupsd_lpd_t)
|
auth_use_nsswitch(cupsd_lpd_t)
|
||||||
|
|
||||||
libs_use_ld_so(cupsd_lpd_t)
|
|
||||||
libs_use_shared_libs(cupsd_lpd_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(cupsd_lpd_t)
|
logging_send_syslog_msg(cupsd_lpd_t)
|
||||||
|
|
||||||
miscfiles_read_localization(cupsd_lpd_t)
|
miscfiles_read_localization(cupsd_lpd_t)
|
||||||
@ -552,9 +544,6 @@ files_read_etc_files(hplip_t)
|
|||||||
files_read_etc_runtime_files(hplip_t)
|
files_read_etc_runtime_files(hplip_t)
|
||||||
files_read_usr_files(hplip_t)
|
files_read_usr_files(hplip_t)
|
||||||
|
|
||||||
libs_use_ld_so(hplip_t)
|
|
||||||
libs_use_shared_libs(hplip_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(hplip_t)
|
logging_send_syslog_msg(hplip_t)
|
||||||
|
|
||||||
miscfiles_read_localization(hplip_t)
|
miscfiles_read_localization(hplip_t)
|
||||||
@ -632,9 +621,6 @@ domain_use_interactive_fds(ptal_t)
|
|||||||
files_read_etc_files(ptal_t)
|
files_read_etc_files(ptal_t)
|
||||||
files_read_etc_runtime_files(ptal_t)
|
files_read_etc_runtime_files(ptal_t)
|
||||||
|
|
||||||
libs_use_ld_so(ptal_t)
|
|
||||||
libs_use_shared_libs(ptal_t)
|
|
||||||
|
|
||||||
logging_send_syslog_msg(ptal_t)
|
logging_send_syslog_msg(ptal_t)
|
||||||
|
|
||||||
miscfiles_read_localization(ptal_t)
|
miscfiles_read_localization(ptal_t)
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user