remove rhgb_domain and update for optional_policy() behavior change

2005-11-25 19:41:25 +00:00 · 2005-11-25 19:41:25 +00:00 · 33d087189d
commit 33d087189d
parent 09741b1f0e
1 changed files with 23 additions and 33 deletions
--- a/docs/macro_conversion_guide
+++ b/docs/macro_conversion_guide
@ -87,7 +87,7 @@ corecmd_exec_shell($1)
 files_read_etc_runtime_files($1)
 mta_append_spool($1)
 ifdef(`TODO',`
-optional_policy(`arpwatch.te',`
+optional_policy(`arpwatch',`
 	# why is mail delivered to a directory of type arpwatch_data_t?
 	allow mta_delivery_agent arpwatch_data_t:dir search;
 ')
@ -105,25 +105,25 @@ allow mta_user_agent privmail:fd use;
 allow mta_user_agent privmail:process sigchld;
 allow mta_user_agent privmail:fifo_file { read write };
 allow mta_user_agent sysadm_t:fifo_file { read write };
-optional_policy(`arpwatch.te',`
+optional_policy(`arpwatch',`
 	# why is mail delivered to a directory of type arpwatch_data_t?
 	allow mta_user_agent arpwatch_tmp_t:file rw_file_perms;
 	ifdef(`hide_broken_symptoms', `
 		dontaudit mta_user_agent arpwatch_t:packet_socket { read write };
 	')
 ')
-optional_policy(`cron.te',`
+optional_policy(`cron',`
 	cron_sigchld($1)
 	cron_read_system_job_tmp_files($1)
 ')
-optional_policy(`logrotate.te',`
+optional_policy(`logrotate',`
 	logrotate_read_tmp_files($1)
 ')

 #
 # nscd_client_domain: complete
 #
-optional_policy(`nscd.te',`
+optional_policy(`nscd',`
 	nscd_use_socket($1)
 ')

@ -135,14 +135,14 @@ domain_wide_inherit_fd($1)
 #
 # privlog: complete
 #
-optional_policy(`logging.te',`
+optional_policy(`logging',`
 	logging_send_syslog_msg($1)
 ')

 #
 # privmail: complete
 #
-optional_policy(`mta.te',`
+optional_policy(`mta',`
 	mta_send_mail($1)
 ')

@ -209,7 +209,7 @@ seutil_read_default_contexts($1)
 #
 # web_client_domain:
 #
-optional_policy(`squid.te',`
+optional_policy(`squid',`
 	squid_use($1)
 ')

@ -386,7 +386,7 @@ selinux_compute_user_contexts($1)
 #
 # can_kerberos(): complete
 #
-optional_policy(`kerberos.te',`
+optional_policy(`kerberos',`
 	kerberos_use($1)
 ')

@ -417,7 +417,7 @@ corenet_udp_sendrecv_all_ports($1)
 corenet_tcp_bind_all_nodes($1)
 corenet_udp_bind_all_nodes($1)
 sysnet_read_config($1)
-optional_policy(`mount.te',`
+optional_policy(`mount',`
 	mount_send_nfs_client_request($1)
 ')

@ -440,7 +440,7 @@ sysnet_read_config($1)
 # (remove _port_t from $2):
 corenet_tcp_sendrecv_$2_port($1)
 corenet_udp_sendrecv_$2_port($1)
-optional_policy(`mount.te',`
+optional_policy(`mount',`
 	mount_send_nfs_client_request($1)
 ')

@ -720,14 +720,14 @@ allow $1 $2:unix_dgram_socket sendto;
 #
 # can_winbind(): complete
 #
-optional_policy(`samba.te',`
+optional_policy(`samba',`
 	samba_connect_winbind($1)
 ')

 #
 # can_ypbind(): complete
 #
-optional_policy(`nis.te',`
+optional_policy(`nis',`
 	nis_use_ypbind($1)
 ')

@ -777,17 +777,12 @@ ifdef(`targeted_policy',`
 	term_dontaudit_use_generic_pty($1_t)
 	files_dontaudit_read_root_file($1_t)
 ')
-optional_policy(`selinuxutil.te',`
+optional_policy(`selinuxutil',`
 	seutil_sigchld_newrole($1_t)
 ')
-optional_policy(`udev.te', `
+optional_policy(`udev',`
 	udev_read_db($1_t)
 ')
-ifdef(`TODO',`
-optional_policy(`rhgb.te',`
-	rhgb_domain($1_t)
-')
-') dnl end TODO

 #
 # daemon_domain():
@ -823,17 +818,12 @@ ifdef(`targeted_policy', `
 	term_dontaudit_use_generic_pty($1_t)
 	files_dontaudit_read_root_file($1_t)
 ')
-optional_policy(`selinuxutil.te',`
+optional_policy(`selinuxutil',`
 	seutil_sigchld_newrole($1_t)
 ')
-optional_policy(`udev.te', `
+optional_policy(`udev',`
 	udev_read_db($1_t)
 ')
-ifdef(`TODO',`
-optional_policy(`rhgb.te',`
-	rhgb_domain($1_t)
-')
-') dnl end TODO

 #
 # daemon_sub_domain():
@ -905,7 +895,7 @@ allow $1 self:msgq create_msgq_perms;
 allow $1 self:msg { send receive };
 fs_search_auto_mountpoints($1)
 userdom_use_unpriv_users_fd($1)
-optional_policy(`nis.te',`
+optional_policy(`nis',`
 	nis_use_ypbind($1)
 ')

@ -945,7 +935,7 @@ ifdef(`targeted_policy',`
 	term_dontaudit_use_generic_pty($1_t)
 	files_dontaudit_read_root_file($1_t)
 ')
-optional_policy(`udev.te',`
+optional_policy(`udev',`
 	udev_read_db($1_t)
 ')

@ -968,7 +958,7 @@ allow $1_t self:tcp_socket connected_stream_socket_perms;
 allow $1_t self:netlink_tcpdiag_socket r_netlink_socket_perms;
 allow $1_t self:capability { setuid setgid };
 files_search_home($1_t)
-optional_policy(`kerberos.te',`
+optional_policy(`kerberos',`
 	kerberos_use($1_t)
 ')
 #end for identd
@ -999,10 +989,10 @@ libs_use_shared_libs($1_t)
 logging_send_syslog_msg($1_t)
 miscfiles_read_localization($1_t)
 sysnet_read_config($1_t)
-optional_policy(`nis.te',`
+optional_policy(`nis',`
 	nis_use_ypbind($1_t)
 ')
-optional_policy(`nscd.te',`
+optional_policy(`nscd',`
 	nscd_use_socket($1_t)
 ')

@ -1136,7 +1126,7 @@ allow $1 $2:lnk_file { getattr read };
 #
 # system_crond_entry():
 #
-optional_policy(`cron.te',`
+optional_policy(`cron',`
 	cron_system_entry($2,$1)
 ')