clean up usercanread

policy/modules/services/cups.te

@@ -1,5 +1,5 @@
 
-policy_module(cups,1.3.12)
+policy_module(cups,1.3.13)
 
 ########################################
 #
@@ -157,8 +157,6 @@ domain_read_all_domains_state(cupsd_t)
 
 fs_getattr_all_fs(cupsd_t)
 fs_search_auto_mountpoints(cupsd_t)
-# from old usercanread attrib:
-fs_read_removable_files(cupsd_t)
 
 term_dontaudit_use_console(cupsd_t)
 term_write_unallocated_ttys(cupsd_t)
@@ -271,12 +269,7 @@ optional_policy(`
 ')
 
 optional_policy(`
-	# from old usercanread attrib:
+	samba_read_config(cupsd_t)
-	rpc_read_nfs_content(cupsd_t)
-	rpc_read_nfs_state_data(cupsd_t)
-')
-
-optional_policy(`
 	samba_rw_var_files(cupsd_t)
 ')
 
@@ -288,21 +281,6 @@ optional_policy(`
 	udev_read_db(cupsd_t)
 ')
 
-optional_policy(`
-	# from old usercanread attrib:
-	usermanage_read_crack_db(cupsd_t)
-')
-
-optional_policy(`
-	# from old usercanread attrib:
-	xserver_read_xkb_libs(cupsd_t)
-')
-
-#FIXME:
-allow cupsd_t usercanread:dir r_dir_perms;
-allow cupsd_t usercanread:file r_file_perms;
-allow cupsd_t usercanread:lnk_file { getattr read };
-
 ########################################
 #
 # Cups configuration daemon local policy