From 3eea5516f52cc37370cfbfaedaa2255609d5e88a Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Fri, 17 Feb 2006 16:08:14 +0000
Subject: [PATCH] Remove allow_execmem from targeted policy domain_base_type().

---
 refpolicy/Changelog                       | 1 +
 refpolicy/policy/modules/kernel/domain.if | 4 ----
 2 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/refpolicy/Changelog b/refpolicy/Changelog
index b9e316e4..c3fe2dc6 100644
--- a/refpolicy/Changelog
+++ b/refpolicy/Changelog
@@ -1,3 +1,4 @@
+- Remove allow_execmem from targeted policy domain_base_type().
 - Add users_extra and seusers support.
 - Postfix fixes from Serge Hallyn.
 - Run python and shell directly to interpret scripts so policy
diff --git a/refpolicy/policy/modules/kernel/domain.if b/refpolicy/policy/modules/kernel/domain.if
index add7aa3c..510a0dd1 100644
--- a/refpolicy/policy/modules/kernel/domain.if
+++ b/refpolicy/policy/modules/kernel/domain.if
@@ -40,10 +40,6 @@ interface(`domain_base_type',`
 	allow $1 self:process { fork sigchld };
 
 	ifdef(`targeted_policy',`
-		tunable_policy(`allow_execmem',`
-			allow $1 self:process execmem;
-		')
-
 		# FIXME:
 		# hack until role dominance is fixed in
 		# the module compiler