rpms/selinux-policy
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Cleanup warnings

Browse Source
This commit is contained in:
Dan Walsh 2010-09-08 10:43:22 -04:00
parent 4432db497b
commit 5dd0c28461
3 changed files with 4 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
policy/modules/apps/nsplugin.if
View File

@ -56,21 +56,15 @@ interface(`nsplugin_manage_rw',`
## by policy writers. ## by policy writers.
## </p> ## </p>
## </desc> ## </desc>
## <param name="userdomain_prefix"> ## <param name="user_role">
## <summary> ## <summary>
## The prefix of the user domain (e.g., user ## The role associated with the user domain.
## is the prefix for user_t).
## </summary> ## </summary>
## </param>
## <param name="user_domain"> ## <param name="user_domain">
## <summary> ## <summary>
## The type of the user domain. ## The type of the user domain.
## </summary> ## </summary>
## </param> ## </param>
## <param name="user_role">
## <summary>
## The role associated with the user domain.
## </summary>
## </param> ## </param>
# #
interface(`nsplugin_role_notrans',` interface(`nsplugin_role_notrans',`

5
policy/modules/apps/sandbox.te
View File

@ -232,7 +232,6 @@ userdom_dontaudit_use_user_terminals(sandbox_x_domain)
userdom_read_user_home_content_symlinks(sandbox_x_domain) userdom_read_user_home_content_symlinks(sandbox_x_domain)
userdom_search_user_home_content(sandbox_x_domain) userdom_search_user_home_content(sandbox_x_domain)
#============= sandbox_x_t ==============
files_search_home(sandbox_x_t) files_search_home(sandbox_x_t)
userdom_use_user_ptys(sandbox_x_t) userdom_use_user_ptys(sandbox_x_t)
@ -286,7 +285,6 @@ dev_read_rand(sandbox_web_type)
dev_write_sound(sandbox_web_type) dev_write_sound(sandbox_web_type)
dev_read_sound(sandbox_web_type) dev_read_sound(sandbox_web_type)
# Browse the web, connect to printer
corenet_all_recvfrom_unlabeled(sandbox_web_type) corenet_all_recvfrom_unlabeled(sandbox_web_type)
corenet_all_recvfrom_netlabel(sandbox_web_type) corenet_all_recvfrom_netlabel(sandbox_web_type)
corenet_tcp_sendrecv_all_if(sandbox_web_type) corenet_tcp_sendrecv_all_if(sandbox_web_type)
@ -316,7 +314,7 @@ corenet_sendrecv_squid_client_packets(sandbox_web_type)
corenet_sendrecv_ftp_client_packets(sandbox_web_type) corenet_sendrecv_ftp_client_packets(sandbox_web_type)
corenet_sendrecv_ipp_client_packets(sandbox_web_type) corenet_sendrecv_ipp_client_packets(sandbox_web_type)
corenet_sendrecv_generic_client_packets(sandbox_web_type) corenet_sendrecv_generic_client_packets(sandbox_web_type)
# Should not need other ports
corenet_dontaudit_tcp_sendrecv_generic_port(sandbox_web_type) corenet_dontaudit_tcp_sendrecv_generic_port(sandbox_web_type)
corenet_dontaudit_tcp_bind_generic_port(sandbox_web_type) corenet_dontaudit_tcp_bind_generic_port(sandbox_web_type)
@ -400,4 +398,3 @@ optional_policy(`
mozilla_dontaudit_rw_user_home_files(sandbox_xserver_t) mozilla_dontaudit_rw_user_home_files(sandbox_xserver_t)
mozilla_dontaudit_rw_user_home_files(sandbox_x_domain) mozilla_dontaudit_rw_user_home_files(sandbox_x_domain)
') ')

2
policy/modules/services/cron.te
View File

@ -678,7 +678,7 @@ list_dirs_pattern(crond_t, user_cron_spool_t, user_cron_spool_t)
rw_dirs_pattern(crond_t, user_cron_spool_t, user_cron_spool_t) rw_dirs_pattern(crond_t, user_cron_spool_t, user_cron_spool_t)
read_files_pattern(crond_t, user_cron_spool_t, user_cron_spool_t) read_files_pattern(crond_t, user_cron_spool_t, user_cron_spool_t)
read_lnk_files_pattern(crond_t, user_cron_spool_t, user_cron_spool_t) read_lnk_files_pattern(crond_t, user_cron_spool_t, user_cron_spool_t)
allow cronjob_t user_cron_spool_t:file create_lnk_perms; allow cronjob_t user_cron_spool_t:file manage_lnk_file_perms;
tunable_policy(`fcron_crond', ` tunable_policy(`fcron_crond', `
allow crond_t user_cron_spool_t:file manage_file_perms; allow crond_t user_cron_spool_t:file manage_file_perms;