diff --git a/policy/modules/admin/shorewall.if b/policy/modules/admin/shorewall.if index b83f3db1..f1981194 100644 --- a/policy/modules/admin/shorewall.if +++ b/policy/modules/admin/shorewall.if @@ -185,18 +185,18 @@ interface(`shorewall_admin',` role_transition $2 shorewall_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, shorewall_etc_t) - files_search_locks($1) + files_list_locks($1) admin_pattern($1, shorewall_lock_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, shorewall_var_lib_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, shorewall_log_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, shorewall_tmp_t) ') diff --git a/policy/modules/services/abrt.if b/policy/modules/services/abrt.if index 022c0792..8961dba6 100644 --- a/policy/modules/services/abrt.if +++ b/policy/modules/services/abrt.if @@ -326,18 +326,18 @@ interface(`abrt_admin',` role_transition $2 abrt_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, abrt_etc_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, abrt_var_log_t) - files_search_var($1) + files_list_var($1) admin_pattern($1, abrt_var_cache_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, abrt_var_run_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, abrt_tmp_t) ') diff --git a/policy/modules/services/aiccu.if b/policy/modules/services/aiccu.if index 420c8560..d4e161da 100644 --- a/policy/modules/services/aiccu.if +++ b/policy/modules/services/aiccu.if @@ -111,8 +111,8 @@ interface(`aiccu_admin',` allow $2 system_r; admin_pattern($1, aiccu_etc_t) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, aiccu_var_run_t) - files_search_pids($1) + files_list_pids($1) ') diff --git a/policy/modules/services/apache.if b/policy/modules/services/apache.if index 8846b965..859c49fa 100644 --- a/policy/modules/services/apache.if +++ b/policy/modules/services/apache.if @@ -1333,10 +1333,10 @@ interface(`apache_admin',` apache_manage_all_content($1) miscfiles_manage_public_files($1) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, httpd_config_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, httpd_log_t) admin_pattern($1, httpd_modules_t) @@ -1357,6 +1357,7 @@ interface(`apache_admin',` seutil_domtrans_setfiles($1) + files_list_tmp($1) admin_pattern($1, httpd_tmp_t) admin_pattern($1, httpd_php_tmp_t) admin_pattern($1, httpd_suexec_tmp_t) diff --git a/policy/modules/services/bugzilla.if b/policy/modules/services/bugzilla.if index 8280b28d..3964548e 100644 --- a/policy/modules/services/bugzilla.if +++ b/policy/modules/services/bugzilla.if @@ -68,9 +68,9 @@ interface(`bugzilla_admin',` files_list_tmp($1) admin_pattern($1, httpd_bugzilla_tmp_t) - files_search_var_lib(httpd_bugzilla_script_t) + files_list_var_lib(httpd_bugzilla_script_t) - apache_search_sys_content($1) + apache_list_sys_content($1) admin_pattern($1, httpd_bugzilla_script_exec_t) admin_pattern($1, httpd_bugzilla_script_t) admin_pattern($1, httpd_bugzilla_content_t) diff --git a/policy/modules/services/certmonger.if b/policy/modules/services/certmonger.if index c7a8d701..d664be8f 100644 --- a/policy/modules/services/certmonger.if +++ b/policy/modules/services/certmonger.if @@ -166,9 +166,9 @@ interface(`certmonger_admin',` role_transition $2 certmonger_initrc_exec_t system_r; allow $2 system_r; - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, certmonger_var_lib_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, certmonger_var_run_t) ') diff --git a/policy/modules/services/cgroup.if b/policy/modules/services/cgroup.if index 25cad6a5..e5cbcefd 100644 --- a/policy/modules/services/cgroup.if +++ b/policy/modules/services/cgroup.if @@ -182,10 +182,10 @@ interface(`cgroup_admin',` admin_pattern($1, cgconfig_etc_t) admin_pattern($1, cgrules_etc_t) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, cgred_var_run_t) - files_search_pids($1) + files_list_pids($1) cgroup_initrc_domtrans_cgconfig($1) domain_system_change_exemption($1) diff --git a/policy/modules/services/chronyd.if b/policy/modules/services/chronyd.if index 9811f7f4..2ede737e 100644 --- a/policy/modules/services/chronyd.if +++ b/policy/modules/services/chronyd.if @@ -164,16 +164,16 @@ interface(`chronyd_admin',` role_transition $2 chronyd_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, chronyd_keys_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, chronyd_var_log_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, chronyd_var_lib_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, chronyd_var_run_t) admin_pattern($1, chronyd_tmpfs_t) diff --git a/policy/modules/services/cmirrord.if b/policy/modules/services/cmirrord.if index f1bf7b15..756ac919 100644 --- a/policy/modules/services/cmirrord.if +++ b/policy/modules/services/cmirrord.if @@ -108,6 +108,6 @@ interface(`cmirrord_admin',` role_transition $2 cmirrord_initrc_exec_t system_r; allow $2 system_r; - files_search_pids($1) + files_list_pids($1) admin_pattern($1, cmirrord_var_run_t) ') diff --git a/policy/modules/services/cobbler.if b/policy/modules/services/cobbler.if index a4c26fff..e3787fb1 100644 --- a/policy/modules/services/cobbler.if +++ b/policy/modules/services/cobbler.if @@ -192,16 +192,16 @@ interface(`cobblerd_admin',` allow $1 cobblerd_t:process { ptrace signal_perms }; ps_process_pattern($1, cobblerd_t) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, cobbler_etc_t) files_list_var_lib($1) admin_pattern($1, cobbler_var_lib_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, cobbler_var_log_t) - apache_search_sys_content($1) + apache_list_sys_content($1) admin_pattern($1, httpd_cobbler_content_t) admin_pattern($1, httpd_cobbler_content_ra_t) admin_pattern($1, httpd_cobbler_content_rw_t) diff --git a/policy/modules/services/denyhosts.if b/policy/modules/services/denyhosts.if index 7b9da591..9c9e65c3 100644 --- a/policy/modules/services/denyhosts.if +++ b/policy/modules/services/denyhosts.if @@ -75,12 +75,12 @@ interface(`denyhosts_admin',` role_transition $2 denyhosts_initrc_exec_t system_r; allow $2 system_r; - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, denyhosts_var_lib_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, denyhosts_var_log_t) - files_search_locks($1) + files_list_locks($1) admin_pattern($1, denyhosts_var_lock_t) ') diff --git a/policy/modules/services/devicekit.if b/policy/modules/services/devicekit.if index 262885fb..ab2edfc1 100644 --- a/policy/modules/services/devicekit.if +++ b/policy/modules/services/devicekit.if @@ -165,11 +165,11 @@ interface(`devicekit_admin',` ps_process_pattern($1, devicekit_power_t) admin_pattern($1, devicekit_tmp_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, devicekit_var_lib_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, devicekit_var_run_t) - files_search_pids($1) + files_list_pids($1) ') diff --git a/policy/modules/services/exim.if b/policy/modules/services/exim.if index 89502480..464669c1 100644 --- a/policy/modules/services/exim.if +++ b/policy/modules/services/exim.if @@ -243,15 +243,15 @@ interface(`exim_admin',` role_transition $2 exim_initrc_exec_t system_r; allow $2 system_r; - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, exim_log_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, exim_tmp_t) - files_search_spool($1) + files_list_spool($1) admin_pattern($1, exim_spool_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, exim_var_run_t) ') diff --git a/policy/modules/services/hddtemp.if b/policy/modules/services/hddtemp.if index 777b0362..db2d189e 100644 --- a/policy/modules/services/hddtemp.if +++ b/policy/modules/services/hddtemp.if @@ -69,5 +69,5 @@ interface(`hddtemp_admin',` allow $2 system_r; admin_pattern($1, hddtemp_etc_t) - files_search_etc($1) + files_list_etc($1) ') diff --git a/policy/modules/services/kerneloops.if b/policy/modules/services/kerneloops.if index 8fbac8d5..dd328830 100644 --- a/policy/modules/services/kerneloops.if +++ b/policy/modules/services/kerneloops.if @@ -109,6 +109,6 @@ interface(`kerneloops_admin',` role_transition $2 kerneloops_initrc_exec_t system_r; allow $2 system_r; - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, kerneloops_tmp_t) ') diff --git a/policy/modules/services/lircd.if b/policy/modules/services/lircd.if index a2961346..5cfe9500 100644 --- a/policy/modules/services/lircd.if +++ b/policy/modules/services/lircd.if @@ -87,9 +87,9 @@ interface(`lircd_admin',` role_transition $2 lircd_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, lircd_etc_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, lircd_var_run_t) ') diff --git a/policy/modules/services/memcached.if b/policy/modules/services/memcached.if index d3f81b67..5008a6c1 100644 --- a/policy/modules/services/memcached.if +++ b/policy/modules/services/memcached.if @@ -67,6 +67,6 @@ interface(`memcached_admin',` role_transition $2 memcached_initrc_exec_t system_r; allow $2 system_r; - files_search_pids($1) + files_list_pids($1) admin_pattern($1, memcached_var_run_t) ') diff --git a/policy/modules/services/mock.if b/policy/modules/services/mock.if index ab0a29ea..d76fb118 100644 --- a/policy/modules/services/mock.if +++ b/policy/modules/services/mock.if @@ -231,6 +231,6 @@ interface(`mock_admin',` allow $1 mock_t:process { ptrace signal_perms }; ps_process_pattern($1, mock_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, mock_var_lib_t) ') diff --git a/policy/modules/services/mojomojo.if b/policy/modules/services/mojomojo.if index b8bf5622..88e7330f 100644 --- a/policy/modules/services/mojomojo.if +++ b/policy/modules/services/mojomojo.if @@ -30,9 +30,9 @@ interface(`mojomojo_admin',` files_list_tmp($1) admin_pattern($1, httpd_mojomojo_tmp_t) - files_search_var_lib(httpd_mojomojo_script_t) + files_list_var_lib(httpd_mojomojo_script_t) - apache_search_sys_content($1) + apache_list_sys_content($1) admin_pattern($1, httpd_mojomojo_script_exec_t) admin_pattern($1, httpd_mojomojo_script_t) admin_pattern($1, httpd_mojomojo_content_t) diff --git a/policy/modules/services/mpd.if b/policy/modules/services/mpd.if index 62f2179c..733dc776 100644 --- a/policy/modules/services/mpd.if +++ b/policy/modules/services/mpd.if @@ -253,16 +253,16 @@ interface(`mpd_admin',` allow $2 system_r; admin_pattern($1, mpd_etc_t) - files_search_etc($1) + files_list_etc($1) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, mpd_var_lib_t) - mpd_search_lib($1) + mpd_list_lib($1) admin_pattern($1, mpd_data_t) admin_pattern($1, mpd_log_t) - fs_search_tmpfs($1) + fs_list_tmpfs($1) admin_pattern($1, mpd_tmpfs_t) ') diff --git a/policy/modules/services/nslcd.if b/policy/modules/services/nslcd.if index 44c60eaf..be5a5b4f 100644 --- a/policy/modules/services/nslcd.if +++ b/policy/modules/services/nslcd.if @@ -106,9 +106,9 @@ interface(`nslcd_admin',` role_transition $2 nslcd_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, nslcd_conf_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, nslcd_var_run_t, nslcd_var_run_t) ') diff --git a/policy/modules/services/oident.if b/policy/modules/services/oident.if index 8d47116a..b1b5e51e 100644 --- a/policy/modules/services/oident.if +++ b/policy/modules/services/oident.if @@ -97,6 +97,6 @@ interface(`oident_admin',` role_transition $2 oidentd_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, oidentd_config_t) ') diff --git a/policy/modules/services/pads.if b/policy/modules/services/pads.if index 52f47b4a..8235fb6b 100644 --- a/policy/modules/services/pads.if +++ b/policy/modules/services/pads.if @@ -39,9 +39,9 @@ interface(`pads_admin',` role_transition $2 pads_initrc_exec_t system_r; allow $2 system_r; - files_search_pids($1) + files_list_pids($1) admin_pattern($1, pads_var_run_t) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, pads_config_t) ') diff --git a/policy/modules/services/plymouthd.if b/policy/modules/services/plymouthd.if index 90b64479..07dd3ff5 100644 --- a/policy/modules/services/plymouthd.if +++ b/policy/modules/services/plymouthd.if @@ -252,11 +252,11 @@ interface(`plymouthd_admin',` allow $1 plymouthd_t:process { ptrace signal_perms }; ps_process_pattern($1, plymouthd_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, plymouthd_spool_t) admin_pattern($1, plymouthd_var_lib_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, plymouthd_var_run_t) ') diff --git a/policy/modules/services/portreserve.if b/policy/modules/services/portreserve.if index bf9bd055..73850562 100644 --- a/policy/modules/services/portreserve.if +++ b/policy/modules/services/portreserve.if @@ -112,9 +112,9 @@ interface(`portreserve_admin',` role_transition $2 portreserve_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, portreserve_etc_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, portreserve_var_run_t) ') diff --git a/policy/modules/services/postfix.if b/policy/modules/services/postfix.if index 3aaeb312..6d9d382f 100644 --- a/policy/modules/services/postfix.if +++ b/policy/modules/services/postfix.if @@ -723,12 +723,12 @@ interface(`postfix_admin',` files_list_etc($1) admin_pattern($1, postfix_etc_t) - files_search_spool($1) + files_list_spool($1) admin_pattern($1,postfix_spool_type) admin_pattern($1, postfix_var_run_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, postfix_map_tmp_t) admin_pattern($1, postfix_prng_t) diff --git a/policy/modules/services/postgresql.if b/policy/modules/services/postgresql.if index 2c6b7232..fd75d3d2 100644 --- a/policy/modules/services/postgresql.if +++ b/policy/modules/services/postgresql.if @@ -439,13 +439,13 @@ interface(`postgresql_admin',` admin_pattern($1, postgresql_var_run_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, postgresql_db_t) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, postgresql_etc_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, postgresql_log_t) admin_pattern($1, postgresql_tmp_t) diff --git a/policy/modules/services/prelude.if b/policy/modules/services/prelude.if index e4d87971..1bf96b08 100644 --- a/policy/modules/services/prelude.if +++ b/policy/modules/services/prelude.if @@ -135,16 +135,17 @@ interface(`prelude_admin',` role_transition $2 prelude_initrc_exec_t system_r; allow $2 system_r; + files_list_spool($1) admin_pattern($1, prelude_spool_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, prelude_var_lib_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, prelude_var_run_t) admin_pattern($1, prelude_audisp_var_run_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, prelude_lml_tmp_t) admin_pattern($1, prelude_lml_var_run_t) diff --git a/policy/modules/services/psad.if b/policy/modules/services/psad.if index a5ec9f55..96440db9 100644 --- a/policy/modules/services/psad.if +++ b/policy/modules/services/psad.if @@ -265,18 +265,18 @@ interface(`psad_admin',` role_transition $2 psad_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, psad_etc_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, psad_var_run_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, psad_var_log_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, psad_var_lib_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, psad_tmp_t) ') diff --git a/policy/modules/services/rgmanager.if b/policy/modules/services/rgmanager.if index aaf7c852..7ef312ea 100644 --- a/policy/modules/services/rgmanager.if +++ b/policy/modules/services/rgmanager.if @@ -125,14 +125,14 @@ interface(`rgmanager_admin',` role_transition $2 rgmanager_initrc_exec_t system_r; allow $2 system_r; - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, rgmanager_tmp_t) admin_pattern($1, rgmanager_tmpfs_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, rgmanager_var_log_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, rgmanager_var_run_t) ') diff --git a/policy/modules/services/ricci.if b/policy/modules/services/ricci.if index ecc341c8..8a28c318 100644 --- a/policy/modules/services/ricci.if +++ b/policy/modules/services/ricci.if @@ -252,15 +252,15 @@ interface(`ricci_admin',` role_transition $2 ricci_initrc_exec_t system_r; allow $2 system_r; - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, ricci_tmp_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, ricci_var_lib_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, ricci_var_log_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, ricci_var_run_t) ') diff --git a/policy/modules/services/rpcbind.if b/policy/modules/services/rpcbind.if index 5a4d69d2..14173f7e 100644 --- a/policy/modules/services/rpcbind.if +++ b/policy/modules/services/rpcbind.if @@ -145,9 +145,9 @@ interface(`rpcbind_admin',` role_transition $2 rpcbind_initrc_exec_t system_r; allow $2 system_r; - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, rpcbind_var_lib_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, rpcbind_var_run_t) ') diff --git a/policy/modules/services/sendmail.if b/policy/modules/services/sendmail.if index cf9fdcdd..a68be53d 100644 --- a/policy/modules/services/sendmail.if +++ b/policy/modules/services/sendmail.if @@ -344,15 +344,15 @@ interface(`sendmail_admin',` domain_system_change_exemption($1) role_transition $2 sendmail_initrc_exec_t system_r; - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, sendmail_log_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, sendmail_tmp_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, sendmail_var_run_t) - files_search_spool($1) + files_list_spool($1) admin_pattern($1, mail_spool_t) ') diff --git a/policy/modules/services/snort.if b/policy/modules/services/snort.if index 215f4254..88ebedbc 100644 --- a/policy/modules/services/snort.if +++ b/policy/modules/services/snort.if @@ -50,11 +50,11 @@ interface(`snort_admin',` allow $2 system_r; admin_pattern($1, snort_etc_t) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, snort_log_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, snort_var_run_t) - files_search_pids($1) + files_list_pids($1) ') diff --git a/policy/modules/services/tuned.if b/policy/modules/services/tuned.if index 329f1390..752697f6 100644 --- a/policy/modules/services/tuned.if +++ b/policy/modules/services/tuned.if @@ -123,6 +123,6 @@ interface(`tuned_admin',` role_transition $2 tuned_initrc_exec_t system_r; allow $2 system_r; - files_search_pids($1) + files_list_pids($1) admin_pattern($1, tuned_var_run_t) ') diff --git a/policy/modules/services/ulogd.if b/policy/modules/services/ulogd.if index e3c66d8a..fd72fe88 100644 --- a/policy/modules/services/ulogd.if +++ b/policy/modules/services/ulogd.if @@ -131,12 +131,12 @@ interface(`ulogd_admin',` role_transition $2 ulogd_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, ulogd_etc_t) logging_list_logs($1) admin_pattern($1, ulogd_var_log_t) - files_search_usr($1) + files_list_usr($1) admin_pattern($1, ulogd_modules_t) ') diff --git a/policy/modules/services/varnishd.if b/policy/modules/services/varnishd.if index e0f819e9..0f8e2138 100644 --- a/policy/modules/services/varnishd.if +++ b/policy/modules/services/varnishd.if @@ -163,7 +163,7 @@ interface(`varnishd_admin_varnishlog',` role_transition $2 varnishlog_initrc_exec_t system_r; allow $2 system_r; - files_search_pids($1) + files_list_pids($1) admin_pattern($1, varnishlog_var_run_t) logging_list_logs($1) @@ -202,15 +202,15 @@ interface(`varnishd_admin',` role_transition $2 varnishd_initrc_exec_t system_r; allow $2 system_r; - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, varnishd_var_lib_t) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, varnishd_etc_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, varnishd_var_run_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, varnishd_tmp_t) ') diff --git a/policy/modules/services/vnstatd.if b/policy/modules/services/vnstatd.if index 85dba863..6144fb1f 100644 --- a/policy/modules/services/vnstatd.if +++ b/policy/modules/services/vnstatd.if @@ -144,7 +144,7 @@ interface(`vnstatd_admin',` allow $1 vnstatd_t:process { ptrace signal_perms }; ps_process_pattern($1, vnstatd_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, vnstatd_var_lib_t) ') diff --git a/policy/modules/system/kdump.if b/policy/modules/system/kdump.if index 4198ff5f..672d323d 100644 --- a/policy/modules/system/kdump.if +++ b/policy/modules/system/kdump.if @@ -106,6 +106,6 @@ interface(`kdump_admin',` role_transition $2 kdump_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, kdump_etc_t) ')