From 61f4064286ac7c45444fc255b13cb75fd139fce6 Mon Sep 17 00:00:00 2001 From: Dominick Grift Date: Mon, 20 Sep 2010 15:36:05 +0200 Subject: [PATCH] Use list instead of search in admin interfaces. Use list instead of search in admin interfaces. Use list instead of search in admin interfaces. Use list instead of search in admin interfaces. Use list instead of search in admin interfaces. --- policy/modules/admin/shorewall.if | 10 +++++----- policy/modules/services/abrt.if | 10 +++++----- policy/modules/services/aiccu.if | 4 ++-- policy/modules/services/apache.if | 5 +++-- policy/modules/services/bugzilla.if | 4 ++-- policy/modules/services/certmonger.if | 4 ++-- policy/modules/services/cgroup.if | 4 ++-- policy/modules/services/chronyd.if | 8 ++++---- policy/modules/services/cmirrord.if | 2 +- policy/modules/services/cobbler.if | 6 +++--- policy/modules/services/denyhosts.if | 6 +++--- policy/modules/services/devicekit.if | 6 +++--- policy/modules/services/exim.if | 8 ++++---- policy/modules/services/hddtemp.if | 2 +- policy/modules/services/kerneloops.if | 2 +- policy/modules/services/lircd.if | 4 ++-- policy/modules/services/memcached.if | 2 +- policy/modules/services/mock.if | 2 +- policy/modules/services/mojomojo.if | 4 ++-- policy/modules/services/mpd.if | 8 ++++---- policy/modules/services/nslcd.if | 4 ++-- policy/modules/services/oident.if | 2 +- policy/modules/services/pads.if | 4 ++-- policy/modules/services/plymouthd.if | 4 ++-- policy/modules/services/portreserve.if | 4 ++-- policy/modules/services/postfix.if | 4 ++-- policy/modules/services/postgresql.if | 6 +++--- policy/modules/services/prelude.if | 7 ++++--- policy/modules/services/psad.if | 10 +++++----- policy/modules/services/rgmanager.if | 6 +++--- policy/modules/services/ricci.if | 8 ++++---- policy/modules/services/rpcbind.if | 4 ++-- policy/modules/services/sendmail.if | 8 ++++---- policy/modules/services/snort.if | 6 +++--- policy/modules/services/tuned.if | 2 +- policy/modules/services/ulogd.if | 4 ++-- policy/modules/services/varnishd.if | 10 +++++----- policy/modules/services/vnstatd.if | 2 +- policy/modules/system/kdump.if | 2 +- 39 files changed, 100 insertions(+), 98 deletions(-) diff --git a/policy/modules/admin/shorewall.if b/policy/modules/admin/shorewall.if index b83f3db1..f1981194 100644 --- a/policy/modules/admin/shorewall.if +++ b/policy/modules/admin/shorewall.if @@ -185,18 +185,18 @@ interface(`shorewall_admin',` role_transition $2 shorewall_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, shorewall_etc_t) - files_search_locks($1) + files_list_locks($1) admin_pattern($1, shorewall_lock_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, shorewall_var_lib_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, shorewall_log_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, shorewall_tmp_t) ') diff --git a/policy/modules/services/abrt.if b/policy/modules/services/abrt.if index 022c0792..8961dba6 100644 --- a/policy/modules/services/abrt.if +++ b/policy/modules/services/abrt.if @@ -326,18 +326,18 @@ interface(`abrt_admin',` role_transition $2 abrt_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, abrt_etc_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, abrt_var_log_t) - files_search_var($1) + files_list_var($1) admin_pattern($1, abrt_var_cache_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, abrt_var_run_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, abrt_tmp_t) ') diff --git a/policy/modules/services/aiccu.if b/policy/modules/services/aiccu.if index 420c8560..d4e161da 100644 --- a/policy/modules/services/aiccu.if +++ b/policy/modules/services/aiccu.if @@ -111,8 +111,8 @@ interface(`aiccu_admin',` allow $2 system_r; admin_pattern($1, aiccu_etc_t) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, aiccu_var_run_t) - files_search_pids($1) + files_list_pids($1) ') diff --git a/policy/modules/services/apache.if b/policy/modules/services/apache.if index 8846b965..859c49fa 100644 --- a/policy/modules/services/apache.if +++ b/policy/modules/services/apache.if @@ -1333,10 +1333,10 @@ interface(`apache_admin',` apache_manage_all_content($1) miscfiles_manage_public_files($1) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, httpd_config_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, httpd_log_t) admin_pattern($1, httpd_modules_t) @@ -1357,6 +1357,7 @@ interface(`apache_admin',` seutil_domtrans_setfiles($1) + files_list_tmp($1) admin_pattern($1, httpd_tmp_t) admin_pattern($1, httpd_php_tmp_t) admin_pattern($1, httpd_suexec_tmp_t) diff --git a/policy/modules/services/bugzilla.if b/policy/modules/services/bugzilla.if index 8280b28d..3964548e 100644 --- a/policy/modules/services/bugzilla.if +++ b/policy/modules/services/bugzilla.if @@ -68,9 +68,9 @@ interface(`bugzilla_admin',` files_list_tmp($1) admin_pattern($1, httpd_bugzilla_tmp_t) - files_search_var_lib(httpd_bugzilla_script_t) + files_list_var_lib(httpd_bugzilla_script_t) - apache_search_sys_content($1) + apache_list_sys_content($1) admin_pattern($1, httpd_bugzilla_script_exec_t) admin_pattern($1, httpd_bugzilla_script_t) admin_pattern($1, httpd_bugzilla_content_t) diff --git a/policy/modules/services/certmonger.if b/policy/modules/services/certmonger.if index c7a8d701..d664be8f 100644 --- a/policy/modules/services/certmonger.if +++ b/policy/modules/services/certmonger.if @@ -166,9 +166,9 @@ interface(`certmonger_admin',` role_transition $2 certmonger_initrc_exec_t system_r; allow $2 system_r; - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, certmonger_var_lib_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, certmonger_var_run_t) ') diff --git a/policy/modules/services/cgroup.if b/policy/modules/services/cgroup.if index 25cad6a5..e5cbcefd 100644 --- a/policy/modules/services/cgroup.if +++ b/policy/modules/services/cgroup.if @@ -182,10 +182,10 @@ interface(`cgroup_admin',` admin_pattern($1, cgconfig_etc_t) admin_pattern($1, cgrules_etc_t) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, cgred_var_run_t) - files_search_pids($1) + files_list_pids($1) cgroup_initrc_domtrans_cgconfig($1) domain_system_change_exemption($1) diff --git a/policy/modules/services/chronyd.if b/policy/modules/services/chronyd.if index 9811f7f4..2ede737e 100644 --- a/policy/modules/services/chronyd.if +++ b/policy/modules/services/chronyd.if @@ -164,16 +164,16 @@ interface(`chronyd_admin',` role_transition $2 chronyd_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, chronyd_keys_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, chronyd_var_log_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, chronyd_var_lib_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, chronyd_var_run_t) admin_pattern($1, chronyd_tmpfs_t) diff --git a/policy/modules/services/cmirrord.if b/policy/modules/services/cmirrord.if index f1bf7b15..756ac919 100644 --- a/policy/modules/services/cmirrord.if +++ b/policy/modules/services/cmirrord.if @@ -108,6 +108,6 @@ interface(`cmirrord_admin',` role_transition $2 cmirrord_initrc_exec_t system_r; allow $2 system_r; - files_search_pids($1) + files_list_pids($1) admin_pattern($1, cmirrord_var_run_t) ') diff --git a/policy/modules/services/cobbler.if b/policy/modules/services/cobbler.if index a4c26fff..e3787fb1 100644 --- a/policy/modules/services/cobbler.if +++ b/policy/modules/services/cobbler.if @@ -192,16 +192,16 @@ interface(`cobblerd_admin',` allow $1 cobblerd_t:process { ptrace signal_perms }; ps_process_pattern($1, cobblerd_t) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, cobbler_etc_t) files_list_var_lib($1) admin_pattern($1, cobbler_var_lib_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, cobbler_var_log_t) - apache_search_sys_content($1) + apache_list_sys_content($1) admin_pattern($1, httpd_cobbler_content_t) admin_pattern($1, httpd_cobbler_content_ra_t) admin_pattern($1, httpd_cobbler_content_rw_t) diff --git a/policy/modules/services/denyhosts.if b/policy/modules/services/denyhosts.if index 7b9da591..9c9e65c3 100644 --- a/policy/modules/services/denyhosts.if +++ b/policy/modules/services/denyhosts.if @@ -75,12 +75,12 @@ interface(`denyhosts_admin',` role_transition $2 denyhosts_initrc_exec_t system_r; allow $2 system_r; - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, denyhosts_var_lib_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, denyhosts_var_log_t) - files_search_locks($1) + files_list_locks($1) admin_pattern($1, denyhosts_var_lock_t) ') diff --git a/policy/modules/services/devicekit.if b/policy/modules/services/devicekit.if index 262885fb..ab2edfc1 100644 --- a/policy/modules/services/devicekit.if +++ b/policy/modules/services/devicekit.if @@ -165,11 +165,11 @@ interface(`devicekit_admin',` ps_process_pattern($1, devicekit_power_t) admin_pattern($1, devicekit_tmp_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, devicekit_var_lib_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, devicekit_var_run_t) - files_search_pids($1) + files_list_pids($1) ') diff --git a/policy/modules/services/exim.if b/policy/modules/services/exim.if index 89502480..464669c1 100644 --- a/policy/modules/services/exim.if +++ b/policy/modules/services/exim.if @@ -243,15 +243,15 @@ interface(`exim_admin',` role_transition $2 exim_initrc_exec_t system_r; allow $2 system_r; - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, exim_log_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, exim_tmp_t) - files_search_spool($1) + files_list_spool($1) admin_pattern($1, exim_spool_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, exim_var_run_t) ') diff --git a/policy/modules/services/hddtemp.if b/policy/modules/services/hddtemp.if index 777b0362..db2d189e 100644 --- a/policy/modules/services/hddtemp.if +++ b/policy/modules/services/hddtemp.if @@ -69,5 +69,5 @@ interface(`hddtemp_admin',` allow $2 system_r; admin_pattern($1, hddtemp_etc_t) - files_search_etc($1) + files_list_etc($1) ') diff --git a/policy/modules/services/kerneloops.if b/policy/modules/services/kerneloops.if index 8fbac8d5..dd328830 100644 --- a/policy/modules/services/kerneloops.if +++ b/policy/modules/services/kerneloops.if @@ -109,6 +109,6 @@ interface(`kerneloops_admin',` role_transition $2 kerneloops_initrc_exec_t system_r; allow $2 system_r; - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, kerneloops_tmp_t) ') diff --git a/policy/modules/services/lircd.if b/policy/modules/services/lircd.if index a2961346..5cfe9500 100644 --- a/policy/modules/services/lircd.if +++ b/policy/modules/services/lircd.if @@ -87,9 +87,9 @@ interface(`lircd_admin',` role_transition $2 lircd_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, lircd_etc_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, lircd_var_run_t) ') diff --git a/policy/modules/services/memcached.if b/policy/modules/services/memcached.if index d3f81b67..5008a6c1 100644 --- a/policy/modules/services/memcached.if +++ b/policy/modules/services/memcached.if @@ -67,6 +67,6 @@ interface(`memcached_admin',` role_transition $2 memcached_initrc_exec_t system_r; allow $2 system_r; - files_search_pids($1) + files_list_pids($1) admin_pattern($1, memcached_var_run_t) ') diff --git a/policy/modules/services/mock.if b/policy/modules/services/mock.if index ab0a29ea..d76fb118 100644 --- a/policy/modules/services/mock.if +++ b/policy/modules/services/mock.if @@ -231,6 +231,6 @@ interface(`mock_admin',` allow $1 mock_t:process { ptrace signal_perms }; ps_process_pattern($1, mock_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, mock_var_lib_t) ') diff --git a/policy/modules/services/mojomojo.if b/policy/modules/services/mojomojo.if index b8bf5622..88e7330f 100644 --- a/policy/modules/services/mojomojo.if +++ b/policy/modules/services/mojomojo.if @@ -30,9 +30,9 @@ interface(`mojomojo_admin',` files_list_tmp($1) admin_pattern($1, httpd_mojomojo_tmp_t) - files_search_var_lib(httpd_mojomojo_script_t) + files_list_var_lib(httpd_mojomojo_script_t) - apache_search_sys_content($1) + apache_list_sys_content($1) admin_pattern($1, httpd_mojomojo_script_exec_t) admin_pattern($1, httpd_mojomojo_script_t) admin_pattern($1, httpd_mojomojo_content_t) diff --git a/policy/modules/services/mpd.if b/policy/modules/services/mpd.if index 62f2179c..733dc776 100644 --- a/policy/modules/services/mpd.if +++ b/policy/modules/services/mpd.if @@ -253,16 +253,16 @@ interface(`mpd_admin',` allow $2 system_r; admin_pattern($1, mpd_etc_t) - files_search_etc($1) + files_list_etc($1) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, mpd_var_lib_t) - mpd_search_lib($1) + mpd_list_lib($1) admin_pattern($1, mpd_data_t) admin_pattern($1, mpd_log_t) - fs_search_tmpfs($1) + fs_list_tmpfs($1) admin_pattern($1, mpd_tmpfs_t) ') diff --git a/policy/modules/services/nslcd.if b/policy/modules/services/nslcd.if index 44c60eaf..be5a5b4f 100644 --- a/policy/modules/services/nslcd.if +++ b/policy/modules/services/nslcd.if @@ -106,9 +106,9 @@ interface(`nslcd_admin',` role_transition $2 nslcd_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, nslcd_conf_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, nslcd_var_run_t, nslcd_var_run_t) ') diff --git a/policy/modules/services/oident.if b/policy/modules/services/oident.if index 8d47116a..b1b5e51e 100644 --- a/policy/modules/services/oident.if +++ b/policy/modules/services/oident.if @@ -97,6 +97,6 @@ interface(`oident_admin',` role_transition $2 oidentd_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, oidentd_config_t) ') diff --git a/policy/modules/services/pads.if b/policy/modules/services/pads.if index 52f47b4a..8235fb6b 100644 --- a/policy/modules/services/pads.if +++ b/policy/modules/services/pads.if @@ -39,9 +39,9 @@ interface(`pads_admin',` role_transition $2 pads_initrc_exec_t system_r; allow $2 system_r; - files_search_pids($1) + files_list_pids($1) admin_pattern($1, pads_var_run_t) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, pads_config_t) ') diff --git a/policy/modules/services/plymouthd.if b/policy/modules/services/plymouthd.if index 90b64479..07dd3ff5 100644 --- a/policy/modules/services/plymouthd.if +++ b/policy/modules/services/plymouthd.if @@ -252,11 +252,11 @@ interface(`plymouthd_admin',` allow $1 plymouthd_t:process { ptrace signal_perms }; ps_process_pattern($1, plymouthd_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, plymouthd_spool_t) admin_pattern($1, plymouthd_var_lib_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, plymouthd_var_run_t) ') diff --git a/policy/modules/services/portreserve.if b/policy/modules/services/portreserve.if index bf9bd055..73850562 100644 --- a/policy/modules/services/portreserve.if +++ b/policy/modules/services/portreserve.if @@ -112,9 +112,9 @@ interface(`portreserve_admin',` role_transition $2 portreserve_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, portreserve_etc_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, portreserve_var_run_t) ') diff --git a/policy/modules/services/postfix.if b/policy/modules/services/postfix.if index 3aaeb312..6d9d382f 100644 --- a/policy/modules/services/postfix.if +++ b/policy/modules/services/postfix.if @@ -723,12 +723,12 @@ interface(`postfix_admin',` files_list_etc($1) admin_pattern($1, postfix_etc_t) - files_search_spool($1) + files_list_spool($1) admin_pattern($1,postfix_spool_type) admin_pattern($1, postfix_var_run_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, postfix_map_tmp_t) admin_pattern($1, postfix_prng_t) diff --git a/policy/modules/services/postgresql.if b/policy/modules/services/postgresql.if index 2c6b7232..fd75d3d2 100644 --- a/policy/modules/services/postgresql.if +++ b/policy/modules/services/postgresql.if @@ -439,13 +439,13 @@ interface(`postgresql_admin',` admin_pattern($1, postgresql_var_run_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, postgresql_db_t) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, postgresql_etc_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, postgresql_log_t) admin_pattern($1, postgresql_tmp_t) diff --git a/policy/modules/services/prelude.if b/policy/modules/services/prelude.if index e4d87971..1bf96b08 100644 --- a/policy/modules/services/prelude.if +++ b/policy/modules/services/prelude.if @@ -135,16 +135,17 @@ interface(`prelude_admin',` role_transition $2 prelude_initrc_exec_t system_r; allow $2 system_r; + files_list_spool($1) admin_pattern($1, prelude_spool_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, prelude_var_lib_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, prelude_var_run_t) admin_pattern($1, prelude_audisp_var_run_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, prelude_lml_tmp_t) admin_pattern($1, prelude_lml_var_run_t) diff --git a/policy/modules/services/psad.if b/policy/modules/services/psad.if index a5ec9f55..96440db9 100644 --- a/policy/modules/services/psad.if +++ b/policy/modules/services/psad.if @@ -265,18 +265,18 @@ interface(`psad_admin',` role_transition $2 psad_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, psad_etc_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, psad_var_run_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, psad_var_log_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, psad_var_lib_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, psad_tmp_t) ') diff --git a/policy/modules/services/rgmanager.if b/policy/modules/services/rgmanager.if index aaf7c852..7ef312ea 100644 --- a/policy/modules/services/rgmanager.if +++ b/policy/modules/services/rgmanager.if @@ -125,14 +125,14 @@ interface(`rgmanager_admin',` role_transition $2 rgmanager_initrc_exec_t system_r; allow $2 system_r; - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, rgmanager_tmp_t) admin_pattern($1, rgmanager_tmpfs_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, rgmanager_var_log_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, rgmanager_var_run_t) ') diff --git a/policy/modules/services/ricci.if b/policy/modules/services/ricci.if index ecc341c8..8a28c318 100644 --- a/policy/modules/services/ricci.if +++ b/policy/modules/services/ricci.if @@ -252,15 +252,15 @@ interface(`ricci_admin',` role_transition $2 ricci_initrc_exec_t system_r; allow $2 system_r; - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, ricci_tmp_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, ricci_var_lib_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, ricci_var_log_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, ricci_var_run_t) ') diff --git a/policy/modules/services/rpcbind.if b/policy/modules/services/rpcbind.if index 5a4d69d2..14173f7e 100644 --- a/policy/modules/services/rpcbind.if +++ b/policy/modules/services/rpcbind.if @@ -145,9 +145,9 @@ interface(`rpcbind_admin',` role_transition $2 rpcbind_initrc_exec_t system_r; allow $2 system_r; - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, rpcbind_var_lib_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, rpcbind_var_run_t) ') diff --git a/policy/modules/services/sendmail.if b/policy/modules/services/sendmail.if index cf9fdcdd..a68be53d 100644 --- a/policy/modules/services/sendmail.if +++ b/policy/modules/services/sendmail.if @@ -344,15 +344,15 @@ interface(`sendmail_admin',` domain_system_change_exemption($1) role_transition $2 sendmail_initrc_exec_t system_r; - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, sendmail_log_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, sendmail_tmp_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, sendmail_var_run_t) - files_search_spool($1) + files_list_spool($1) admin_pattern($1, mail_spool_t) ') diff --git a/policy/modules/services/snort.if b/policy/modules/services/snort.if index 215f4254..88ebedbc 100644 --- a/policy/modules/services/snort.if +++ b/policy/modules/services/snort.if @@ -50,11 +50,11 @@ interface(`snort_admin',` allow $2 system_r; admin_pattern($1, snort_etc_t) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, snort_log_t) - logging_search_logs($1) + logging_list_logs($1) admin_pattern($1, snort_var_run_t) - files_search_pids($1) + files_list_pids($1) ') diff --git a/policy/modules/services/tuned.if b/policy/modules/services/tuned.if index 329f1390..752697f6 100644 --- a/policy/modules/services/tuned.if +++ b/policy/modules/services/tuned.if @@ -123,6 +123,6 @@ interface(`tuned_admin',` role_transition $2 tuned_initrc_exec_t system_r; allow $2 system_r; - files_search_pids($1) + files_list_pids($1) admin_pattern($1, tuned_var_run_t) ') diff --git a/policy/modules/services/ulogd.if b/policy/modules/services/ulogd.if index e3c66d8a..fd72fe88 100644 --- a/policy/modules/services/ulogd.if +++ b/policy/modules/services/ulogd.if @@ -131,12 +131,12 @@ interface(`ulogd_admin',` role_transition $2 ulogd_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, ulogd_etc_t) logging_list_logs($1) admin_pattern($1, ulogd_var_log_t) - files_search_usr($1) + files_list_usr($1) admin_pattern($1, ulogd_modules_t) ') diff --git a/policy/modules/services/varnishd.if b/policy/modules/services/varnishd.if index e0f819e9..0f8e2138 100644 --- a/policy/modules/services/varnishd.if +++ b/policy/modules/services/varnishd.if @@ -163,7 +163,7 @@ interface(`varnishd_admin_varnishlog',` role_transition $2 varnishlog_initrc_exec_t system_r; allow $2 system_r; - files_search_pids($1) + files_list_pids($1) admin_pattern($1, varnishlog_var_run_t) logging_list_logs($1) @@ -202,15 +202,15 @@ interface(`varnishd_admin',` role_transition $2 varnishd_initrc_exec_t system_r; allow $2 system_r; - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, varnishd_var_lib_t) - files_search_etc($1) + files_list_etc($1) admin_pattern($1, varnishd_etc_t) - files_search_pids($1) + files_list_pids($1) admin_pattern($1, varnishd_var_run_t) - files_search_tmp($1) + files_list_tmp($1) admin_pattern($1, varnishd_tmp_t) ') diff --git a/policy/modules/services/vnstatd.if b/policy/modules/services/vnstatd.if index 85dba863..6144fb1f 100644 --- a/policy/modules/services/vnstatd.if +++ b/policy/modules/services/vnstatd.if @@ -144,7 +144,7 @@ interface(`vnstatd_admin',` allow $1 vnstatd_t:process { ptrace signal_perms }; ps_process_pattern($1, vnstatd_t) - files_search_var_lib($1) + files_list_var_lib($1) admin_pattern($1, vnstatd_var_lib_t) ') diff --git a/policy/modules/system/kdump.if b/policy/modules/system/kdump.if index 4198ff5f..672d323d 100644 --- a/policy/modules/system/kdump.if +++ b/policy/modules/system/kdump.if @@ -106,6 +106,6 @@ interface(`kdump_admin',` role_transition $2 kdump_initrc_exec_t system_r; allow $2 system_r; - files_search_etc($1) + files_list_etc($1) admin_pattern($1, kdump_etc_t) ')