diff --git a/policy/modules/admin/amanda.te b/policy/modules/admin/amanda.te index c377e93a..b54c008e 100644 --- a/policy/modules/admin/amanda.te +++ b/policy/modules/admin/amanda.te @@ -1,5 +1,5 @@ -policy_module(amanda, 1.11.0) +policy_module(amanda, 1.11.1) ####################################### # @@ -118,9 +118,9 @@ corecmd_exec_bin(amanda_t) corenet_all_recvfrom_unlabeled(amanda_t) corenet_all_recvfrom_netlabel(amanda_t) -corenet_tcp_sendrecv_all_if(amanda_t) -corenet_udp_sendrecv_all_if(amanda_t) -corenet_raw_sendrecv_all_if(amanda_t) +corenet_tcp_sendrecv_generic_if(amanda_t) +corenet_udp_sendrecv_generic_if(amanda_t) +corenet_raw_sendrecv_generic_if(amanda_t) corenet_tcp_sendrecv_all_nodes(amanda_t) corenet_udp_sendrecv_all_nodes(amanda_t) corenet_raw_sendrecv_all_nodes(amanda_t) @@ -199,8 +199,8 @@ corecmd_exec_bin(amanda_recover_t) corenet_all_recvfrom_unlabeled(amanda_recover_t) corenet_all_recvfrom_netlabel(amanda_recover_t) -corenet_tcp_sendrecv_all_if(amanda_recover_t) -corenet_udp_sendrecv_all_if(amanda_recover_t) +corenet_tcp_sendrecv_generic_if(amanda_recover_t) +corenet_udp_sendrecv_generic_if(amanda_recover_t) corenet_tcp_sendrecv_all_nodes(amanda_recover_t) corenet_udp_sendrecv_all_nodes(amanda_recover_t) corenet_tcp_sendrecv_all_ports(amanda_recover_t) diff --git a/policy/modules/admin/apt.te b/policy/modules/admin/apt.te index c991d975..38134d63 100644 --- a/policy/modules/admin/apt.te +++ b/policy/modules/admin/apt.te @@ -1,5 +1,5 @@ -policy_module(apt, 1.5.0) +policy_module(apt, 1.5.1) ######################################## # @@ -81,8 +81,8 @@ corecmd_exec_shell(apt_t) corenet_all_recvfrom_unlabeled(apt_t) corenet_all_recvfrom_netlabel(apt_t) -corenet_tcp_sendrecv_all_if(apt_t) -corenet_udp_sendrecv_all_if(apt_t) +corenet_tcp_sendrecv_generic_if(apt_t) +corenet_udp_sendrecv_generic_if(apt_t) corenet_tcp_sendrecv_all_nodes(apt_t) corenet_udp_sendrecv_all_nodes(apt_t) corenet_tcp_sendrecv_all_ports(apt_t) diff --git a/policy/modules/admin/dpkg.te b/policy/modules/admin/dpkg.te index 6652d002..9e7fa1d1 100644 --- a/policy/modules/admin/dpkg.te +++ b/policy/modules/admin/dpkg.te @@ -1,5 +1,5 @@ -policy_module(dpkg, 1.6.0) +policy_module(dpkg, 1.6.1) ######################################## # @@ -92,9 +92,9 @@ corecmd_exec_all_executables(dpkg_t) # TODO: do we really need all networking? corenet_all_recvfrom_unlabeled(dpkg_t) corenet_all_recvfrom_netlabel(dpkg_t) -corenet_tcp_sendrecv_all_if(dpkg_t) -corenet_raw_sendrecv_all_if(dpkg_t) -corenet_udp_sendrecv_all_if(dpkg_t) +corenet_tcp_sendrecv_generic_if(dpkg_t) +corenet_raw_sendrecv_generic_if(dpkg_t) +corenet_udp_sendrecv_generic_if(dpkg_t) corenet_tcp_sendrecv_all_nodes(dpkg_t) corenet_raw_sendrecv_all_nodes(dpkg_t) corenet_udp_sendrecv_all_nodes(dpkg_t) diff --git a/policy/modules/admin/firstboot.te b/policy/modules/admin/firstboot.te index 93cf4020..1c317475 100644 --- a/policy/modules/admin/firstboot.te +++ b/policy/modules/admin/firstboot.te @@ -1,5 +1,5 @@ -policy_module(firstboot, 1.9.0) +policy_module(firstboot, 1.9.1) gen_require(` class passwd rootok; @@ -39,7 +39,7 @@ kernel_read_kernel_sysctls(firstboot_t) corenet_all_recvfrom_unlabeled(firstboot_t) corenet_all_recvfrom_netlabel(firstboot_t) -corenet_tcp_sendrecv_all_if(firstboot_t) +corenet_tcp_sendrecv_generic_if(firstboot_t) corenet_tcp_sendrecv_all_nodes(firstboot_t) corenet_tcp_sendrecv_all_ports(firstboot_t) diff --git a/policy/modules/admin/netutils.te b/policy/modules/admin/netutils.te index 6b4794fd..216af757 100644 --- a/policy/modules/admin/netutils.te +++ b/policy/modules/admin/netutils.te @@ -1,5 +1,5 @@ -policy_module(netutils, 1.8.0) +policy_module(netutils, 1.8.1) ######################################## # @@ -54,9 +54,9 @@ kernel_read_sysctl(netutils_t) corenet_all_recvfrom_unlabeled(netutils_t) corenet_all_recvfrom_netlabel(netutils_t) -corenet_tcp_sendrecv_all_if(netutils_t) -corenet_raw_sendrecv_all_if(netutils_t) -corenet_udp_sendrecv_all_if(netutils_t) +corenet_tcp_sendrecv_generic_if(netutils_t) +corenet_raw_sendrecv_generic_if(netutils_t) +corenet_udp_sendrecv_generic_if(netutils_t) corenet_tcp_sendrecv_all_nodes(netutils_t) corenet_raw_sendrecv_all_nodes(netutils_t) corenet_udp_sendrecv_all_nodes(netutils_t) @@ -114,8 +114,8 @@ allow ping_t self:netlink_route_socket create_netlink_socket_perms; corenet_all_recvfrom_unlabeled(ping_t) corenet_all_recvfrom_netlabel(ping_t) -corenet_tcp_sendrecv_all_if(ping_t) -corenet_raw_sendrecv_all_if(ping_t) +corenet_tcp_sendrecv_generic_if(ping_t) +corenet_raw_sendrecv_generic_if(ping_t) corenet_raw_sendrecv_all_nodes(ping_t) corenet_raw_bind_all_nodes(ping_t) corenet_tcp_sendrecv_all_nodes(ping_t) @@ -168,9 +168,9 @@ kernel_read_network_state(traceroute_t) corenet_all_recvfrom_unlabeled(traceroute_t) corenet_all_recvfrom_netlabel(traceroute_t) -corenet_tcp_sendrecv_all_if(traceroute_t) -corenet_udp_sendrecv_all_if(traceroute_t) -corenet_raw_sendrecv_all_if(traceroute_t) +corenet_tcp_sendrecv_generic_if(traceroute_t) +corenet_udp_sendrecv_generic_if(traceroute_t) +corenet_raw_sendrecv_generic_if(traceroute_t) corenet_tcp_sendrecv_all_nodes(traceroute_t) corenet_udp_sendrecv_all_nodes(traceroute_t) corenet_raw_sendrecv_all_nodes(traceroute_t) diff --git a/policy/modules/admin/rpm.te b/policy/modules/admin/rpm.te index a94176c1..388b0d99 100644 --- a/policy/modules/admin/rpm.te +++ b/policy/modules/admin/rpm.te @@ -1,5 +1,5 @@ -policy_module(rpm, 1.9.0) +policy_module(rpm, 1.9.1) ######################################## # @@ -94,9 +94,9 @@ corecmd_exec_all_executables(rpm_t) corenet_all_recvfrom_unlabeled(rpm_t) corenet_all_recvfrom_netlabel(rpm_t) -corenet_tcp_sendrecv_all_if(rpm_t) -corenet_raw_sendrecv_all_if(rpm_t) -corenet_udp_sendrecv_all_if(rpm_t) +corenet_tcp_sendrecv_generic_if(rpm_t) +corenet_raw_sendrecv_generic_if(rpm_t) +corenet_udp_sendrecv_generic_if(rpm_t) corenet_tcp_sendrecv_all_nodes(rpm_t) corenet_raw_sendrecv_all_nodes(rpm_t) corenet_udp_sendrecv_all_nodes(rpm_t) diff --git a/policy/modules/admin/vpn.te b/policy/modules/admin/vpn.te index 817a1f95..8b40f888 100644 --- a/policy/modules/admin/vpn.te +++ b/policy/modules/admin/vpn.te @@ -1,5 +1,5 @@ -policy_module(vpn, 1.10.0) +policy_module(vpn, 1.10.1) ######################################## # @@ -49,9 +49,9 @@ kernel_rw_net_sysctls(vpnc_t) corenet_all_recvfrom_unlabeled(vpnc_t) corenet_all_recvfrom_netlabel(vpnc_t) -corenet_tcp_sendrecv_all_if(vpnc_t) -corenet_udp_sendrecv_all_if(vpnc_t) -corenet_raw_sendrecv_all_if(vpnc_t) +corenet_tcp_sendrecv_generic_if(vpnc_t) +corenet_udp_sendrecv_generic_if(vpnc_t) +corenet_raw_sendrecv_generic_if(vpnc_t) corenet_tcp_sendrecv_all_nodes(vpnc_t) corenet_udp_sendrecv_all_nodes(vpnc_t) corenet_raw_sendrecv_all_nodes(vpnc_t) diff --git a/policy/modules/apps/gpg.te b/policy/modules/apps/gpg.te index 061b94c5..297f4c04 100644 --- a/policy/modules/apps/gpg.te +++ b/policy/modules/apps/gpg.te @@ -1,5 +1,5 @@ -policy_module(gpg, 2.0.0) +policy_module(gpg, 2.0.1) ######################################## # @@ -75,8 +75,8 @@ userdom_user_home_dir_filetrans(gpg_t, gpg_secret_t, dir) corenet_all_recvfrom_unlabeled(gpg_t) corenet_all_recvfrom_netlabel(gpg_t) -corenet_tcp_sendrecv_all_if(gpg_t) -corenet_udp_sendrecv_all_if(gpg_t) +corenet_tcp_sendrecv_generic_if(gpg_t) +corenet_udp_sendrecv_generic_if(gpg_t) corenet_tcp_sendrecv_all_nodes(gpg_t) corenet_udp_sendrecv_all_nodes(gpg_t) corenet_tcp_sendrecv_all_ports(gpg_t) @@ -124,9 +124,9 @@ dontaudit gpg_helper_t gpg_secret_t:file read; corenet_all_recvfrom_unlabeled(gpg_helper_t) corenet_all_recvfrom_netlabel(gpg_helper_t) -corenet_tcp_sendrecv_all_if(gpg_helper_t) -corenet_raw_sendrecv_all_if(gpg_helper_t) -corenet_udp_sendrecv_all_if(gpg_helper_t) +corenet_tcp_sendrecv_generic_if(gpg_helper_t) +corenet_raw_sendrecv_generic_if(gpg_helper_t) +corenet_udp_sendrecv_generic_if(gpg_helper_t) corenet_tcp_sendrecv_all_nodes(gpg_helper_t) corenet_udp_sendrecv_all_nodes(gpg_helper_t) corenet_raw_sendrecv_all_nodes(gpg_helper_t) diff --git a/policy/modules/apps/qemu.if b/policy/modules/apps/qemu.if index c010a01a..58eda0b3 100644 --- a/policy/modules/apps/qemu.if +++ b/policy/modules/apps/qemu.if @@ -158,7 +158,7 @@ template(`qemu_domain_template',` corenet_all_recvfrom_unlabeled($1_t) corenet_all_recvfrom_netlabel($1_t) - corenet_tcp_sendrecv_all_if($1_t) + corenet_tcp_sendrecv_generic_if($1_t) corenet_tcp_sendrecv_all_nodes($1_t) corenet_tcp_sendrecv_all_ports($1_t) corenet_tcp_bind_all_nodes($1_t) diff --git a/policy/modules/apps/qemu.te b/policy/modules/apps/qemu.te index 932fdb69..3c0e2681 100644 --- a/policy/modules/apps/qemu.te +++ b/policy/modules/apps/qemu.te @@ -1,5 +1,5 @@ -policy_module(qemu, 1.1.0) +policy_module(qemu, 1.1.1) ######################################## # diff --git a/policy/modules/apps/webalizer.te b/policy/modules/apps/webalizer.te index adeb59d1..059d9568 100644 --- a/policy/modules/apps/webalizer.te +++ b/policy/modules/apps/webalizer.te @@ -1,5 +1,5 @@ -policy_module(webalizer, 1.8.0) +policy_module(webalizer, 1.8.1) ######################################## # @@ -62,7 +62,7 @@ kernel_read_system_state(webalizer_t) corenet_all_recvfrom_unlabeled(webalizer_t) corenet_all_recvfrom_netlabel(webalizer_t) -corenet_tcp_sendrecv_all_if(webalizer_t) +corenet_tcp_sendrecv_generic_if(webalizer_t) corenet_tcp_sendrecv_all_nodes(webalizer_t) corenet_tcp_sendrecv_all_ports(webalizer_t) diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te index 76310dbe..df65cdab 100644 --- a/policy/modules/kernel/kernel.te +++ b/policy/modules/kernel/kernel.te @@ -1,5 +1,5 @@ -policy_module(kernel, 1.10.0) +policy_module(kernel, 1.10.1) ######################################## # @@ -311,7 +311,7 @@ optional_policy(` # nfs kernel server needs kernel UDP access. It is less risky and painful # to just give it everything. - corenet_udp_sendrecv_all_if(kernel_t) + corenet_udp_sendrecv_generic_if(kernel_t) corenet_udp_sendrecv_all_nodes(kernel_t) corenet_udp_sendrecv_all_ports(kernel_t) corenet_udp_bind_all_nodes(kernel_t) diff --git a/policy/modules/services/amavis.te b/policy/modules/services/amavis.te index 42290f31..11eb7cd4 100644 --- a/policy/modules/services/amavis.te +++ b/policy/modules/services/amavis.te @@ -1,5 +1,5 @@ -policy_module(amavis, 1.9.0) +policy_module(amavis, 1.9.1) ######################################## # @@ -108,7 +108,7 @@ corecmd_exec_bin(amavis_t) corenet_all_recvfrom_unlabeled(amavis_t) corenet_all_recvfrom_netlabel(amavis_t) -corenet_tcp_sendrecv_all_if(amavis_t) +corenet_tcp_sendrecv_generic_if(amavis_t) corenet_tcp_sendrecv_all_nodes(amavis_t) corenet_tcp_bind_all_nodes(amavis_t) corenet_udp_bind_all_nodes(amavis_t) diff --git a/policy/modules/services/apache.if b/policy/modules/services/apache.if index bae17ed1..24a788e5 100644 --- a/policy/modules/services/apache.if +++ b/policy/modules/services/apache.if @@ -181,8 +181,8 @@ template(`apache_content_template',` corenet_all_recvfrom_unlabeled(httpd_$1_script_t) corenet_all_recvfrom_netlabel(httpd_$1_script_t) - corenet_tcp_sendrecv_all_if(httpd_$1_script_t) - corenet_udp_sendrecv_all_if(httpd_$1_script_t) + corenet_tcp_sendrecv_generic_if(httpd_$1_script_t) + corenet_udp_sendrecv_generic_if(httpd_$1_script_t) corenet_tcp_sendrecv_all_nodes(httpd_$1_script_t) corenet_udp_sendrecv_all_nodes(httpd_$1_script_t) corenet_tcp_sendrecv_all_ports(httpd_$1_script_t) @@ -197,8 +197,8 @@ template(`apache_content_template',` corenet_all_recvfrom_unlabeled(httpd_$1_script_t) corenet_all_recvfrom_netlabel(httpd_$1_script_t) - corenet_tcp_sendrecv_all_if(httpd_$1_script_t) - corenet_udp_sendrecv_all_if(httpd_$1_script_t) + corenet_tcp_sendrecv_generic_if(httpd_$1_script_t) + corenet_udp_sendrecv_generic_if(httpd_$1_script_t) corenet_tcp_sendrecv_all_nodes(httpd_$1_script_t) corenet_udp_sendrecv_all_nodes(httpd_$1_script_t) corenet_tcp_sendrecv_all_ports(httpd_$1_script_t) diff --git a/policy/modules/services/apache.te b/policy/modules/services/apache.te index 2afa17f8..9aaf1348 100644 --- a/policy/modules/services/apache.te +++ b/policy/modules/services/apache.te @@ -1,5 +1,5 @@ -policy_module(apache, 2.0.0) +policy_module(apache, 2.0.1) # # NOTES: @@ -315,8 +315,8 @@ kernel_read_system_state(httpd_t) corenet_all_recvfrom_unlabeled(httpd_t) corenet_all_recvfrom_netlabel(httpd_t) -corenet_tcp_sendrecv_all_if(httpd_t) -corenet_udp_sendrecv_all_if(httpd_t) +corenet_tcp_sendrecv_generic_if(httpd_t) +corenet_udp_sendrecv_generic_if(httpd_t) corenet_tcp_sendrecv_all_nodes(httpd_t) corenet_udp_sendrecv_all_nodes(httpd_t) corenet_tcp_sendrecv_all_ports(httpd_t) @@ -631,8 +631,8 @@ tunable_policy(`httpd_can_network_connect',` corenet_all_recvfrom_unlabeled(httpd_suexec_t) corenet_all_recvfrom_netlabel(httpd_suexec_t) - corenet_tcp_sendrecv_all_if(httpd_suexec_t) - corenet_udp_sendrecv_all_if(httpd_suexec_t) + corenet_tcp_sendrecv_generic_if(httpd_suexec_t) + corenet_udp_sendrecv_generic_if(httpd_suexec_t) corenet_tcp_sendrecv_all_nodes(httpd_suexec_t) corenet_udp_sendrecv_all_nodes(httpd_suexec_t) corenet_tcp_sendrecv_all_ports(httpd_suexec_t) diff --git a/policy/modules/services/apcupsd.te b/policy/modules/services/apcupsd.te index 3af79641..4039c965 100644 --- a/policy/modules/services/apcupsd.te +++ b/policy/modules/services/apcupsd.te @@ -1,5 +1,5 @@ -policy_module(apcupsd, 1.5.0) +policy_module(apcupsd, 1.5.1) ######################################## # @@ -112,11 +112,11 @@ optional_policy(` corenet_all_recvfrom_unlabeled(httpd_apcupsd_cgi_script_t) corenet_all_recvfrom_netlabel(httpd_apcupsd_cgi_script_t) - corenet_tcp_sendrecv_all_if(httpd_apcupsd_cgi_script_t) + corenet_tcp_sendrecv_generic_if(httpd_apcupsd_cgi_script_t) corenet_tcp_sendrecv_all_nodes(httpd_apcupsd_cgi_script_t) corenet_tcp_sendrecv_all_ports(httpd_apcupsd_cgi_script_t) corenet_tcp_connect_apcupsd_port(httpd_apcupsd_cgi_script_t) - corenet_udp_sendrecv_all_if(httpd_apcupsd_cgi_script_t) + corenet_udp_sendrecv_generic_if(httpd_apcupsd_cgi_script_t) corenet_udp_sendrecv_all_nodes(httpd_apcupsd_cgi_script_t) corenet_udp_sendrecv_all_ports(httpd_apcupsd_cgi_script_t) diff --git a/policy/modules/services/arpwatch.te b/policy/modules/services/arpwatch.te index b0a2a3b5..2fbd52e8 100644 --- a/policy/modules/services/arpwatch.te +++ b/policy/modules/services/arpwatch.te @@ -1,5 +1,5 @@ -policy_module(arpwatch, 1.7.0) +policy_module(arpwatch, 1.7.1) ######################################## # @@ -52,9 +52,9 @@ kernel_read_proc_symlinks(arpwatch_t) corenet_all_recvfrom_unlabeled(arpwatch_t) corenet_all_recvfrom_netlabel(arpwatch_t) -corenet_tcp_sendrecv_all_if(arpwatch_t) -corenet_udp_sendrecv_all_if(arpwatch_t) -corenet_raw_sendrecv_all_if(arpwatch_t) +corenet_tcp_sendrecv_generic_if(arpwatch_t) +corenet_udp_sendrecv_generic_if(arpwatch_t) +corenet_raw_sendrecv_generic_if(arpwatch_t) corenet_tcp_sendrecv_all_nodes(arpwatch_t) corenet_udp_sendrecv_all_nodes(arpwatch_t) corenet_raw_sendrecv_all_nodes(arpwatch_t) diff --git a/policy/modules/services/avahi.te b/policy/modules/services/avahi.te index 6d64cbc4..3e339e4a 100644 --- a/policy/modules/services/avahi.te +++ b/policy/modules/services/avahi.te @@ -1,5 +1,5 @@ -policy_module(avahi, 1.10.0) +policy_module(avahi, 1.10.1) ######################################## # @@ -49,8 +49,8 @@ kernel_read_network_state(avahi_t) corenet_all_recvfrom_unlabeled(avahi_t) corenet_all_recvfrom_netlabel(avahi_t) -corenet_tcp_sendrecv_all_if(avahi_t) -corenet_udp_sendrecv_all_if(avahi_t) +corenet_tcp_sendrecv_generic_if(avahi_t) +corenet_udp_sendrecv_generic_if(avahi_t) corenet_tcp_sendrecv_all_nodes(avahi_t) corenet_udp_sendrecv_all_nodes(avahi_t) corenet_tcp_sendrecv_all_ports(avahi_t) diff --git a/policy/modules/services/bind.te b/policy/modules/services/bind.te index f4d7e912..28bf9ded 100644 --- a/policy/modules/services/bind.te +++ b/policy/modules/services/bind.te @@ -1,5 +1,5 @@ -policy_module(bind, 1.9.0) +policy_module(bind, 1.9.1) ######################################## # @@ -107,8 +107,8 @@ corecmd_search_bin(named_t) corenet_all_recvfrom_unlabeled(named_t) corenet_all_recvfrom_netlabel(named_t) -corenet_tcp_sendrecv_all_if(named_t) -corenet_udp_sendrecv_all_if(named_t) +corenet_tcp_sendrecv_generic_if(named_t) +corenet_udp_sendrecv_generic_if(named_t) corenet_tcp_sendrecv_all_nodes(named_t) corenet_udp_sendrecv_all_nodes(named_t) corenet_tcp_sendrecv_all_ports(named_t) @@ -216,7 +216,7 @@ kernel_read_kernel_sysctls(ndc_t) corenet_all_recvfrom_unlabeled(ndc_t) corenet_all_recvfrom_netlabel(ndc_t) -corenet_tcp_sendrecv_all_if(ndc_t) +corenet_tcp_sendrecv_generic_if(ndc_t) corenet_tcp_sendrecv_all_nodes(ndc_t) corenet_tcp_sendrecv_all_ports(ndc_t) corenet_tcp_bind_all_nodes(ndc_t) diff --git a/policy/modules/services/bluetooth.te b/policy/modules/services/bluetooth.te index 9ed302ee..ce3ca2a9 100644 --- a/policy/modules/services/bluetooth.te +++ b/policy/modules/services/bluetooth.te @@ -1,5 +1,5 @@ -policy_module(bluetooth, 3.1.0) +policy_module(bluetooth, 3.1.1) ######################################## # @@ -96,9 +96,9 @@ kernel_read_system_state(bluetooth_t) corenet_all_recvfrom_unlabeled(bluetooth_t) corenet_all_recvfrom_netlabel(bluetooth_t) -corenet_tcp_sendrecv_all_if(bluetooth_t) -corenet_udp_sendrecv_all_if(bluetooth_t) -corenet_raw_sendrecv_all_if(bluetooth_t) +corenet_tcp_sendrecv_generic_if(bluetooth_t) +corenet_udp_sendrecv_generic_if(bluetooth_t) +corenet_raw_sendrecv_generic_if(bluetooth_t) corenet_tcp_sendrecv_all_nodes(bluetooth_t) corenet_udp_sendrecv_all_nodes(bluetooth_t) corenet_raw_sendrecv_all_nodes(bluetooth_t) diff --git a/policy/modules/services/canna.te b/policy/modules/services/canna.te index 6414f2df..93491252 100644 --- a/policy/modules/services/canna.te +++ b/policy/modules/services/canna.te @@ -1,5 +1,5 @@ -policy_module(canna, 1.9.0) +policy_module(canna, 1.9.1) ######################################## # @@ -52,7 +52,7 @@ kernel_read_system_state(canna_t) corenet_all_recvfrom_unlabeled(canna_t) corenet_all_recvfrom_netlabel(canna_t) -corenet_tcp_sendrecv_all_if(canna_t) +corenet_tcp_sendrecv_generic_if(canna_t) corenet_tcp_sendrecv_all_nodes(canna_t) corenet_tcp_sendrecv_all_ports(canna_t) corenet_tcp_connect_all_ports(canna_t) diff --git a/policy/modules/services/ccs.te b/policy/modules/services/ccs.te index 05495b70..28090781 100644 --- a/policy/modules/services/ccs.te +++ b/policy/modules/services/ccs.te @@ -1,5 +1,5 @@ -policy_module(ccs, 1.3.0) +policy_module(ccs, 1.3.1) ######################################## # @@ -79,8 +79,8 @@ corecmd_exec_bin(ccs_t) corenet_all_recvfrom_unlabeled(ccs_t) corenet_all_recvfrom_netlabel(ccs_t) -corenet_tcp_sendrecv_all_if(ccs_t) -corenet_udp_sendrecv_all_if(ccs_t) +corenet_tcp_sendrecv_generic_if(ccs_t) +corenet_udp_sendrecv_generic_if(ccs_t) corenet_tcp_sendrecv_all_nodes(ccs_t) corenet_udp_sendrecv_all_nodes(ccs_t) corenet_tcp_sendrecv_all_ports(ccs_t) diff --git a/policy/modules/services/clamav.te b/policy/modules/services/clamav.te index f611ddf0..5557c40e 100644 --- a/policy/modules/services/clamav.te +++ b/policy/modules/services/clamav.te @@ -1,5 +1,5 @@ -policy_module(clamav, 1.6.0) +policy_module(clamav, 1.6.1) ######################################## # @@ -90,7 +90,7 @@ kernel_read_kernel_sysctls(clamd_t) corenet_all_recvfrom_unlabeled(clamd_t) corenet_all_recvfrom_netlabel(clamd_t) -corenet_tcp_sendrecv_all_if(clamd_t) +corenet_tcp_sendrecv_generic_if(clamd_t) corenet_tcp_sendrecv_all_nodes(clamd_t) corenet_tcp_sendrecv_all_ports(clamd_t) corenet_tcp_sendrecv_clamd_port(clamd_t) @@ -157,7 +157,7 @@ logging_log_filetrans(freshclam_t, freshclam_var_log_t, file) corenet_all_recvfrom_unlabeled(freshclam_t) corenet_all_recvfrom_netlabel(freshclam_t) -corenet_tcp_sendrecv_all_if(freshclam_t) +corenet_tcp_sendrecv_generic_if(freshclam_t) corenet_tcp_sendrecv_all_nodes(freshclam_t) corenet_tcp_sendrecv_all_ports(freshclam_t) corenet_tcp_sendrecv_clamd_port(freshclam_t) diff --git a/policy/modules/services/comsat.te b/policy/modules/services/comsat.te index abaa3f41..fd1c0373 100644 --- a/policy/modules/services/comsat.te +++ b/policy/modules/services/comsat.te @@ -1,5 +1,5 @@ -policy_module(comsat, 1.6.0) +policy_module(comsat, 1.6.1) ######################################## # @@ -42,8 +42,8 @@ kernel_read_system_state(comsat_t) corenet_all_recvfrom_unlabeled(comsat_t) corenet_all_recvfrom_netlabel(comsat_t) -corenet_tcp_sendrecv_all_if(comsat_t) -corenet_udp_sendrecv_all_if(comsat_t) +corenet_tcp_sendrecv_generic_if(comsat_t) +corenet_udp_sendrecv_generic_if(comsat_t) corenet_tcp_sendrecv_all_nodes(comsat_t) corenet_udp_sendrecv_all_nodes(comsat_t) corenet_udp_sendrecv_all_ports(comsat_t) diff --git a/policy/modules/services/cron.te b/policy/modules/services/cron.te index a63ee63a..b48768cb 100644 --- a/policy/modules/services/cron.te +++ b/policy/modules/services/cron.te @@ -1,5 +1,5 @@ -policy_module(cron, 2.0.0) +policy_module(cron, 2.0.1) gen_require(` class passwd rootok; @@ -329,8 +329,8 @@ corecmd_exec_all_executables(system_cronjob_t) corenet_all_recvfrom_unlabeled(system_cronjob_t) corenet_all_recvfrom_netlabel(system_cronjob_t) -corenet_tcp_sendrecv_all_if(system_cronjob_t) -corenet_udp_sendrecv_all_if(system_cronjob_t) +corenet_tcp_sendrecv_generic_if(system_cronjob_t) +corenet_udp_sendrecv_generic_if(system_cronjob_t) corenet_tcp_sendrecv_all_nodes(system_cronjob_t) corenet_udp_sendrecv_all_nodes(system_cronjob_t) corenet_tcp_sendrecv_all_ports(system_cronjob_t) @@ -520,8 +520,8 @@ files_dontaudit_search_boot(cronjob_t) corenet_all_recvfrom_unlabeled(cronjob_t) corenet_all_recvfrom_netlabel(cronjob_t) -corenet_tcp_sendrecv_all_if(cronjob_t) -corenet_udp_sendrecv_all_if(cronjob_t) +corenet_tcp_sendrecv_generic_if(cronjob_t) +corenet_udp_sendrecv_generic_if(cronjob_t) corenet_tcp_sendrecv_all_nodes(cronjob_t) corenet_udp_sendrecv_all_nodes(cronjob_t) corenet_tcp_sendrecv_all_ports(cronjob_t) diff --git a/policy/modules/services/cups.te b/policy/modules/services/cups.te index 7b2bab10..e12d217b 100644 --- a/policy/modules/services/cups.te +++ b/policy/modules/services/cups.te @@ -1,5 +1,5 @@ -policy_module(cups, 1.12.0) +policy_module(cups, 1.12.1) ######################################## # @@ -134,9 +134,9 @@ kernel_read_all_sysctls(cupsd_t) corenet_all_recvfrom_unlabeled(cupsd_t) corenet_all_recvfrom_netlabel(cupsd_t) -corenet_tcp_sendrecv_all_if(cupsd_t) -corenet_udp_sendrecv_all_if(cupsd_t) -corenet_raw_sendrecv_all_if(cupsd_t) +corenet_tcp_sendrecv_generic_if(cupsd_t) +corenet_udp_sendrecv_generic_if(cupsd_t) +corenet_raw_sendrecv_generic_if(cupsd_t) corenet_tcp_sendrecv_all_nodes(cupsd_t) corenet_udp_sendrecv_all_nodes(cupsd_t) corenet_raw_sendrecv_all_nodes(cupsd_t) @@ -315,7 +315,7 @@ kernel_read_kernel_sysctls(cupsd_config_t) corenet_all_recvfrom_unlabeled(cupsd_config_t) corenet_all_recvfrom_netlabel(cupsd_config_t) -corenet_tcp_sendrecv_all_if(cupsd_config_t) +corenet_tcp_sendrecv_generic_if(cupsd_config_t) corenet_tcp_sendrecv_all_nodes(cupsd_config_t) corenet_tcp_sendrecv_all_ports(cupsd_config_t) corenet_tcp_connect_all_ports(cupsd_config_t) @@ -445,8 +445,8 @@ kernel_read_network_state(cupsd_lpd_t) corenet_all_recvfrom_unlabeled(cupsd_lpd_t) corenet_all_recvfrom_netlabel(cupsd_lpd_t) -corenet_tcp_sendrecv_all_if(cupsd_lpd_t) -corenet_udp_sendrecv_all_if(cupsd_lpd_t) +corenet_tcp_sendrecv_generic_if(cupsd_lpd_t) +corenet_udp_sendrecv_generic_if(cupsd_lpd_t) corenet_tcp_sendrecv_all_nodes(cupsd_lpd_t) corenet_udp_sendrecv_all_nodes(cupsd_lpd_t) corenet_tcp_sendrecv_all_ports(cupsd_lpd_t) @@ -508,9 +508,9 @@ kernel_read_kernel_sysctls(hplip_t) corenet_all_recvfrom_unlabeled(hplip_t) corenet_all_recvfrom_netlabel(hplip_t) -corenet_tcp_sendrecv_all_if(hplip_t) -corenet_udp_sendrecv_all_if(hplip_t) -corenet_raw_sendrecv_all_if(hplip_t) +corenet_tcp_sendrecv_generic_if(hplip_t) +corenet_udp_sendrecv_generic_if(hplip_t) +corenet_raw_sendrecv_generic_if(hplip_t) corenet_tcp_sendrecv_all_nodes(hplip_t) corenet_udp_sendrecv_all_nodes(hplip_t) corenet_raw_sendrecv_all_nodes(hplip_t) @@ -601,7 +601,7 @@ kernel_read_proc_symlinks(ptal_t) corenet_all_recvfrom_unlabeled(ptal_t) corenet_all_recvfrom_netlabel(ptal_t) -corenet_tcp_sendrecv_all_if(ptal_t) +corenet_tcp_sendrecv_generic_if(ptal_t) corenet_tcp_sendrecv_all_nodes(ptal_t) corenet_tcp_sendrecv_all_ports(ptal_t) corenet_tcp_bind_all_nodes(ptal_t) diff --git a/policy/modules/services/cvs.te b/policy/modules/services/cvs.te index 5d75e29a..b45cb3ac 100644 --- a/policy/modules/services/cvs.te +++ b/policy/modules/services/cvs.te @@ -1,5 +1,5 @@ -policy_module(cvs, 1.7.0) +policy_module(cvs, 1.7.1) ######################################## # @@ -60,8 +60,8 @@ kernel_read_network_state(cvs_t) corenet_all_recvfrom_unlabeled(cvs_t) corenet_all_recvfrom_netlabel(cvs_t) -corenet_tcp_sendrecv_all_if(cvs_t) -corenet_udp_sendrecv_all_if(cvs_t) +corenet_tcp_sendrecv_generic_if(cvs_t) +corenet_udp_sendrecv_generic_if(cvs_t) corenet_tcp_sendrecv_all_nodes(cvs_t) corenet_udp_sendrecv_all_nodes(cvs_t) corenet_tcp_sendrecv_all_ports(cvs_t) diff --git a/policy/modules/services/cyrus.te b/policy/modules/services/cyrus.te index 5b1082e8..b802fdf6 100644 --- a/policy/modules/services/cyrus.te +++ b/policy/modules/services/cyrus.te @@ -1,5 +1,5 @@ -policy_module(cyrus, 1.8.0) +policy_module(cyrus, 1.8.1) ######################################## # @@ -65,8 +65,8 @@ kernel_read_all_sysctls(cyrus_t) corenet_all_recvfrom_unlabeled(cyrus_t) corenet_all_recvfrom_netlabel(cyrus_t) -corenet_tcp_sendrecv_all_if(cyrus_t) -corenet_udp_sendrecv_all_if(cyrus_t) +corenet_tcp_sendrecv_generic_if(cyrus_t) +corenet_udp_sendrecv_generic_if(cyrus_t) corenet_tcp_sendrecv_all_nodes(cyrus_t) corenet_udp_sendrecv_all_nodes(cyrus_t) corenet_tcp_sendrecv_all_ports(cyrus_t) diff --git a/policy/modules/services/dbskk.te b/policy/modules/services/dbskk.te index b569c1a4..b6b16965 100644 --- a/policy/modules/services/dbskk.te +++ b/policy/modules/services/dbskk.te @@ -1,5 +1,5 @@ -policy_module(dbskk, 1.4.0) +policy_module(dbskk, 1.4.1) ######################################## # @@ -50,8 +50,8 @@ kernel_read_network_state(dbskkd_t) corenet_all_recvfrom_unlabeled(dbskkd_t) corenet_all_recvfrom_netlabel(dbskkd_t) -corenet_tcp_sendrecv_all_if(dbskkd_t) -corenet_udp_sendrecv_all_if(dbskkd_t) +corenet_tcp_sendrecv_generic_if(dbskkd_t) +corenet_udp_sendrecv_generic_if(dbskkd_t) corenet_tcp_sendrecv_all_nodes(dbskkd_t) corenet_udp_sendrecv_all_nodes(dbskkd_t) corenet_tcp_sendrecv_all_ports(dbskkd_t) diff --git a/policy/modules/services/dbus.if b/policy/modules/services/dbus.if index 88ab0db7..199f47ce 100644 --- a/policy/modules/services/dbus.if +++ b/policy/modules/services/dbus.if @@ -108,7 +108,7 @@ template(`dbus_role_template',` corenet_all_recvfrom_unlabeled($1_dbusd_t) corenet_all_recvfrom_netlabel($1_dbusd_t) - corenet_tcp_sendrecv_all_if($1_dbusd_t) + corenet_tcp_sendrecv_generic_if($1_dbusd_t) corenet_tcp_sendrecv_all_nodes($1_dbusd_t) corenet_tcp_sendrecv_all_ports($1_dbusd_t) corenet_tcp_bind_all_nodes($1_dbusd_t) diff --git a/policy/modules/services/dbus.te b/policy/modules/services/dbus.te index b6bd482a..c073fd09 100644 --- a/policy/modules/services/dbus.te +++ b/policy/modules/services/dbus.te @@ -1,5 +1,5 @@ -policy_module(dbus, 1.10.0) +policy_module(dbus, 1.10.1) gen_require(` class dbus all_dbus_perms; diff --git a/policy/modules/services/dhcp.te b/policy/modules/services/dhcp.te index 11abc6f8..00032440 100644 --- a/policy/modules/services/dhcp.te +++ b/policy/modules/services/dhcp.te @@ -1,5 +1,5 @@ -policy_module(dhcp, 1.7.0) +policy_module(dhcp, 1.7.1) ######################################## # @@ -57,9 +57,9 @@ kernel_read_network_state(dhcpd_t) corenet_all_recvfrom_unlabeled(dhcpd_t) corenet_all_recvfrom_netlabel(dhcpd_t) -corenet_tcp_sendrecv_all_if(dhcpd_t) -corenet_udp_sendrecv_all_if(dhcpd_t) -corenet_raw_sendrecv_all_if(dhcpd_t) +corenet_tcp_sendrecv_generic_if(dhcpd_t) +corenet_udp_sendrecv_generic_if(dhcpd_t) +corenet_raw_sendrecv_generic_if(dhcpd_t) corenet_tcp_sendrecv_all_nodes(dhcpd_t) corenet_udp_sendrecv_all_nodes(dhcpd_t) corenet_raw_sendrecv_all_nodes(dhcpd_t) diff --git a/policy/modules/services/dictd.te b/policy/modules/services/dictd.te index 1300aecb..e3d99948 100644 --- a/policy/modules/services/dictd.te +++ b/policy/modules/services/dictd.te @@ -1,5 +1,5 @@ -policy_module(dictd, 1.6.0) +policy_module(dictd, 1.6.1) ######################################## # @@ -48,9 +48,9 @@ kernel_read_kernel_sysctls(dictd_t) corenet_all_recvfrom_unlabeled(dictd_t) corenet_all_recvfrom_netlabel(dictd_t) -corenet_tcp_sendrecv_all_if(dictd_t) -corenet_raw_sendrecv_all_if(dictd_t) -corenet_udp_sendrecv_all_if(dictd_t) +corenet_tcp_sendrecv_generic_if(dictd_t) +corenet_raw_sendrecv_generic_if(dictd_t) +corenet_udp_sendrecv_generic_if(dictd_t) corenet_tcp_sendrecv_all_nodes(dictd_t) corenet_udp_sendrecv_all_nodes(dictd_t) corenet_raw_sendrecv_all_nodes(dictd_t) diff --git a/policy/modules/services/distcc.te b/policy/modules/services/distcc.te index 9a382037..f47348b7 100644 --- a/policy/modules/services/distcc.te +++ b/policy/modules/services/distcc.te @@ -1,5 +1,5 @@ -policy_module(distcc, 1.7.0) +policy_module(distcc, 1.7.1) ######################################## # @@ -47,8 +47,8 @@ kernel_read_kernel_sysctls(distccd_t) corenet_all_recvfrom_unlabeled(distccd_t) corenet_all_recvfrom_netlabel(distccd_t) -corenet_tcp_sendrecv_all_if(distccd_t) -corenet_udp_sendrecv_all_if(distccd_t) +corenet_tcp_sendrecv_generic_if(distccd_t) +corenet_udp_sendrecv_generic_if(distccd_t) corenet_tcp_sendrecv_all_nodes(distccd_t) corenet_udp_sendrecv_all_nodes(distccd_t) corenet_tcp_sendrecv_all_ports(distccd_t) diff --git a/policy/modules/services/djbdns.if b/policy/modules/services/djbdns.if index 69f9735b..c4c80023 100644 --- a/policy/modules/services/djbdns.if +++ b/policy/modules/services/djbdns.if @@ -34,8 +34,8 @@ template(`djbdns_daemontools_domain_template',` corenet_all_recvfrom_unlabeled(djbdns_$1_t) corenet_all_recvfrom_netlabel(djbdns_$1_t) - corenet_tcp_sendrecv_all_if(djbdns_$1_t) - corenet_udp_sendrecv_all_if(djbdns_$1_t) + corenet_tcp_sendrecv_generic_if(djbdns_$1_t) + corenet_udp_sendrecv_generic_if(djbdns_$1_t) corenet_tcp_sendrecv_all_nodes(djbdns_$1_t) corenet_udp_sendrecv_all_nodes(djbdns_$1_t) corenet_tcp_sendrecv_all_ports(djbdns_$1_t) diff --git a/policy/modules/services/djbdns.te b/policy/modules/services/djbdns.te index d1693cba..ec4311e5 100644 --- a/policy/modules/services/djbdns.te +++ b/policy/modules/services/djbdns.te @@ -1,5 +1,5 @@ -policy_module(djbdns, 1.2.0) +policy_module(djbdns, 1.2.1) ######################################## # diff --git a/policy/modules/services/dovecot.te b/policy/modules/services/dovecot.te index 143bffc9..7eab6c1d 100644 --- a/policy/modules/services/dovecot.te +++ b/policy/modules/services/dovecot.te @@ -1,5 +1,5 @@ -policy_module(dovecot, 1.10.0) +policy_module(dovecot, 1.10.1) ######################################## # @@ -71,7 +71,7 @@ kernel_read_system_state(dovecot_t) corenet_all_recvfrom_unlabeled(dovecot_t) corenet_all_recvfrom_netlabel(dovecot_t) -corenet_tcp_sendrecv_all_if(dovecot_t) +corenet_tcp_sendrecv_generic_if(dovecot_t) corenet_tcp_sendrecv_all_nodes(dovecot_t) corenet_tcp_sendrecv_all_ports(dovecot_t) corenet_tcp_bind_all_nodes(dovecot_t) diff --git a/policy/modules/services/exim.te b/policy/modules/services/exim.te index 59ac3d2e..baaa887b 100644 --- a/policy/modules/services/exim.te +++ b/policy/modules/services/exim.te @@ -1,5 +1,5 @@ -policy_module(exim, 1.3.0) +policy_module(exim, 1.3.1) ######################################## # @@ -72,7 +72,7 @@ kernel_dontaudit_read_system_state(exim_t) corecmd_search_bin(exim_t) corenet_all_recvfrom_unlabeled(exim_t) -corenet_tcp_sendrecv_all_if(exim_t) +corenet_tcp_sendrecv_generic_if(exim_t) corenet_tcp_sendrecv_all_nodes(exim_t) corenet_tcp_sendrecv_all_ports(exim_t) corenet_tcp_bind_all_nodes(exim_t) diff --git a/policy/modules/services/finger.te b/policy/modules/services/finger.te index 0485ff01..558f74a6 100644 --- a/policy/modules/services/finger.te +++ b/policy/modules/services/finger.te @@ -1,5 +1,5 @@ -policy_module(finger, 1.8.0) +policy_module(finger, 1.8.1) ######################################## # @@ -49,8 +49,8 @@ kernel_read_system_state(fingerd_t) corenet_all_recvfrom_unlabeled(fingerd_t) corenet_all_recvfrom_netlabel(fingerd_t) -corenet_tcp_sendrecv_all_if(fingerd_t) -corenet_udp_sendrecv_all_if(fingerd_t) +corenet_tcp_sendrecv_generic_if(fingerd_t) +corenet_udp_sendrecv_generic_if(fingerd_t) corenet_tcp_sendrecv_all_nodes(fingerd_t) corenet_udp_sendrecv_all_nodes(fingerd_t) corenet_tcp_sendrecv_all_ports(fingerd_t) diff --git a/policy/modules/services/ftp.te b/policy/modules/services/ftp.te index 949862f0..bb63bdac 100644 --- a/policy/modules/services/ftp.te +++ b/policy/modules/services/ftp.te @@ -1,5 +1,5 @@ -policy_module(ftp, 1.10.0) +policy_module(ftp, 1.10.1) ######################################## # @@ -136,8 +136,8 @@ corecmd_exec_bin(ftpd_t) corenet_all_recvfrom_unlabeled(ftpd_t) corenet_all_recvfrom_netlabel(ftpd_t) -corenet_tcp_sendrecv_all_if(ftpd_t) -corenet_udp_sendrecv_all_if(ftpd_t) +corenet_tcp_sendrecv_generic_if(ftpd_t) +corenet_udp_sendrecv_generic_if(ftpd_t) corenet_tcp_sendrecv_all_nodes(ftpd_t) corenet_udp_sendrecv_all_nodes(ftpd_t) corenet_tcp_sendrecv_all_ports(ftpd_t) diff --git a/policy/modules/services/hal.te b/policy/modules/services/hal.te index 6970c687..e69f0067 100644 --- a/policy/modules/services/hal.te +++ b/policy/modules/services/hal.te @@ -1,5 +1,5 @@ -policy_module(hal, 1.11.0) +policy_module(hal, 1.11.1) ######################################## # @@ -102,8 +102,8 @@ corecmd_exec_all_executables(hald_t) corenet_all_recvfrom_unlabeled(hald_t) corenet_all_recvfrom_netlabel(hald_t) -corenet_tcp_sendrecv_all_if(hald_t) -corenet_udp_sendrecv_all_if(hald_t) +corenet_tcp_sendrecv_generic_if(hald_t) +corenet_udp_sendrecv_generic_if(hald_t) corenet_tcp_sendrecv_all_nodes(hald_t) corenet_udp_sendrecv_all_nodes(hald_t) corenet_tcp_sendrecv_all_ports(hald_t) diff --git a/policy/modules/services/howl.te b/policy/modules/services/howl.te index 13e9a7d5..a710bdb1 100644 --- a/policy/modules/services/howl.te +++ b/policy/modules/services/howl.te @@ -1,5 +1,5 @@ -policy_module(howl, 1.7.0) +policy_module(howl, 1.7.1) ######################################## # @@ -36,8 +36,8 @@ kernel_read_proc_symlinks(howl_t) corenet_all_recvfrom_unlabeled(howl_t) corenet_all_recvfrom_netlabel(howl_t) -corenet_tcp_sendrecv_all_if(howl_t) -corenet_udp_sendrecv_all_if(howl_t) +corenet_tcp_sendrecv_generic_if(howl_t) +corenet_udp_sendrecv_generic_if(howl_t) corenet_tcp_sendrecv_all_nodes(howl_t) corenet_udp_sendrecv_all_nodes(howl_t) corenet_tcp_sendrecv_all_ports(howl_t) diff --git a/policy/modules/services/inetd.te b/policy/modules/services/inetd.te index dc7ecd53..b3c6ada8 100644 --- a/policy/modules/services/inetd.te +++ b/policy/modules/services/inetd.te @@ -1,5 +1,5 @@ -policy_module(inetd, 1.9.0) +policy_module(inetd, 1.9.1) ######################################## # @@ -68,8 +68,8 @@ corecmd_bin_domtrans(inetd_t, inetd_child_t) # base networking: corenet_all_recvfrom_unlabeled(inetd_t) corenet_all_recvfrom_netlabel(inetd_t) -corenet_tcp_sendrecv_all_if(inetd_t) -corenet_udp_sendrecv_all_if(inetd_t) +corenet_tcp_sendrecv_generic_if(inetd_t) +corenet_udp_sendrecv_generic_if(inetd_t) corenet_tcp_sendrecv_all_nodes(inetd_t) corenet_udp_sendrecv_all_nodes(inetd_t) corenet_tcp_sendrecv_all_ports(inetd_t) @@ -208,8 +208,8 @@ kernel_read_network_state(inetd_child_t) corenet_all_recvfrom_unlabeled(inetd_child_t) corenet_all_recvfrom_netlabel(inetd_child_t) -corenet_tcp_sendrecv_all_if(inetd_child_t) -corenet_udp_sendrecv_all_if(inetd_child_t) +corenet_tcp_sendrecv_generic_if(inetd_child_t) +corenet_udp_sendrecv_generic_if(inetd_child_t) corenet_tcp_sendrecv_all_nodes(inetd_child_t) corenet_udp_sendrecv_all_nodes(inetd_child_t) corenet_tcp_sendrecv_all_ports(inetd_child_t) diff --git a/policy/modules/services/inn.te b/policy/modules/services/inn.te index 58d07366..5120332f 100644 --- a/policy/modules/services/inn.te +++ b/policy/modules/services/inn.te @@ -1,5 +1,5 @@ -policy_module(inn, 1.8.0) +policy_module(inn, 1.8.1) ######################################## # @@ -68,8 +68,8 @@ kernel_read_system_state(innd_t) corenet_all_recvfrom_unlabeled(innd_t) corenet_all_recvfrom_netlabel(innd_t) -corenet_tcp_sendrecv_all_if(innd_t) -corenet_udp_sendrecv_all_if(innd_t) +corenet_tcp_sendrecv_generic_if(innd_t) +corenet_udp_sendrecv_generic_if(innd_t) corenet_tcp_sendrecv_all_nodes(innd_t) corenet_udp_sendrecv_all_nodes(innd_t) corenet_tcp_sendrecv_all_ports(innd_t) diff --git a/policy/modules/services/kerberos.if b/policy/modules/services/kerberos.if index a26ecb42..de9c607f 100644 --- a/policy/modules/services/kerberos.if +++ b/policy/modules/services/kerberos.if @@ -89,8 +89,8 @@ interface(`kerberos_use',` corenet_all_recvfrom_unlabeled($1) corenet_all_recvfrom_netlabel($1) - corenet_tcp_sendrecv_all_if($1) - corenet_udp_sendrecv_all_if($1) + corenet_tcp_sendrecv_generic_if($1) + corenet_udp_sendrecv_generic_if($1) corenet_tcp_sendrecv_all_nodes($1) corenet_udp_sendrecv_all_nodes($1) corenet_tcp_sendrecv_kerberos_port($1) diff --git a/policy/modules/services/kerberos.te b/policy/modules/services/kerberos.te index 162fd6a5..cc01836e 100644 --- a/policy/modules/services/kerberos.te +++ b/policy/modules/services/kerberos.te @@ -1,5 +1,5 @@ -policy_module(kerberos, 1.9.0) +policy_module(kerberos, 1.9.1) ######################################## # @@ -113,8 +113,8 @@ kernel_read_system_state(kadmind_t) corenet_all_recvfrom_unlabeled(kadmind_t) corenet_all_recvfrom_netlabel(kadmind_t) -corenet_tcp_sendrecv_all_if(kadmind_t) -corenet_udp_sendrecv_all_if(kadmind_t) +corenet_tcp_sendrecv_generic_if(kadmind_t) +corenet_udp_sendrecv_generic_if(kadmind_t) corenet_tcp_sendrecv_all_nodes(kadmind_t) corenet_udp_sendrecv_all_nodes(kadmind_t) corenet_tcp_sendrecv_all_ports(kadmind_t) @@ -215,8 +215,8 @@ corecmd_exec_bin(krb5kdc_t) corenet_all_recvfrom_unlabeled(krb5kdc_t) corenet_all_recvfrom_netlabel(krb5kdc_t) -corenet_tcp_sendrecv_all_if(krb5kdc_t) -corenet_udp_sendrecv_all_if(krb5kdc_t) +corenet_tcp_sendrecv_generic_if(krb5kdc_t) +corenet_udp_sendrecv_generic_if(krb5kdc_t) corenet_tcp_sendrecv_all_nodes(krb5kdc_t) corenet_udp_sendrecv_all_nodes(krb5kdc_t) corenet_tcp_sendrecv_all_ports(krb5kdc_t) @@ -286,7 +286,7 @@ manage_files_pattern(kpropd_t, krb5kdc_conf_t, krb5kdc_principal_t) corecmd_exec_bin(kpropd_t) corenet_all_recvfrom_unlabeled(kpropd_t) -corenet_tcp_sendrecv_all_if(kpropd_t) +corenet_tcp_sendrecv_generic_if(kpropd_t) corenet_tcp_sendrecv_all_nodes(kpropd_t) corenet_tcp_sendrecv_all_ports(kpropd_t) corenet_tcp_bind_all_nodes(kpropd_t) diff --git a/policy/modules/services/kerneloops.te b/policy/modules/services/kerneloops.te index f1350bdb..17623fde 100644 --- a/policy/modules/services/kerneloops.te +++ b/policy/modules/services/kerneloops.te @@ -1,5 +1,5 @@ -policy_module(kerneloops, 1.2.0) +policy_module(kerneloops, 1.2.1) ######################################## # @@ -30,7 +30,7 @@ domain_use_interactive_fds(kerneloops_t) corenet_all_recvfrom_unlabeled(kerneloops_t) corenet_all_recvfrom_netlabel(kerneloops_t) -corenet_tcp_sendrecv_all_if(kerneloops_t) +corenet_tcp_sendrecv_generic_if(kerneloops_t) corenet_tcp_sendrecv_all_nodes(kerneloops_t) corenet_tcp_sendrecv_all_ports(kerneloops_t) corenet_tcp_bind_http_port(kerneloops_t) diff --git a/policy/modules/services/ktalk.te b/policy/modules/services/ktalk.te index f0bece26..91e3caa4 100644 --- a/policy/modules/services/ktalk.te +++ b/policy/modules/services/ktalk.te @@ -1,5 +1,5 @@ -policy_module(ktalk, 1.6.0) +policy_module(ktalk, 1.6.1) ######################################## # @@ -55,8 +55,8 @@ kernel_read_network_state(ktalkd_t) corenet_all_recvfrom_unlabeled(ktalkd_t) corenet_all_recvfrom_netlabel(ktalkd_t) -corenet_tcp_sendrecv_all_if(ktalkd_t) -corenet_udp_sendrecv_all_if(ktalkd_t) +corenet_tcp_sendrecv_generic_if(ktalkd_t) +corenet_udp_sendrecv_generic_if(ktalkd_t) corenet_tcp_sendrecv_all_nodes(ktalkd_t) corenet_udp_sendrecv_all_nodes(ktalkd_t) corenet_tcp_sendrecv_all_ports(ktalkd_t) diff --git a/policy/modules/services/ldap.te b/policy/modules/services/ldap.te index bbc1b406..2ec53490 100644 --- a/policy/modules/services/ldap.te +++ b/policy/modules/services/ldap.te @@ -1,5 +1,5 @@ -policy_module(ldap, 1.9.0) +policy_module(ldap, 1.9.1) ######################################## # @@ -81,8 +81,8 @@ kernel_read_kernel_sysctls(slapd_t) corenet_all_recvfrom_unlabeled(slapd_t) corenet_all_recvfrom_netlabel(slapd_t) -corenet_tcp_sendrecv_all_if(slapd_t) -corenet_udp_sendrecv_all_if(slapd_t) +corenet_tcp_sendrecv_generic_if(slapd_t) +corenet_udp_sendrecv_generic_if(slapd_t) corenet_tcp_sendrecv_all_nodes(slapd_t) corenet_udp_sendrecv_all_nodes(slapd_t) corenet_tcp_sendrecv_all_ports(slapd_t) diff --git a/policy/modules/services/lpd.te b/policy/modules/services/lpd.te index 5ef59928..2ab013b4 100644 --- a/policy/modules/services/lpd.te +++ b/policy/modules/services/lpd.te @@ -1,5 +1,5 @@ -policy_module(lpd, 1.11.0) +policy_module(lpd, 1.11.1) ######################################## # @@ -88,8 +88,8 @@ kernel_read_system_state(checkpc_t) corenet_all_recvfrom_unlabeled(checkpc_t) corenet_all_recvfrom_netlabel(checkpc_t) -corenet_tcp_sendrecv_all_if(checkpc_t) -corenet_udp_sendrecv_all_if(checkpc_t) +corenet_tcp_sendrecv_generic_if(checkpc_t) +corenet_udp_sendrecv_generic_if(checkpc_t) corenet_tcp_sendrecv_all_nodes(checkpc_t) corenet_udp_sendrecv_all_nodes(checkpc_t) corenet_tcp_sendrecv_all_ports(checkpc_t) @@ -168,8 +168,8 @@ kernel_read_system_state(lpd_t) corenet_all_recvfrom_unlabeled(lpd_t) corenet_all_recvfrom_netlabel(lpd_t) -corenet_tcp_sendrecv_all_if(lpd_t) -corenet_udp_sendrecv_all_if(lpd_t) +corenet_tcp_sendrecv_generic_if(lpd_t) +corenet_udp_sendrecv_generic_if(lpd_t) corenet_tcp_sendrecv_all_nodes(lpd_t) corenet_udp_sendrecv_all_nodes(lpd_t) corenet_tcp_sendrecv_all_ports(lpd_t) diff --git a/policy/modules/services/mailman.if b/policy/modules/services/mailman.if index 717d14b4..52dc898d 100644 --- a/policy/modules/services/mailman.if +++ b/policy/modules/services/mailman.if @@ -50,9 +50,9 @@ template(`mailman_domain_template', ` corenet_all_recvfrom_unlabeled(mailman_$1_t) corenet_all_recvfrom_netlabel(mailman_$1_t) - corenet_tcp_sendrecv_all_if(mailman_$1_t) - corenet_udp_sendrecv_all_if(mailman_$1_t) - corenet_raw_sendrecv_all_if(mailman_$1_t) + corenet_tcp_sendrecv_generic_if(mailman_$1_t) + corenet_udp_sendrecv_generic_if(mailman_$1_t) + corenet_raw_sendrecv_generic_if(mailman_$1_t) corenet_tcp_sendrecv_all_nodes(mailman_$1_t) corenet_udp_sendrecv_all_nodes(mailman_$1_t) corenet_raw_sendrecv_all_nodes(mailman_$1_t) diff --git a/policy/modules/services/mailman.te b/policy/modules/services/mailman.te index ea66c62b..67f54151 100644 --- a/policy/modules/services/mailman.te +++ b/policy/modules/services/mailman.te @@ -1,5 +1,5 @@ -policy_module(mailman, 1.6.0) +policy_module(mailman, 1.6.1) ######################################## # diff --git a/policy/modules/services/memcached.te b/policy/modules/services/memcached.te index 583c3148..943931c2 100644 --- a/policy/modules/services/memcached.te +++ b/policy/modules/services/memcached.te @@ -1,5 +1,5 @@ -policy_module(memcached, 1.0.0) +policy_module(memcached, 1.0.1) ######################################## # @@ -27,11 +27,11 @@ allow memcached_t self:udp_socket { create_socket_perms listen }; allow memcached_t self:fifo_file rw_fifo_file_perms; corenet_all_recvfrom_unlabeled(memcached_t) -corenet_udp_sendrecv_all_if(memcached_t) +corenet_udp_sendrecv_generic_if(memcached_t) corenet_udp_sendrecv_all_nodes(memcached_t) corenet_udp_sendrecv_all_ports(memcached_t) corenet_udp_bind_all_nodes(memcached_t) -corenet_tcp_sendrecv_all_if(memcached_t) +corenet_tcp_sendrecv_generic_if(memcached_t) corenet_tcp_sendrecv_all_nodes(memcached_t) corenet_tcp_sendrecv_all_ports(memcached_t) corenet_tcp_bind_all_nodes(memcached_t) diff --git a/policy/modules/services/mta.if b/policy/modules/services/mta.if index e57d2f8f..d67c6597 100644 --- a/policy/modules/services/mta.if +++ b/policy/modules/services/mta.if @@ -73,7 +73,7 @@ template(`mta_base_mail_template',` corenet_all_recvfrom_unlabeled($1_mail_t) corenet_all_recvfrom_netlabel($1_mail_t) - corenet_tcp_sendrecv_all_if($1_mail_t) + corenet_tcp_sendrecv_generic_if($1_mail_t) corenet_tcp_sendrecv_all_nodes($1_mail_t) corenet_tcp_sendrecv_all_ports($1_mail_t) corenet_tcp_connect_all_ports($1_mail_t) diff --git a/policy/modules/services/mta.te b/policy/modules/services/mta.te index 69ee2f6c..370ce9fe 100644 --- a/policy/modules/services/mta.te +++ b/policy/modules/services/mta.te @@ -1,5 +1,5 @@ -policy_module(mta, 2.1.0) +policy_module(mta, 2.1.1) ######################################## # diff --git a/policy/modules/services/mysql.te b/policy/modules/services/mysql.te index 07670518..05bba759 100644 --- a/policy/modules/services/mysql.te +++ b/policy/modules/services/mysql.te @@ -1,5 +1,5 @@ -policy_module(mysql, 1.10.0) +policy_module(mysql, 1.10.1) ######################################## # @@ -67,8 +67,8 @@ kernel_read_kernel_sysctls(mysqld_t) corenet_all_recvfrom_unlabeled(mysqld_t) corenet_all_recvfrom_netlabel(mysqld_t) -corenet_tcp_sendrecv_all_if(mysqld_t) -corenet_udp_sendrecv_all_if(mysqld_t) +corenet_tcp_sendrecv_generic_if(mysqld_t) +corenet_udp_sendrecv_generic_if(mysqld_t) corenet_tcp_sendrecv_all_nodes(mysqld_t) corenet_udp_sendrecv_all_nodes(mysqld_t) corenet_tcp_sendrecv_all_ports(mysqld_t) diff --git a/policy/modules/services/networkmanager.te b/policy/modules/services/networkmanager.te index cc73344e..854c7553 100644 --- a/policy/modules/services/networkmanager.te +++ b/policy/modules/services/networkmanager.te @@ -1,5 +1,5 @@ -policy_module(networkmanager, 1.12.0) +policy_module(networkmanager, 1.12.1) ######################################## # @@ -66,9 +66,9 @@ kernel_load_module(NetworkManager_t) corenet_all_recvfrom_unlabeled(NetworkManager_t) corenet_all_recvfrom_netlabel(NetworkManager_t) -corenet_tcp_sendrecv_all_if(NetworkManager_t) -corenet_udp_sendrecv_all_if(NetworkManager_t) -corenet_raw_sendrecv_all_if(NetworkManager_t) +corenet_tcp_sendrecv_generic_if(NetworkManager_t) +corenet_udp_sendrecv_generic_if(NetworkManager_t) +corenet_raw_sendrecv_generic_if(NetworkManager_t) corenet_tcp_sendrecv_all_nodes(NetworkManager_t) corenet_udp_sendrecv_all_nodes(NetworkManager_t) corenet_raw_sendrecv_all_nodes(NetworkManager_t) diff --git a/policy/modules/services/nis.if b/policy/modules/services/nis.if index 2e23018d..29586f8b 100644 --- a/policy/modules/services/nis.if +++ b/policy/modules/services/nis.if @@ -39,8 +39,8 @@ interface(`nis_use_ypbind_uncond',` corenet_all_recvfrom_unlabeled($1) corenet_all_recvfrom_netlabel($1) - corenet_tcp_sendrecv_all_if($1) - corenet_udp_sendrecv_all_if($1) + corenet_tcp_sendrecv_generic_if($1) + corenet_udp_sendrecv_generic_if($1) corenet_tcp_sendrecv_all_nodes($1) corenet_udp_sendrecv_all_nodes($1) corenet_tcp_sendrecv_all_ports($1) diff --git a/policy/modules/services/nis.te b/policy/modules/services/nis.te index 84a1f942..0badd0f6 100644 --- a/policy/modules/services/nis.te +++ b/policy/modules/services/nis.te @@ -1,5 +1,5 @@ -policy_module(nis, 1.8.0) +policy_module(nis, 1.8.1) ######################################## # @@ -71,8 +71,8 @@ kernel_read_proc_symlinks(ypbind_t) corenet_all_recvfrom_unlabeled(ypbind_t) corenet_all_recvfrom_netlabel(ypbind_t) -corenet_tcp_sendrecv_all_if(ypbind_t) -corenet_udp_sendrecv_all_if(ypbind_t) +corenet_tcp_sendrecv_generic_if(ypbind_t) +corenet_udp_sendrecv_generic_if(ypbind_t) corenet_tcp_sendrecv_all_nodes(ypbind_t) corenet_udp_sendrecv_all_nodes(ypbind_t) corenet_tcp_sendrecv_all_ports(ypbind_t) @@ -231,8 +231,8 @@ kernel_read_proc_symlinks(ypserv_t) corenet_all_recvfrom_unlabeled(ypserv_t) corenet_all_recvfrom_netlabel(ypserv_t) -corenet_tcp_sendrecv_all_if(ypserv_t) -corenet_udp_sendrecv_all_if(ypserv_t) +corenet_tcp_sendrecv_generic_if(ypserv_t) +corenet_udp_sendrecv_generic_if(ypserv_t) corenet_tcp_sendrecv_all_nodes(ypserv_t) corenet_udp_sendrecv_all_nodes(ypserv_t) corenet_tcp_sendrecv_all_ports(ypserv_t) @@ -296,8 +296,8 @@ allow ypxfr_t ypserv_conf_t:file read_file_perms; corenet_all_recvfrom_unlabeled(ypxfr_t) corenet_all_recvfrom_netlabel(ypxfr_t) -corenet_tcp_sendrecv_all_if(ypxfr_t) -corenet_udp_sendrecv_all_if(ypxfr_t) +corenet_tcp_sendrecv_generic_if(ypxfr_t) +corenet_udp_sendrecv_generic_if(ypxfr_t) corenet_tcp_sendrecv_all_nodes(ypxfr_t) corenet_udp_sendrecv_all_nodes(ypxfr_t) corenet_tcp_sendrecv_all_ports(ypxfr_t) diff --git a/policy/modules/services/nscd.te b/policy/modules/services/nscd.te index 3154fb56..701bdb58 100644 --- a/policy/modules/services/nscd.te +++ b/policy/modules/services/nscd.te @@ -1,5 +1,5 @@ -policy_module(nscd, 1.8.0) +policy_module(nscd, 1.8.1) gen_require(` class nscd all_nscd_perms; @@ -67,8 +67,8 @@ auth_use_nsswitch(nscd_t) corenet_all_recvfrom_unlabeled(nscd_t) corenet_all_recvfrom_netlabel(nscd_t) -corenet_tcp_sendrecv_all_if(nscd_t) -corenet_udp_sendrecv_all_if(nscd_t) +corenet_tcp_sendrecv_generic_if(nscd_t) +corenet_udp_sendrecv_generic_if(nscd_t) corenet_tcp_sendrecv_all_nodes(nscd_t) corenet_udp_sendrecv_all_nodes(nscd_t) corenet_tcp_sendrecv_all_ports(nscd_t) diff --git a/policy/modules/services/ntp.te b/policy/modules/services/ntp.te index 66ae0631..8f8e6033 100644 --- a/policy/modules/services/ntp.te +++ b/policy/modules/services/ntp.te @@ -1,5 +1,5 @@ -policy_module(ntp, 1.8.0) +policy_module(ntp, 1.8.1) ######################################## # @@ -71,8 +71,8 @@ kernel_read_network_state(ntpd_t) corenet_all_recvfrom_unlabeled(ntpd_t) corenet_all_recvfrom_netlabel(ntpd_t) -corenet_tcp_sendrecv_all_if(ntpd_t) -corenet_udp_sendrecv_all_if(ntpd_t) +corenet_tcp_sendrecv_generic_if(ntpd_t) +corenet_udp_sendrecv_generic_if(ntpd_t) corenet_tcp_sendrecv_all_nodes(ntpd_t) corenet_udp_sendrecv_all_nodes(ntpd_t) corenet_tcp_sendrecv_all_ports(ntpd_t) diff --git a/policy/modules/services/oident.te b/policy/modules/services/oident.te index bb56f9e2..29b6a6fc 100644 --- a/policy/modules/services/oident.te +++ b/policy/modules/services/oident.te @@ -1,5 +1,5 @@ -policy_module(oident, 2.0.0) +policy_module(oident, 2.0.1) ######################################## # @@ -37,7 +37,7 @@ allow oidentd_t oidentd_config_t:file read_file_perms; corenet_all_recvfrom_unlabeled(oidentd_t) corenet_all_recvfrom_netlabel(oidentd_t) -corenet_tcp_sendrecv_all_if(oidentd_t) +corenet_tcp_sendrecv_generic_if(oidentd_t) corenet_tcp_sendrecv_all_nodes(oidentd_t) corenet_tcp_bind_all_nodes(oidentd_t) corenet_tcp_bind_auth_port(oidentd_t) diff --git a/policy/modules/services/openvpn.te b/policy/modules/services/openvpn.te index d3218756..2efa44e0 100644 --- a/policy/modules/services/openvpn.te +++ b/policy/modules/services/openvpn.te @@ -1,5 +1,5 @@ -policy_module(openvpn, 1.7.0) +policy_module(openvpn, 1.7.1) ######################################## # @@ -68,8 +68,8 @@ corecmd_exec_shell(openvpn_t) corenet_all_recvfrom_unlabeled(openvpn_t) corenet_all_recvfrom_netlabel(openvpn_t) -corenet_tcp_sendrecv_all_if(openvpn_t) -corenet_udp_sendrecv_all_if(openvpn_t) +corenet_tcp_sendrecv_generic_if(openvpn_t) +corenet_udp_sendrecv_generic_if(openvpn_t) corenet_tcp_sendrecv_generic_node(openvpn_t) corenet_udp_sendrecv_generic_node(openvpn_t) corenet_tcp_sendrecv_all_ports(openvpn_t) diff --git a/policy/modules/services/pcscd.te b/policy/modules/services/pcscd.te index 42586199..b7d12a0f 100644 --- a/policy/modules/services/pcscd.te +++ b/policy/modules/services/pcscd.te @@ -1,5 +1,5 @@ -policy_module(pcscd, 1.4.0) +policy_module(pcscd, 1.4.1) ######################################## # @@ -33,7 +33,7 @@ files_pid_filetrans(pcscd_t, pcscd_var_run_t, { file sock_file }) corenet_all_recvfrom_unlabeled(pcscd_t) corenet_all_recvfrom_netlabel(pcscd_t) -corenet_tcp_sendrecv_all_if(pcscd_t) +corenet_tcp_sendrecv_generic_if(pcscd_t) corenet_tcp_sendrecv_all_nodes(pcscd_t) corenet_tcp_sendrecv_all_ports(pcscd_t) corenet_tcp_connect_http_port(pcscd_t) diff --git a/policy/modules/services/pegasus.te b/policy/modules/services/pegasus.te index 9f25be6c..c89b731b 100644 --- a/policy/modules/services/pegasus.te +++ b/policy/modules/services/pegasus.te @@ -1,5 +1,5 @@ -policy_module(pegasus, 1.7.0) +policy_module(pegasus, 1.7.1) ######################################## # @@ -69,7 +69,7 @@ kernel_read_net_sysctls(pegasus_t) corenet_all_recvfrom_unlabeled(pegasus_t) corenet_all_recvfrom_netlabel(pegasus_t) -corenet_tcp_sendrecv_all_if(pegasus_t) +corenet_tcp_sendrecv_generic_if(pegasus_t) corenet_tcp_sendrecv_all_nodes(pegasus_t) corenet_tcp_sendrecv_all_ports(pegasus_t) corenet_tcp_bind_all_nodes(pegasus_t) diff --git a/policy/modules/services/portmap.te b/policy/modules/services/portmap.te index e34bd594..3c8ed899 100644 --- a/policy/modules/services/portmap.te +++ b/policy/modules/services/portmap.te @@ -1,5 +1,5 @@ -policy_module(portmap, 1.8.0) +policy_module(portmap, 1.8.1) ######################################## # @@ -46,8 +46,8 @@ kernel_read_kernel_sysctls(portmap_t) corenet_all_recvfrom_unlabeled(portmap_t) corenet_all_recvfrom_netlabel(portmap_t) -corenet_tcp_sendrecv_all_if(portmap_t) -corenet_udp_sendrecv_all_if(portmap_t) +corenet_tcp_sendrecv_generic_if(portmap_t) +corenet_udp_sendrecv_generic_if(portmap_t) corenet_tcp_sendrecv_all_nodes(portmap_t) corenet_udp_sendrecv_all_nodes(portmap_t) corenet_tcp_sendrecv_all_ports(portmap_t) @@ -116,9 +116,9 @@ files_pid_filetrans(portmap_helper_t, portmap_var_run_t, file) corenet_all_recvfrom_unlabeled(portmap_helper_t) corenet_all_recvfrom_netlabel(portmap_helper_t) -corenet_tcp_sendrecv_all_if(portmap_helper_t) -corenet_udp_sendrecv_all_if(portmap_helper_t) -corenet_raw_sendrecv_all_if(portmap_helper_t) +corenet_tcp_sendrecv_generic_if(portmap_helper_t) +corenet_udp_sendrecv_generic_if(portmap_helper_t) +corenet_raw_sendrecv_generic_if(portmap_helper_t) corenet_tcp_sendrecv_all_nodes(portmap_helper_t) corenet_udp_sendrecv_all_nodes(portmap_helper_t) corenet_raw_sendrecv_all_nodes(portmap_helper_t) diff --git a/policy/modules/services/postfix.if b/policy/modules/services/postfix.if index 9a68d8dd..c7703b94 100644 --- a/policy/modules/services/postfix.if +++ b/policy/modules/services/postfix.if @@ -119,8 +119,8 @@ template(`postfix_server_domain_template',` corenet_all_recvfrom_unlabeled(postfix_$1_t) corenet_all_recvfrom_netlabel(postfix_$1_t) - corenet_tcp_sendrecv_all_if(postfix_$1_t) - corenet_udp_sendrecv_all_if(postfix_$1_t) + corenet_tcp_sendrecv_generic_if(postfix_$1_t) + corenet_udp_sendrecv_generic_if(postfix_$1_t) corenet_tcp_sendrecv_all_nodes(postfix_$1_t) corenet_udp_sendrecv_all_nodes(postfix_$1_t) corenet_tcp_sendrecv_all_ports(postfix_$1_t) diff --git a/policy/modules/services/postfix.te b/policy/modules/services/postfix.te index f483bd8c..24e1706e 100644 --- a/policy/modules/services/postfix.te +++ b/policy/modules/services/postfix.te @@ -1,5 +1,5 @@ -policy_module(postfix, 1.10.0) +policy_module(postfix, 1.10.1) ######################################## # @@ -147,8 +147,8 @@ kernel_read_all_sysctls(postfix_master_t) corenet_all_recvfrom_unlabeled(postfix_master_t) corenet_all_recvfrom_netlabel(postfix_master_t) -corenet_tcp_sendrecv_all_if(postfix_master_t) -corenet_udp_sendrecv_all_if(postfix_master_t) +corenet_tcp_sendrecv_generic_if(postfix_master_t) +corenet_udp_sendrecv_generic_if(postfix_master_t) corenet_tcp_sendrecv_all_nodes(postfix_master_t) corenet_udp_sendrecv_all_nodes(postfix_master_t) corenet_tcp_sendrecv_all_ports(postfix_master_t) @@ -313,8 +313,8 @@ kernel_dontaudit_read_system_state(postfix_map_t) corenet_all_recvfrom_unlabeled(postfix_map_t) corenet_all_recvfrom_netlabel(postfix_map_t) -corenet_tcp_sendrecv_all_if(postfix_map_t) -corenet_udp_sendrecv_all_if(postfix_map_t) +corenet_tcp_sendrecv_generic_if(postfix_map_t) +corenet_udp_sendrecv_generic_if(postfix_map_t) corenet_tcp_sendrecv_all_nodes(postfix_map_t) corenet_udp_sendrecv_all_nodes(postfix_map_t) corenet_tcp_sendrecv_all_ports(postfix_map_t) @@ -414,7 +414,7 @@ rw_fifo_files_pattern(postfix_postdrop_t, postfix_public_t, postfix_public_t) postfix_list_spool(postfix_postdrop_t) manage_files_pattern(postfix_postdrop_t, postfix_spool_maildrop_t, postfix_spool_maildrop_t) -corenet_udp_sendrecv_all_if(postfix_postdrop_t) +corenet_udp_sendrecv_generic_if(postfix_postdrop_t) corenet_udp_sendrecv_all_nodes(postfix_postdrop_t) term_dontaudit_use_all_user_ptys(postfix_postdrop_t) diff --git a/policy/modules/services/postgresql.te b/policy/modules/services/postgresql.te index 54f57879..aec203ee 100644 --- a/policy/modules/services/postgresql.te +++ b/policy/modules/services/postgresql.te @@ -1,5 +1,5 @@ -policy_module(postgresql, 1.8.0) +policy_module(postgresql, 1.8.1) gen_require(` class db_database all_db_database_perms; @@ -188,8 +188,8 @@ kernel_read_proc_symlinks(postgresql_t) corenet_all_recvfrom_unlabeled(postgresql_t) corenet_all_recvfrom_netlabel(postgresql_t) -corenet_tcp_sendrecv_all_if(postgresql_t) -corenet_udp_sendrecv_all_if(postgresql_t) +corenet_tcp_sendrecv_generic_if(postgresql_t) +corenet_udp_sendrecv_generic_if(postgresql_t) corenet_tcp_sendrecv_all_nodes(postgresql_t) corenet_udp_sendrecv_all_nodes(postgresql_t) corenet_tcp_sendrecv_all_ports(postgresql_t) diff --git a/policy/modules/services/ppp.te b/policy/modules/services/ppp.te index c79c7da8..5c92d206 100644 --- a/policy/modules/services/ppp.te +++ b/policy/modules/services/ppp.te @@ -1,5 +1,5 @@ -policy_module(ppp, 1.10.0) +policy_module(ppp, 1.10.1) ######################################## # @@ -126,9 +126,9 @@ dev_read_sysfs(pppd_t) corenet_all_recvfrom_unlabeled(pppd_t) corenet_all_recvfrom_netlabel(pppd_t) -corenet_tcp_sendrecv_all_if(pppd_t) -corenet_raw_sendrecv_all_if(pppd_t) -corenet_udp_sendrecv_all_if(pppd_t) +corenet_tcp_sendrecv_generic_if(pppd_t) +corenet_raw_sendrecv_generic_if(pppd_t) +corenet_udp_sendrecv_generic_if(pppd_t) corenet_tcp_sendrecv_all_nodes(pppd_t) corenet_raw_sendrecv_all_nodes(pppd_t) corenet_udp_sendrecv_all_nodes(pppd_t) @@ -250,8 +250,8 @@ dev_read_sysfs(pptp_t) corenet_all_recvfrom_unlabeled(pptp_t) corenet_all_recvfrom_netlabel(pptp_t) -corenet_tcp_sendrecv_all_if(pptp_t) -corenet_raw_sendrecv_all_if(pptp_t) +corenet_tcp_sendrecv_generic_if(pptp_t) +corenet_raw_sendrecv_generic_if(pptp_t) corenet_tcp_sendrecv_all_nodes(pptp_t) corenet_raw_sendrecv_all_nodes(pptp_t) corenet_tcp_sendrecv_all_ports(pptp_t) diff --git a/policy/modules/services/prelude.te b/policy/modules/services/prelude.te index b7e90902..a749abf3 100644 --- a/policy/modules/services/prelude.te +++ b/policy/modules/services/prelude.te @@ -1,5 +1,5 @@ -policy_module(prelude, 1.0.0) +policy_module(prelude, 1.0.1) ######################################## # @@ -53,7 +53,7 @@ corecmd_search_bin(prelude_t) corenet_all_recvfrom_unlabeled(prelude_t) corenet_all_recvfrom_netlabel(prelude_t) -corenet_tcp_sendrecv_all_if(prelude_t) +corenet_tcp_sendrecv_generic_if(prelude_t) corenet_tcp_sendrecv_all_nodes(prelude_t) corenet_tcp_bind_all_nodes(prelude_t) @@ -104,7 +104,7 @@ corecmd_search_bin(prelude_audisp_t) corenet_all_recvfrom_unlabeled(prelude_audisp_t) corenet_all_recvfrom_netlabel(prelude_audisp_t) -corenet_tcp_sendrecv_all_if(prelude_audisp_t) +corenet_tcp_sendrecv_generic_if(prelude_audisp_t) corenet_tcp_sendrecv_all_nodes(prelude_audisp_t) corenet_tcp_bind_all_nodes(prelude_audisp_t) diff --git a/policy/modules/services/privoxy.te b/policy/modules/services/privoxy.te index a814ec25..571c9b1a 100644 --- a/policy/modules/services/privoxy.te +++ b/policy/modules/services/privoxy.te @@ -1,5 +1,5 @@ -policy_module(privoxy, 1.8.0) +policy_module(privoxy, 1.8.1) ######################################## # @@ -45,7 +45,7 @@ kernel_read_proc_symlinks(privoxy_t) corenet_all_recvfrom_unlabeled(privoxy_t) corenet_all_recvfrom_netlabel(privoxy_t) -corenet_tcp_sendrecv_all_if(privoxy_t) +corenet_tcp_sendrecv_generic_if(privoxy_t) corenet_tcp_sendrecv_all_nodes(privoxy_t) corenet_tcp_sendrecv_all_ports(privoxy_t) corenet_tcp_bind_all_nodes(privoxy_t) diff --git a/policy/modules/services/procmail.te b/policy/modules/services/procmail.te index 1afb9919..645fa102 100644 --- a/policy/modules/services/procmail.te +++ b/policy/modules/services/procmail.te @@ -1,5 +1,5 @@ -policy_module(procmail, 1.10.0) +policy_module(procmail, 1.10.1) ######################################## # @@ -47,8 +47,8 @@ kernel_read_kernel_sysctls(procmail_t) corenet_all_recvfrom_unlabeled(procmail_t) corenet_all_recvfrom_netlabel(procmail_t) -corenet_tcp_sendrecv_all_if(procmail_t) -corenet_udp_sendrecv_all_if(procmail_t) +corenet_tcp_sendrecv_generic_if(procmail_t) +corenet_udp_sendrecv_generic_if(procmail_t) corenet_tcp_sendrecv_all_nodes(procmail_t) corenet_udp_sendrecv_all_nodes(procmail_t) corenet_tcp_sendrecv_all_ports(procmail_t) diff --git a/policy/modules/services/pyzor.te b/policy/modules/services/pyzor.te index 002132a6..3ac177fb 100644 --- a/policy/modules/services/pyzor.te +++ b/policy/modules/services/pyzor.te @@ -1,5 +1,5 @@ -policy_module(pyzor, 2.0.0) +policy_module(pyzor, 2.0.1) ######################################## # @@ -67,8 +67,8 @@ kernel_read_system_state(pyzor_t) corecmd_list_bin(pyzor_t) corecmd_getattr_bin_files(pyzor_t) -corenet_tcp_sendrecv_all_if(pyzor_t) -corenet_udp_sendrecv_all_if(pyzor_t) +corenet_tcp_sendrecv_generic_if(pyzor_t) +corenet_udp_sendrecv_generic_if(pyzor_t) corenet_tcp_sendrecv_all_nodes(pyzor_t) corenet_udp_sendrecv_all_nodes(pyzor_t) corenet_tcp_sendrecv_all_ports(pyzor_t) @@ -124,7 +124,7 @@ corecmd_exec_bin(pyzord_t) corenet_all_recvfrom_unlabeled(pyzord_t) corenet_all_recvfrom_netlabel(pyzord_t) -corenet_udp_sendrecv_all_if(pyzord_t) +corenet_udp_sendrecv_generic_if(pyzord_t) corenet_udp_sendrecv_all_nodes(pyzord_t) corenet_udp_sendrecv_all_ports(pyzord_t) corenet_udp_bind_all_nodes(pyzord_t) diff --git a/policy/modules/services/radius.te b/policy/modules/services/radius.te index 9e8cf421..050498d9 100644 --- a/policy/modules/services/radius.te +++ b/policy/modules/services/radius.te @@ -1,5 +1,5 @@ -policy_module(radius, 1.10.0) +policy_module(radius, 1.10.1) ######################################## # @@ -68,8 +68,8 @@ kernel_read_system_state(radiusd_t) corenet_all_recvfrom_unlabeled(radiusd_t) corenet_all_recvfrom_netlabel(radiusd_t) -corenet_tcp_sendrecv_all_if(radiusd_t) -corenet_udp_sendrecv_all_if(radiusd_t) +corenet_tcp_sendrecv_generic_if(radiusd_t) +corenet_udp_sendrecv_generic_if(radiusd_t) corenet_tcp_sendrecv_all_nodes(radiusd_t) corenet_udp_sendrecv_all_nodes(radiusd_t) corenet_tcp_sendrecv_all_ports(radiusd_t) diff --git a/policy/modules/services/radvd.te b/policy/modules/services/radvd.te index aef9aadb..4fd16b46 100644 --- a/policy/modules/services/radvd.te +++ b/policy/modules/services/radvd.te @@ -1,5 +1,5 @@ -policy_module(radvd, 1.10.0) +policy_module(radvd, 1.10.1) ######################################## # @@ -44,9 +44,9 @@ kernel_read_system_state(radvd_t) corenet_all_recvfrom_unlabeled(radvd_t) corenet_all_recvfrom_netlabel(radvd_t) -corenet_tcp_sendrecv_all_if(radvd_t) -corenet_udp_sendrecv_all_if(radvd_t) -corenet_raw_sendrecv_all_if(radvd_t) +corenet_tcp_sendrecv_generic_if(radvd_t) +corenet_udp_sendrecv_generic_if(radvd_t) +corenet_raw_sendrecv_generic_if(radvd_t) corenet_tcp_sendrecv_all_nodes(radvd_t) corenet_udp_sendrecv_all_nodes(radvd_t) corenet_raw_sendrecv_all_nodes(radvd_t) diff --git a/policy/modules/services/ricci.te b/policy/modules/services/ricci.te index 0bf264fb..4f2d305e 100644 --- a/policy/modules/services/ricci.te +++ b/policy/modules/services/ricci.te @@ -1,5 +1,5 @@ -policy_module(ricci, 1.5.0) +policy_module(ricci, 1.5.1) ######################################## # @@ -122,7 +122,7 @@ corecmd_exec_bin(ricci_t) corenet_all_recvfrom_unlabeled(ricci_t) corenet_all_recvfrom_netlabel(ricci_t) -corenet_tcp_sendrecv_all_if(ricci_t) +corenet_tcp_sendrecv_generic_if(ricci_t) corenet_tcp_sendrecv_all_nodes(ricci_t) corenet_tcp_sendrecv_all_ports(ricci_t) corenet_tcp_bind_all_nodes(ricci_t) @@ -281,7 +281,7 @@ kernel_read_system_state(ricci_modclusterd_t) corecmd_exec_bin(ricci_modclusterd_t) -corenet_tcp_sendrecv_all_if(ricci_modclusterd_t) +corenet_tcp_sendrecv_generic_if(ricci_modclusterd_t) corenet_tcp_sendrecv_all_ports(ricci_modclusterd_t) corenet_tcp_bind_all_nodes(ricci_modclusterd_t) corenet_tcp_bind_ricci_modcluster_port(ricci_modclusterd_t) diff --git a/policy/modules/services/rlogin.te b/policy/modules/services/rlogin.te index e994c22f..07818efc 100644 --- a/policy/modules/services/rlogin.te +++ b/policy/modules/services/rlogin.te @@ -1,5 +1,5 @@ -policy_module(rlogin, 1.8.0) +policy_module(rlogin, 1.8.1) ######################################## # @@ -52,8 +52,8 @@ kernel_read_network_state(rlogind_t) corenet_all_recvfrom_unlabeled(rlogind_t) corenet_all_recvfrom_netlabel(rlogind_t) -corenet_tcp_sendrecv_all_if(rlogind_t) -corenet_udp_sendrecv_all_if(rlogind_t) +corenet_tcp_sendrecv_generic_if(rlogind_t) +corenet_udp_sendrecv_generic_if(rlogind_t) corenet_tcp_sendrecv_all_nodes(rlogind_t) corenet_udp_sendrecv_all_nodes(rlogind_t) corenet_tcp_sendrecv_all_ports(rlogind_t) diff --git a/policy/modules/services/rpc.if b/policy/modules/services/rpc.if index cc2227dd..56238e60 100644 --- a/policy/modules/services/rpc.if +++ b/policy/modules/services/rpc.if @@ -71,8 +71,8 @@ template(`rpc_domain_template', ` corenet_all_recvfrom_unlabeled($1_t) corenet_all_recvfrom_netlabel($1_t) - corenet_tcp_sendrecv_all_if($1_t) - corenet_udp_sendrecv_all_if($1_t) + corenet_tcp_sendrecv_generic_if($1_t) + corenet_udp_sendrecv_generic_if($1_t) corenet_tcp_sendrecv_all_nodes($1_t) corenet_udp_sendrecv_all_nodes($1_t) corenet_tcp_sendrecv_all_ports($1_t) diff --git a/policy/modules/services/rpc.te b/policy/modules/services/rpc.te index f4280224..ac7bfc73 100644 --- a/policy/modules/services/rpc.te +++ b/policy/modules/services/rpc.te @@ -1,5 +1,5 @@ -policy_module(rpc, 1.10.0) +policy_module(rpc, 1.10.1) ######################################## # diff --git a/policy/modules/services/rpcbind.te b/policy/modules/services/rpcbind.te index 44e123f2..f1d99f4d 100644 --- a/policy/modules/services/rpcbind.te +++ b/policy/modules/services/rpcbind.te @@ -1,5 +1,5 @@ -policy_module(rpcbind, 1.3.0) +policy_module(rpcbind, 1.3.1) ######################################## # @@ -45,8 +45,8 @@ kernel_read_network_state(rpcbind_t) corenet_all_recvfrom_unlabeled(rpcbind_t) corenet_all_recvfrom_netlabel(rpcbind_t) -corenet_tcp_sendrecv_all_if(rpcbind_t) -corenet_udp_sendrecv_all_if(rpcbind_t) +corenet_tcp_sendrecv_generic_if(rpcbind_t) +corenet_udp_sendrecv_generic_if(rpcbind_t) corenet_tcp_sendrecv_all_nodes(rpcbind_t) corenet_udp_sendrecv_all_nodes(rpcbind_t) corenet_tcp_sendrecv_all_ports(rpcbind_t) diff --git a/policy/modules/services/rsync.te b/policy/modules/services/rsync.te index 96760615..9ef053a3 100644 --- a/policy/modules/services/rsync.te +++ b/policy/modules/services/rsync.te @@ -1,5 +1,5 @@ -policy_module(rsync, 1.8.0) +policy_module(rsync, 1.8.1) ######################################## # @@ -77,8 +77,8 @@ kernel_read_network_state(rsync_t) corenet_all_recvfrom_unlabeled(rsync_t) corenet_all_recvfrom_netlabel(rsync_t) -corenet_tcp_sendrecv_all_if(rsync_t) -corenet_udp_sendrecv_all_if(rsync_t) +corenet_tcp_sendrecv_generic_if(rsync_t) +corenet_udp_sendrecv_generic_if(rsync_t) corenet_tcp_sendrecv_all_nodes(rsync_t) corenet_udp_sendrecv_all_nodes(rsync_t) corenet_tcp_sendrecv_all_ports(rsync_t) diff --git a/policy/modules/services/rwho.te b/policy/modules/services/rwho.te index 4f5770e9..40a4a908 100644 --- a/policy/modules/services/rwho.te +++ b/policy/modules/services/rwho.te @@ -1,5 +1,5 @@ -policy_module(rwho, 1.5.0) +policy_module(rwho, 1.5.1) ######################################## # @@ -42,7 +42,7 @@ kernel_read_system_state(rwho_t) corenet_all_recvfrom_unlabeled(rwho_t) corenet_all_recvfrom_netlabel(rwho_t) -corenet_udp_sendrecv_all_if(rwho_t) +corenet_udp_sendrecv_generic_if(rwho_t) corenet_udp_sendrecv_all_nodes(rwho_t) corenet_udp_sendrecv_all_ports(rwho_t) corenet_udp_bind_all_nodes(rwho_t) diff --git a/policy/modules/services/samba.te b/policy/modules/services/samba.te index 4e49f085..03c93877 100644 --- a/policy/modules/services/samba.te +++ b/policy/modules/services/samba.te @@ -1,5 +1,5 @@ -policy_module(samba, 1.11.0) +policy_module(samba, 1.11.1) ################################# # @@ -173,9 +173,9 @@ kernel_read_proc_symlinks(samba_net_t) corenet_all_recvfrom_unlabeled(samba_net_t) corenet_all_recvfrom_netlabel(samba_net_t) -corenet_tcp_sendrecv_all_if(samba_net_t) -corenet_udp_sendrecv_all_if(samba_net_t) -corenet_raw_sendrecv_all_if(samba_net_t) +corenet_tcp_sendrecv_generic_if(samba_net_t) +corenet_udp_sendrecv_generic_if(samba_net_t) +corenet_raw_sendrecv_generic_if(samba_net_t) corenet_tcp_sendrecv_all_nodes(samba_net_t) corenet_udp_sendrecv_all_nodes(samba_net_t) corenet_raw_sendrecv_all_nodes(samba_net_t) @@ -271,9 +271,9 @@ corecmd_exec_bin(smbd_t) corenet_all_recvfrom_unlabeled(smbd_t) corenet_all_recvfrom_netlabel(smbd_t) -corenet_tcp_sendrecv_all_if(smbd_t) -corenet_udp_sendrecv_all_if(smbd_t) -corenet_raw_sendrecv_all_if(smbd_t) +corenet_tcp_sendrecv_generic_if(smbd_t) +corenet_udp_sendrecv_generic_if(smbd_t) +corenet_raw_sendrecv_generic_if(smbd_t) corenet_tcp_sendrecv_all_nodes(smbd_t) corenet_udp_sendrecv_all_nodes(smbd_t) corenet_raw_sendrecv_all_nodes(smbd_t) @@ -438,8 +438,8 @@ kernel_read_system_state(nmbd_t) corenet_all_recvfrom_unlabeled(nmbd_t) corenet_all_recvfrom_netlabel(nmbd_t) -corenet_tcp_sendrecv_all_if(nmbd_t) -corenet_udp_sendrecv_all_if(nmbd_t) +corenet_tcp_sendrecv_generic_if(nmbd_t) +corenet_udp_sendrecv_generic_if(nmbd_t) corenet_tcp_sendrecv_all_nodes(nmbd_t) corenet_udp_sendrecv_all_nodes(nmbd_t) corenet_tcp_sendrecv_all_ports(nmbd_t) @@ -510,9 +510,9 @@ kernel_read_system_state(smbmount_t) corenet_all_recvfrom_unlabeled(smbmount_t) corenet_all_recvfrom_netlabel(smbmount_t) -corenet_tcp_sendrecv_all_if(smbmount_t) -corenet_raw_sendrecv_all_if(smbmount_t) -corenet_udp_sendrecv_all_if(smbmount_t) +corenet_tcp_sendrecv_generic_if(smbmount_t) +corenet_raw_sendrecv_generic_if(smbmount_t) +corenet_udp_sendrecv_generic_if(smbmount_t) corenet_tcp_sendrecv_all_nodes(smbmount_t) corenet_raw_sendrecv_all_nodes(smbmount_t) corenet_udp_sendrecv_all_nodes(smbmount_t) @@ -689,9 +689,9 @@ kernel_read_proc_symlinks(winbind_t) corenet_all_recvfrom_unlabeled(winbind_t) corenet_all_recvfrom_netlabel(winbind_t) -corenet_tcp_sendrecv_all_if(winbind_t) -corenet_udp_sendrecv_all_if(winbind_t) -corenet_raw_sendrecv_all_if(winbind_t) +corenet_tcp_sendrecv_generic_if(winbind_t) +corenet_udp_sendrecv_generic_if(winbind_t) +corenet_raw_sendrecv_generic_if(winbind_t) corenet_tcp_sendrecv_all_nodes(winbind_t) corenet_udp_sendrecv_all_nodes(winbind_t) corenet_raw_sendrecv_all_nodes(winbind_t) diff --git a/policy/modules/services/sasl.te b/policy/modules/services/sasl.te index efde86b5..5a084082 100644 --- a/policy/modules/services/sasl.te +++ b/policy/modules/services/sasl.te @@ -1,5 +1,5 @@ -policy_module(sasl, 1.11.0) +policy_module(sasl, 1.11.1) ######################################## # @@ -52,7 +52,7 @@ kernel_read_system_state(saslauthd_t) corenet_all_recvfrom_unlabeled(saslauthd_t) corenet_all_recvfrom_netlabel(saslauthd_t) -corenet_tcp_sendrecv_all_if(saslauthd_t) +corenet_tcp_sendrecv_generic_if(saslauthd_t) corenet_tcp_sendrecv_all_nodes(saslauthd_t) corenet_tcp_sendrecv_all_ports(saslauthd_t) corenet_tcp_connect_pop_port(saslauthd_t) diff --git a/policy/modules/services/sendmail.te b/policy/modules/services/sendmail.te index 7b8dab1f..56327e44 100644 --- a/policy/modules/services/sendmail.te +++ b/policy/modules/services/sendmail.te @@ -1,5 +1,5 @@ -policy_module(sendmail, 1.9.0) +policy_module(sendmail, 1.9.1) ######################################## # @@ -50,7 +50,7 @@ kernel_read_system_state(sendmail_t) corenet_all_recvfrom_unlabeled(sendmail_t) corenet_all_recvfrom_netlabel(sendmail_t) -corenet_tcp_sendrecv_all_if(sendmail_t) +corenet_tcp_sendrecv_generic_if(sendmail_t) corenet_tcp_sendrecv_all_nodes(sendmail_t) corenet_tcp_sendrecv_all_ports(sendmail_t) corenet_tcp_bind_all_nodes(sendmail_t) diff --git a/policy/modules/services/snmp.te b/policy/modules/services/snmp.te index 198aa445..51410373 100644 --- a/policy/modules/services/snmp.te +++ b/policy/modules/services/snmp.te @@ -1,5 +1,5 @@ -policy_module(snmp, 1.9.0) +policy_module(snmp, 1.9.1) ######################################## # @@ -60,8 +60,8 @@ corecmd_exec_shell(snmpd_t) corenet_all_recvfrom_unlabeled(snmpd_t) corenet_all_recvfrom_netlabel(snmpd_t) -corenet_tcp_sendrecv_all_if(snmpd_t) -corenet_udp_sendrecv_all_if(snmpd_t) +corenet_tcp_sendrecv_generic_if(snmpd_t) +corenet_udp_sendrecv_generic_if(snmpd_t) corenet_tcp_sendrecv_all_nodes(snmpd_t) corenet_udp_sendrecv_all_nodes(snmpd_t) corenet_tcp_sendrecv_all_ports(snmpd_t) diff --git a/policy/modules/services/spamassassin.te b/policy/modules/services/spamassassin.te index e3fba140..3242f183 100644 --- a/policy/modules/services/spamassassin.te +++ b/policy/modules/services/spamassassin.te @@ -1,5 +1,5 @@ -policy_module(spamassassin, 2.1.0) +policy_module(spamassassin, 2.1.1) ######################################## # @@ -340,8 +340,8 @@ kernel_read_system_state(spamd_t) corenet_all_recvfrom_unlabeled(spamd_t) corenet_all_recvfrom_netlabel(spamd_t) -corenet_tcp_sendrecv_all_if(spamd_t) -corenet_udp_sendrecv_all_if(spamd_t) +corenet_tcp_sendrecv_generic_if(spamd_t) +corenet_udp_sendrecv_generic_if(spamd_t) corenet_tcp_sendrecv_all_nodes(spamd_t) corenet_udp_sendrecv_all_nodes(spamd_t) corenet_tcp_sendrecv_all_ports(spamd_t) diff --git a/policy/modules/services/squid.te b/policy/modules/services/squid.te index 2ce5fd29..15b5e2a6 100644 --- a/policy/modules/services/squid.te +++ b/policy/modules/services/squid.te @@ -1,5 +1,5 @@ -policy_module(squid, 1.8.0) +policy_module(squid, 1.8.1) ######################################## # @@ -80,8 +80,8 @@ files_dontaudit_getattr_boot_dirs(squid_t) corenet_all_recvfrom_unlabeled(squid_t) corenet_all_recvfrom_netlabel(squid_t) -corenet_tcp_sendrecv_all_if(squid_t) -corenet_udp_sendrecv_all_if(squid_t) +corenet_tcp_sendrecv_generic_if(squid_t) +corenet_udp_sendrecv_generic_if(squid_t) corenet_tcp_sendrecv_all_nodes(squid_t) corenet_udp_sendrecv_all_nodes(squid_t) corenet_tcp_sendrecv_all_ports(squid_t) diff --git a/policy/modules/services/ssh.if b/policy/modules/services/ssh.if index 545f5b0f..e3a269f0 100644 --- a/policy/modules/services/ssh.if +++ b/policy/modules/services/ssh.if @@ -110,7 +110,7 @@ template(`ssh_basic_client_template',` corenet_all_recvfrom_unlabeled($1_ssh_t) corenet_all_recvfrom_netlabel($1_ssh_t) - corenet_tcp_sendrecv_all_if($1_ssh_t) + corenet_tcp_sendrecv_generic_if($1_ssh_t) corenet_tcp_sendrecv_all_nodes($1_ssh_t) corenet_tcp_sendrecv_all_ports($1_ssh_t) corenet_tcp_connect_ssh_port($1_ssh_t) @@ -217,9 +217,9 @@ template(`ssh_server_template', ` corenet_all_recvfrom_unlabeled($1_t) corenet_all_recvfrom_netlabel($1_t) - corenet_tcp_sendrecv_all_if($1_t) - corenet_udp_sendrecv_all_if($1_t) - corenet_raw_sendrecv_all_if($1_t) + corenet_tcp_sendrecv_generic_if($1_t) + corenet_udp_sendrecv_generic_if($1_t) + corenet_raw_sendrecv_generic_if($1_t) corenet_tcp_sendrecv_all_nodes($1_t) corenet_udp_sendrecv_all_nodes($1_t) corenet_raw_sendrecv_all_nodes($1_t) diff --git a/policy/modules/services/ssh.te b/policy/modules/services/ssh.te index f192d2ce..3b93c886 100644 --- a/policy/modules/services/ssh.te +++ b/policy/modules/services/ssh.te @@ -1,5 +1,5 @@ -policy_module(ssh, 2.0.0) +policy_module(ssh, 2.0.1) ######################################## # @@ -134,7 +134,7 @@ kernel_read_kernel_sysctls(ssh_t) corenet_all_recvfrom_unlabeled(ssh_t) corenet_all_recvfrom_netlabel(ssh_t) -corenet_tcp_sendrecv_all_if(ssh_t) +corenet_tcp_sendrecv_generic_if(ssh_t) corenet_tcp_sendrecv_all_nodes(ssh_t) corenet_tcp_sendrecv_all_ports(ssh_t) corenet_tcp_connect_ssh_port(ssh_t) diff --git a/policy/modules/services/stunnel.te b/policy/modules/services/stunnel.te index 8a4d5841..02ff4a99 100644 --- a/policy/modules/services/stunnel.te +++ b/policy/modules/services/stunnel.te @@ -1,5 +1,5 @@ -policy_module(stunnel, 1.8.0) +policy_module(stunnel, 1.8.1) ######################################## # @@ -56,8 +56,8 @@ kernel_read_network_state(stunnel_t) corenet_all_recvfrom_unlabeled(stunnel_t) corenet_all_recvfrom_netlabel(stunnel_t) -corenet_tcp_sendrecv_all_if(stunnel_t) -corenet_udp_sendrecv_all_if(stunnel_t) +corenet_tcp_sendrecv_generic_if(stunnel_t) +corenet_udp_sendrecv_generic_if(stunnel_t) corenet_tcp_sendrecv_all_nodes(stunnel_t) corenet_udp_sendrecv_all_nodes(stunnel_t) corenet_tcp_sendrecv_all_ports(stunnel_t) diff --git a/policy/modules/services/tcpd.te b/policy/modules/services/tcpd.te index 3868017c..99063323 100644 --- a/policy/modules/services/tcpd.te +++ b/policy/modules/services/tcpd.te @@ -1,5 +1,5 @@ -policy_module(tcpd, 1.3.0) +policy_module(tcpd, 1.3.1) ######################################## # @@ -25,7 +25,7 @@ files_tmp_filetrans(tcpd_t, tcpd_tmp_t, { file dir }) corenet_all_recvfrom_unlabeled(tcpd_t) corenet_all_recvfrom_netlabel(tcpd_t) -corenet_tcp_sendrecv_all_if(tcpd_t) +corenet_tcp_sendrecv_generic_if(tcpd_t) corenet_tcp_sendrecv_all_nodes(tcpd_t) corenet_tcp_sendrecv_all_ports(tcpd_t) diff --git a/policy/modules/services/telnet.te b/policy/modules/services/telnet.te index af59a91f..a97a1d7c 100644 --- a/policy/modules/services/telnet.te +++ b/policy/modules/services/telnet.te @@ -1,5 +1,5 @@ -policy_module(telnet, 1.8.0) +policy_module(telnet, 1.8.1) ######################################## # @@ -50,8 +50,8 @@ kernel_read_network_state(telnetd_t) corenet_all_recvfrom_unlabeled(telnetd_t) corenet_all_recvfrom_netlabel(telnetd_t) -corenet_tcp_sendrecv_all_if(telnetd_t) -corenet_udp_sendrecv_all_if(telnetd_t) +corenet_tcp_sendrecv_generic_if(telnetd_t) +corenet_udp_sendrecv_generic_if(telnetd_t) corenet_tcp_sendrecv_all_nodes(telnetd_t) corenet_udp_sendrecv_all_nodes(telnetd_t) corenet_tcp_sendrecv_all_ports(telnetd_t) diff --git a/policy/modules/services/tftp.te b/policy/modules/services/tftp.te index b1a65d64..d4f9217f 100644 --- a/policy/modules/services/tftp.te +++ b/policy/modules/services/tftp.te @@ -1,5 +1,5 @@ -policy_module(tftp, 1.10.0) +policy_module(tftp, 1.10.1) ######################################## # @@ -56,8 +56,8 @@ kernel_read_proc_symlinks(tftpd_t) corenet_all_recvfrom_unlabeled(tftpd_t) corenet_all_recvfrom_netlabel(tftpd_t) -corenet_tcp_sendrecv_all_if(tftpd_t) -corenet_udp_sendrecv_all_if(tftpd_t) +corenet_tcp_sendrecv_generic_if(tftpd_t) +corenet_udp_sendrecv_generic_if(tftpd_t) corenet_tcp_sendrecv_all_nodes(tftpd_t) corenet_udp_sendrecv_all_nodes(tftpd_t) corenet_tcp_sendrecv_all_ports(tftpd_t) diff --git a/policy/modules/services/tor.te b/policy/modules/services/tor.te index b569025d..85dd2e14 100644 --- a/policy/modules/services/tor.te +++ b/policy/modules/services/tor.te @@ -1,5 +1,5 @@ -policy_module(tor, 1.5.0) +policy_module(tor, 1.5.1) ######################################## # @@ -69,7 +69,7 @@ kernel_read_system_state(tor_t) # networking basics corenet_all_recvfrom_unlabeled(tor_t) corenet_all_recvfrom_netlabel(tor_t) -corenet_tcp_sendrecv_all_if(tor_t) +corenet_tcp_sendrecv_generic_if(tor_t) corenet_tcp_sendrecv_all_nodes(tor_t) corenet_tcp_sendrecv_all_ports(tor_t) corenet_tcp_sendrecv_all_reserved_ports(tor_t) diff --git a/policy/modules/services/ucspitcp.te b/policy/modules/services/ucspitcp.te index c99ff2df..80064b17 100644 --- a/policy/modules/services/ucspitcp.te +++ b/policy/modules/services/ucspitcp.te @@ -1,5 +1,5 @@ -policy_module(ucspitcp, 1.2.0) +policy_module(ucspitcp, 1.2.1) ######################################## # @@ -27,8 +27,8 @@ corecmd_search_bin(rblsmtpd_t) corenet_all_recvfrom_unlabeled(rblsmtpd_t) corenet_all_recvfrom_netlabel(rblsmtpd_t) -corenet_tcp_sendrecv_all_if(rblsmtpd_t) -corenet_udp_sendrecv_all_if(rblsmtpd_t) +corenet_tcp_sendrecv_generic_if(rblsmtpd_t) +corenet_udp_sendrecv_generic_if(rblsmtpd_t) corenet_tcp_sendrecv_all_nodes(rblsmtpd_t) corenet_udp_sendrecv_all_nodes(rblsmtpd_t) corenet_tcp_sendrecv_all_ports(rblsmtpd_t) @@ -58,8 +58,8 @@ corecmd_search_bin(ucspitcp_t) # base networking: corenet_all_recvfrom_unlabeled(ucspitcp_t) corenet_all_recvfrom_netlabel(ucspitcp_t) -corenet_tcp_sendrecv_all_if(ucspitcp_t) -corenet_udp_sendrecv_all_if(ucspitcp_t) +corenet_tcp_sendrecv_generic_if(ucspitcp_t) +corenet_udp_sendrecv_generic_if(ucspitcp_t) corenet_tcp_sendrecv_all_nodes(ucspitcp_t) corenet_udp_sendrecv_all_nodes(ucspitcp_t) corenet_tcp_sendrecv_all_ports(ucspitcp_t) diff --git a/policy/modules/services/uucp.te b/policy/modules/services/uucp.te index cedb230d..bcd99fe5 100644 --- a/policy/modules/services/uucp.te +++ b/policy/modules/services/uucp.te @@ -1,5 +1,5 @@ -policy_module(uucp, 1.9.0) +policy_module(uucp, 1.9.1) ######################################## # @@ -71,8 +71,8 @@ kernel_read_network_state(uucpd_t) corenet_all_recvfrom_unlabeled(uucpd_t) corenet_all_recvfrom_netlabel(uucpd_t) -corenet_tcp_sendrecv_all_if(uucpd_t) -corenet_udp_sendrecv_all_if(uucpd_t) +corenet_tcp_sendrecv_generic_if(uucpd_t) +corenet_udp_sendrecv_generic_if(uucpd_t) corenet_tcp_sendrecv_all_nodes(uucpd_t) corenet_udp_sendrecv_all_nodes(uucpd_t) corenet_tcp_sendrecv_all_ports(uucpd_t) diff --git a/policy/modules/services/virt.te b/policy/modules/services/virt.te index d81a71c0..3f583fa0 100644 --- a/policy/modules/services/virt.te +++ b/policy/modules/services/virt.te @@ -1,5 +1,5 @@ -policy_module(virt, 1.1.0) +policy_module(virt, 1.1.1) ######################################## # @@ -92,7 +92,7 @@ corecmd_exec_shell(virtd_t) corenet_all_recvfrom_unlabeled(virtd_t) corenet_all_recvfrom_netlabel(virtd_t) -corenet_tcp_sendrecv_all_if(virtd_t) +corenet_tcp_sendrecv_generic_if(virtd_t) corenet_tcp_sendrecv_all_nodes(virtd_t) corenet_tcp_sendrecv_all_ports(virtd_t) corenet_tcp_bind_all_nodes(virtd_t) diff --git a/policy/modules/services/zebra.te b/policy/modules/services/zebra.te index 70973dc5..f3560d3f 100644 --- a/policy/modules/services/zebra.te +++ b/policy/modules/services/zebra.te @@ -1,5 +1,5 @@ -policy_module(zebra, 1.9.0) +policy_module(zebra, 1.9.1) ######################################## # @@ -73,9 +73,9 @@ kernel_rw_net_sysctls(zebra_t) corenet_all_recvfrom_unlabeled(zebra_t) corenet_all_recvfrom_netlabel(zebra_t) -corenet_tcp_sendrecv_all_if(zebra_t) -corenet_udp_sendrecv_all_if(zebra_t) -corenet_raw_sendrecv_all_if(zebra_t) +corenet_tcp_sendrecv_generic_if(zebra_t) +corenet_udp_sendrecv_generic_if(zebra_t) +corenet_raw_sendrecv_generic_if(zebra_t) corenet_tcp_sendrecv_all_nodes(zebra_t) corenet_udp_sendrecv_all_nodes(zebra_t) corenet_raw_sendrecv_all_nodes(zebra_t) diff --git a/policy/modules/system/hotplug.te b/policy/modules/system/hotplug.te index 2d485018..89ddf79f 100644 --- a/policy/modules/system/hotplug.te +++ b/policy/modules/system/hotplug.te @@ -1,5 +1,5 @@ -policy_module(hotplug, 1.11.0) +policy_module(hotplug, 1.11.1) ######################################## # @@ -53,8 +53,8 @@ files_read_kernel_modules(hotplug_t) corenet_all_recvfrom_unlabeled(hotplug_t) corenet_all_recvfrom_netlabel(hotplug_t) -corenet_tcp_sendrecv_all_if(hotplug_t) -corenet_udp_sendrecv_all_if(hotplug_t) +corenet_tcp_sendrecv_generic_if(hotplug_t) +corenet_udp_sendrecv_generic_if(hotplug_t) corenet_tcp_sendrecv_all_nodes(hotplug_t) corenet_udp_sendrecv_all_nodes(hotplug_t) corenet_tcp_sendrecv_all_ports(hotplug_t) diff --git a/policy/modules/system/iscsi.te b/policy/modules/system/iscsi.te index 0619aa4b..79724e12 100644 --- a/policy/modules/system/iscsi.te +++ b/policy/modules/system/iscsi.te @@ -1,5 +1,5 @@ -policy_module(iscsi, 1.5.0) +policy_module(iscsi, 1.5.1) ######################################## # @@ -58,7 +58,7 @@ kernel_read_system_state(iscsid_t) corenet_all_recvfrom_unlabeled(iscsid_t) corenet_all_recvfrom_netlabel(iscsid_t) -corenet_tcp_sendrecv_all_if(iscsid_t) +corenet_tcp_sendrecv_generic_if(iscsid_t) corenet_tcp_sendrecv_all_nodes(iscsid_t) corenet_tcp_sendrecv_all_ports(iscsid_t) corenet_tcp_connect_http_port(iscsid_t) diff --git a/policy/modules/system/logging.te b/policy/modules/system/logging.te index f390ac8c..8e9c692c 100644 --- a/policy/modules/system/logging.te +++ b/policy/modules/system/logging.te @@ -1,5 +1,5 @@ -policy_module(logging, 1.13.0) +policy_module(logging, 1.13.1) ######################################## # @@ -249,7 +249,7 @@ allow audisp_remote_t self:tcp_socket create_socket_perms; corenet_all_recvfrom_unlabeled(audisp_remote_t) corenet_all_recvfrom_netlabel(audisp_remote_t) -corenet_tcp_sendrecv_all_if(audisp_remote_t) +corenet_tcp_sendrecv_generic_if(audisp_remote_t) corenet_tcp_sendrecv_all_nodes(audisp_remote_t) corenet_tcp_connect_audit_port(audisp_remote_t) corenet_sendrecv_audit_client_packets(audisp_remote_t) @@ -379,13 +379,13 @@ kernel_change_ring_buffer_level(syslogd_t) corenet_all_recvfrom_unlabeled(syslogd_t) corenet_all_recvfrom_netlabel(syslogd_t) -corenet_udp_sendrecv_all_if(syslogd_t) +corenet_udp_sendrecv_generic_if(syslogd_t) corenet_udp_sendrecv_all_nodes(syslogd_t) corenet_udp_sendrecv_all_ports(syslogd_t) corenet_udp_bind_all_nodes(syslogd_t) corenet_udp_bind_syslogd_port(syslogd_t) # syslog-ng can listen and connect on tcp port 514 (rsh) -corenet_tcp_sendrecv_all_if(syslogd_t) +corenet_tcp_sendrecv_generic_if(syslogd_t) corenet_tcp_sendrecv_all_nodes(syslogd_t) corenet_tcp_sendrecv_all_ports(syslogd_t) corenet_tcp_bind_all_nodes(syslogd_t) diff --git a/policy/modules/system/lvm.te b/policy/modules/system/lvm.te index d4299834..59634058 100644 --- a/policy/modules/system/lvm.te +++ b/policy/modules/system/lvm.te @@ -1,5 +1,5 @@ -policy_module(lvm, 1.10.0) +policy_module(lvm, 1.10.1) ######################################## # @@ -71,9 +71,9 @@ corecmd_getattr_bin_files(clvmd_t) corenet_all_recvfrom_unlabeled(clvmd_t) corenet_all_recvfrom_netlabel(clvmd_t) -corenet_tcp_sendrecv_all_if(clvmd_t) -corenet_udp_sendrecv_all_if(clvmd_t) -corenet_raw_sendrecv_all_if(clvmd_t) +corenet_tcp_sendrecv_generic_if(clvmd_t) +corenet_udp_sendrecv_generic_if(clvmd_t) +corenet_raw_sendrecv_generic_if(clvmd_t) corenet_tcp_sendrecv_all_nodes(clvmd_t) corenet_udp_sendrecv_all_nodes(clvmd_t) corenet_raw_sendrecv_all_nodes(clvmd_t) diff --git a/policy/modules/system/sysnetwork.if b/policy/modules/system/sysnetwork.if index 4c170590..3a3de4d1 100644 --- a/policy/modules/system/sysnetwork.if +++ b/policy/modules/system/sysnetwork.if @@ -546,8 +546,8 @@ interface(`sysnet_dns_name_resolve',` corenet_all_recvfrom_unlabeled($1) corenet_all_recvfrom_netlabel($1) - corenet_tcp_sendrecv_all_if($1) - corenet_udp_sendrecv_all_if($1) + corenet_tcp_sendrecv_generic_if($1) + corenet_udp_sendrecv_generic_if($1) corenet_tcp_sendrecv_all_nodes($1) corenet_udp_sendrecv_all_nodes($1) corenet_tcp_sendrecv_dns_port($1) @@ -578,7 +578,7 @@ interface(`sysnet_use_ldap',` corenet_all_recvfrom_unlabeled($1) corenet_all_recvfrom_netlabel($1) - corenet_tcp_sendrecv_all_if($1) + corenet_tcp_sendrecv_generic_if($1) corenet_tcp_sendrecv_all_nodes($1) corenet_tcp_sendrecv_ldap_port($1) corenet_tcp_connect_ldap_port($1) @@ -608,8 +608,8 @@ interface(`sysnet_use_portmap',` corenet_all_recvfrom_unlabeled($1) corenet_all_recvfrom_netlabel($1) - corenet_tcp_sendrecv_all_if($1) - corenet_udp_sendrecv_all_if($1) + corenet_tcp_sendrecv_generic_if($1) + corenet_udp_sendrecv_generic_if($1) corenet_tcp_sendrecv_all_nodes($1) corenet_udp_sendrecv_all_nodes($1) corenet_tcp_sendrecv_portmap_port($1) diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te index 38cac8fa..6106bc90 100644 --- a/policy/modules/system/sysnetwork.te +++ b/policy/modules/system/sysnetwork.te @@ -1,5 +1,5 @@ -policy_module(sysnetwork, 1.9.0) +policy_module(sysnetwork, 1.9.1) ######################################## # diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if index b1d572a2..12c5714e 100644 --- a/policy/modules/system/userdomain.if +++ b/policy/modules/system/userdomain.if @@ -389,8 +389,8 @@ template(`userdom_basic_networking_template',` corenet_all_recvfrom_unlabeled($1_t) corenet_all_recvfrom_netlabel($1_t) - corenet_tcp_sendrecv_all_if($1_t) - corenet_udp_sendrecv_all_if($1_t) + corenet_tcp_sendrecv_generic_if($1_t) + corenet_udp_sendrecv_generic_if($1_t) corenet_tcp_sendrecv_all_nodes($1_t) corenet_udp_sendrecv_all_nodes($1_t) corenet_tcp_sendrecv_all_ports($1_t) diff --git a/policy/modules/system/userdomain.te b/policy/modules/system/userdomain.te index 7032a4d2..b8a4b5f3 100644 --- a/policy/modules/system/userdomain.te +++ b/policy/modules/system/userdomain.te @@ -1,5 +1,5 @@ -policy_module(userdomain, 4.1.0) +policy_module(userdomain, 4.1.1) ######################################## # diff --git a/policy/modules/system/xen.te b/policy/modules/system/xen.te index 740dec9b..5db33f36 100644 --- a/policy/modules/system/xen.te +++ b/policy/modules/system/xen.te @@ -1,5 +1,5 @@ -policy_module(xen, 1.8.0) +policy_module(xen, 1.8.1) ######################################## # @@ -141,7 +141,7 @@ corecmd_exec_shell(xend_t) corenet_all_recvfrom_unlabeled(xend_t) corenet_all_recvfrom_netlabel(xend_t) -corenet_tcp_sendrecv_all_if(xend_t) +corenet_tcp_sendrecv_generic_if(xend_t) corenet_tcp_sendrecv_all_nodes(xend_t) corenet_tcp_sendrecv_all_ports(xend_t) corenet_tcp_bind_all_nodes(xend_t)