From 892266ca76fd22c770d6b1b82398b9e32e39cae7 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Tue, 19 Jul 2005 20:26:02 +0000
Subject: [PATCH] more targeted policy fixes

---
 refpolicy/policy/modules/system/hotplug.te  | 4 +---
 refpolicy/policy/modules/system/init.te     | 1 +
 refpolicy/policy/modules/system/modutils.te | 4 ++++
 refpolicy/policy/modules/system/udev.te     | 4 ++++
 4 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/refpolicy/policy/modules/system/hotplug.te b/refpolicy/policy/modules/system/hotplug.te
index 38fff3c5..8991f7de 100644
--- a/refpolicy/policy/modules/system/hotplug.te
+++ b/refpolicy/policy/modules/system/hotplug.te
@@ -123,9 +123,7 @@ ifdef(`distro_redhat', `
 ')
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_unallocated_tty(hotplug_t)
-	term_dontaudit_use_generic_pty(hotplug_t)
-	files_dontaudit_read_root_file(hotplug_t)
+	unconfined_domain_template(hotplug_t)
 ')
 
 optional_policy(`consoletype.te',`
diff --git a/refpolicy/policy/modules/system/init.te b/refpolicy/policy/modules/system/init.te
index ae540494..5d9b6db3 100644
--- a/refpolicy/policy/modules/system/init.te
+++ b/refpolicy/policy/modules/system/init.te
@@ -359,6 +359,7 @@ ifdef(`distro_redhat',`
 ')
 
 ifdef(`targeted_policy',`
+	unconfined_domain_template(initrc_t)
 	unconfined_shell_domtrans(initrc_t)
 ')
 
diff --git a/refpolicy/policy/modules/system/modutils.te b/refpolicy/policy/modules/system/modutils.te
index 1309fada..7c999855 100644
--- a/refpolicy/policy/modules/system/modutils.te
+++ b/refpolicy/policy/modules/system/modutils.te
@@ -107,6 +107,10 @@ ifdef(`hide_broken_symptoms',`
 	dev_dontaudit_rw_cardmgr(insmod_t)
 ')
 
+ifdef(`tunable_policy',`
+	unconfined_domain_template(insmod_t)
+')
+
 optional_policy(`mount.te',`
 	mount_domtrans(insmod_t)
 ')
diff --git a/refpolicy/policy/modules/system/udev.te b/refpolicy/policy/modules/system/udev.te
index aaa51ce6..e0169f3e 100644
--- a/refpolicy/policy/modules/system/udev.te
+++ b/refpolicy/policy/modules/system/udev.te
@@ -135,6 +135,10 @@ ifdef(`distro_redhat',`
 	netutils_domtrans(udev_t)
 ')
 
+ifdef(`targeted_policy',`
+	unconfined_domain_template(udev_t)
+')
+
 optional_policy(`authlogin.te',`
 	auth_read_pam_console_data(udev_t)
 	auth_domtrans_pam_console(udev_t)