From 932c3536f81e5cc6bd6dcca9175d393524336134 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Tue, 4 Nov 2008 14:37:05 +0000
Subject: [PATCH] trunk: additional open fixes.

---
 policy/modules/system/authlogin.if   | 4 ++--
 policy/modules/system/authlogin.te   | 2 +-
 policy/modules/system/selinuxutil.if | 6 +++---
 policy/modules/system/selinuxutil.te | 2 +-
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/policy/modules/system/authlogin.if b/policy/modules/system/authlogin.if
index 0a125870..cdda011a 100644
--- a/policy/modules/system/authlogin.if
+++ b/policy/modules/system/authlogin.if
@@ -104,7 +104,7 @@ template(`authlogin_per_role_template',`
 	role $3 types $1_chkpwd_t;
 	role $3 types system_chkpwd_t;
 
-	dontaudit $2 shadow_t:file { getattr read };
+	dontaudit $2 shadow_t:file read_file_perms;
 
 	# Transition from the user domain to this domain.
 	domtrans_pattern($2,chkpwd_exec_t,$1_chkpwd_t)
@@ -562,7 +562,7 @@ interface(`auth_dontaudit_read_shadow',`
 		type shadow_t;
 	')
 
-	dontaudit $1 shadow_t:file { getattr read };
+	dontaudit $1 shadow_t:file read_file_perms;
 ')
 
 ########################################
diff --git a/policy/modules/system/authlogin.te b/policy/modules/system/authlogin.te
index 61917313..b4c998ff 100644
--- a/policy/modules/system/authlogin.te
+++ b/policy/modules/system/authlogin.te
@@ -1,5 +1,5 @@
 
-policy_module(authlogin, 1.11.0)
+policy_module(authlogin, 1.11.1)
 
 ########################################
 #
diff --git a/policy/modules/system/selinuxutil.if b/policy/modules/system/selinuxutil.if
index e142824a..7364a6e1 100644
--- a/policy/modules/system/selinuxutil.if
+++ b/policy/modules/system/selinuxutil.if
@@ -589,7 +589,7 @@ interface(`seutil_dontaudit_search_config',`
 		type selinux_config_t;
 	')
 
-	dontaudit $1 selinux_config_t:dir search;
+	dontaudit $1 selinux_config_t:dir search_dir_perms;
 ')
 
 ########################################
@@ -608,8 +608,8 @@ interface(`seutil_dontaudit_read_config',`
 		type selinux_config_t;
 	')
 
-	dontaudit $1 selinux_config_t:dir search;
-	dontaudit $1 selinux_config_t:file { getattr read };
+	dontaudit $1 selinux_config_t:dir search_dir_perms;
+	dontaudit $1 selinux_config_t:file read_file_perms;
 ')
 
 ########################################
diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
index 5c4c4547..dbbfadd6 100644
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@@ -1,5 +1,5 @@
 
-policy_module(selinuxutil, 1.11.0)
+policy_module(selinuxutil, 1.11.1)
 
 gen_require(`
 	bool secure_mode;