From 9cf29c17e3ece6fc1e09cc0b48acdf116c33d804 Mon Sep 17 00:00:00 2001 From: Miroslav Grepl Date: Tue, 12 Jul 2011 10:47:58 +0200 Subject: [PATCH] Remove duplicate declaration in ABRT --- policy-F16.patch | 39 ++++++++++++++++----------------------- 1 file changed, 16 insertions(+), 23 deletions(-) diff --git a/policy-F16.patch b/policy-F16.patch index e2cd7821..3556157e 100644 --- a/policy-F16.patch +++ b/policy-F16.patch @@ -18974,7 +18974,7 @@ index 0b827c5..7382308 100644 + read_lnk_files_pattern($1, abrt_retrace_cache_t, abrt_retrace_cache_t) +') diff --git a/policy/modules/services/abrt.te b/policy/modules/services/abrt.te -index 30861ec..a7f44c9 100644 +index 30861ec..ffe6d41 100644 --- a/policy/modules/services/abrt.te +++ b/policy/modules/services/abrt.te @@ -5,6 +5,14 @@ policy_module(abrt, 1.2.0) @@ -18992,14 +18992,7 @@ index 30861ec..a7f44c9 100644 type abrt_t; type abrt_exec_t; init_daemon_domain(abrt_t, abrt_exec_t) -@@ -37,20 +45,44 @@ files_pid_file(abrt_var_run_t) - type abrt_helper_t; - type abrt_helper_exec_t; - application_domain(abrt_helper_t, abrt_helper_exec_t) -+init_system_domain(abrt_helper_t, abrt_helper_exec_t) - role system_r types abrt_helper_t; - - ifdef(`enable_mcs',` +@@ -43,14 +51,37 @@ ifdef(`enable_mcs',` init_ranged_daemon_domain(abrt_t, abrt_exec_t, s0 - mcs_systemhigh) ') @@ -19039,7 +19032,7 @@ index 30861ec..a7f44c9 100644 allow abrt_t self:fifo_file rw_fifo_file_perms; allow abrt_t self:tcp_socket create_stream_socket_perms; -@@ -59,6 +91,7 @@ allow abrt_t self:unix_dgram_socket create_socket_perms; +@@ -59,6 +90,7 @@ allow abrt_t self:unix_dgram_socket create_socket_perms; allow abrt_t self:netlink_route_socket r_netlink_socket_perms; # abrt etc files @@ -19047,7 +19040,7 @@ index 30861ec..a7f44c9 100644 rw_files_pattern(abrt_t, abrt_etc_t, abrt_etc_t) # log file -@@ -69,6 +102,7 @@ logging_log_filetrans(abrt_t, abrt_var_log_t, file) +@@ -69,6 +101,7 @@ logging_log_filetrans(abrt_t, abrt_var_log_t, file) manage_dirs_pattern(abrt_t, abrt_tmp_t, abrt_tmp_t) manage_files_pattern(abrt_t, abrt_tmp_t, abrt_tmp_t) files_tmp_filetrans(abrt_t, abrt_tmp_t, { file dir }) @@ -19055,7 +19048,7 @@ index 30861ec..a7f44c9 100644 # abrt var/cache files manage_files_pattern(abrt_t, abrt_var_cache_t, abrt_var_cache_t) -@@ -82,7 +116,7 @@ manage_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t) +@@ -82,7 +115,7 @@ manage_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t) manage_dirs_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t) manage_sock_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t) manage_lnk_files_pattern(abrt_t, abrt_var_run_t, abrt_var_run_t) @@ -19064,7 +19057,7 @@ index 30861ec..a7f44c9 100644 kernel_read_ring_buffer(abrt_t) kernel_read_system_state(abrt_t) -@@ -104,6 +138,7 @@ corenet_tcp_connect_all_ports(abrt_t) +@@ -104,6 +137,7 @@ corenet_tcp_connect_all_ports(abrt_t) corenet_sendrecv_http_client_packets(abrt_t) dev_getattr_all_chr_files(abrt_t) @@ -19072,7 +19065,7 @@ index 30861ec..a7f44c9 100644 dev_read_urand(abrt_t) dev_rw_sysfs(abrt_t) dev_dontaudit_read_raw_memory(abrt_t) -@@ -113,7 +148,8 @@ domain_read_all_domains_state(abrt_t) +@@ -113,7 +147,8 @@ domain_read_all_domains_state(abrt_t) domain_signull_all_domains(abrt_t) files_getattr_all_files(abrt_t) @@ -19082,7 +19075,7 @@ index 30861ec..a7f44c9 100644 files_read_var_symlinks(abrt_t) files_read_var_lib_files(abrt_t) files_read_usr_files(abrt_t) -@@ -121,6 +157,8 @@ files_read_generic_tmp_files(abrt_t) +@@ -121,6 +156,8 @@ files_read_generic_tmp_files(abrt_t) files_read_kernel_modules(abrt_t) files_dontaudit_list_default(abrt_t) files_dontaudit_read_default_files(abrt_t) @@ -19091,7 +19084,7 @@ index 30861ec..a7f44c9 100644 fs_list_inotifyfs(abrt_t) fs_getattr_all_fs(abrt_t) -@@ -131,7 +169,7 @@ fs_read_nfs_files(abrt_t) +@@ -131,7 +168,7 @@ fs_read_nfs_files(abrt_t) fs_read_nfs_symlinks(abrt_t) fs_search_all(abrt_t) @@ -19100,7 +19093,7 @@ index 30861ec..a7f44c9 100644 logging_read_generic_logs(abrt_t) logging_send_syslog_msg(abrt_t) -@@ -140,6 +178,16 @@ miscfiles_read_generic_certs(abrt_t) +@@ -140,6 +177,16 @@ miscfiles_read_generic_certs(abrt_t) miscfiles_read_localization(abrt_t) userdom_dontaudit_read_user_home_content_files(abrt_t) @@ -19117,7 +19110,7 @@ index 30861ec..a7f44c9 100644 optional_policy(` dbus_system_domain(abrt_t, abrt_exec_t) -@@ -150,6 +198,11 @@ optional_policy(` +@@ -150,6 +197,11 @@ optional_policy(` ') optional_policy(` @@ -19129,7 +19122,7 @@ index 30861ec..a7f44c9 100644 policykit_dbus_chat(abrt_t) policykit_domtrans_auth(abrt_t) policykit_read_lib(abrt_t) -@@ -167,6 +220,7 @@ optional_policy(` +@@ -167,6 +219,7 @@ optional_policy(` rpm_exec(abrt_t) rpm_dontaudit_manage_db(abrt_t) rpm_manage_cache(abrt_t) @@ -19137,7 +19130,7 @@ index 30861ec..a7f44c9 100644 rpm_manage_pid_files(abrt_t) rpm_read_db(abrt_t) rpm_signull(abrt_t) -@@ -178,12 +232,18 @@ optional_policy(` +@@ -178,12 +231,18 @@ optional_policy(` ') optional_policy(` @@ -19157,7 +19150,7 @@ index 30861ec..a7f44c9 100644 # allow abrt_helper_t self:capability { chown setgid sys_nice }; -@@ -200,9 +260,12 @@ files_var_filetrans(abrt_helper_t, abrt_var_cache_t, { file dir }) +@@ -200,9 +259,12 @@ files_var_filetrans(abrt_helper_t, abrt_var_cache_t, { file dir }) read_files_pattern(abrt_helper_t, abrt_var_run_t, abrt_var_run_t) read_lnk_files_pattern(abrt_helper_t, abrt_var_run_t, abrt_var_run_t) @@ -19170,7 +19163,7 @@ index 30861ec..a7f44c9 100644 fs_list_inotifyfs(abrt_helper_t) fs_getattr_all_fs(abrt_helper_t) -@@ -216,7 +279,8 @@ miscfiles_read_localization(abrt_helper_t) +@@ -216,7 +278,8 @@ miscfiles_read_localization(abrt_helper_t) term_dontaudit_use_all_ttys(abrt_helper_t) term_dontaudit_use_all_ptys(abrt_helper_t) @@ -19180,7 +19173,7 @@ index 30861ec..a7f44c9 100644 userdom_dontaudit_read_user_home_content_files(abrt_helper_t) userdom_dontaudit_read_user_tmp_files(abrt_helper_t) dev_dontaudit_read_all_blk_files(abrt_helper_t) -@@ -224,4 +288,100 @@ ifdef(`hide_broken_symptoms', ` +@@ -224,4 +287,100 @@ ifdef(`hide_broken_symptoms', ` dev_dontaudit_write_all_chr_files(abrt_helper_t) dev_dontaudit_write_all_blk_files(abrt_helper_t) fs_dontaudit_rw_anon_inodefs_files(abrt_helper_t)