Add dontaudits for init fds and console to init_daemon_domain().

Changelog

@@ -1,3 +1,4 @@
+- Add dontaudits for init fds and console to init_daemon_domain().
 - Patch to allow gpg to create user keys dir.
 - Patch to support kvmfs from Dan Walsh.
 - Patch for misc fixes in sudo from Dan Walsh.

policy/modules/services/amavis.te

@@ -1,5 +1,5 @@
 
-policy_module(amavis,1.1.0)
+policy_module(amavis,1.1.1)
 
 ########################################
 #
@@ -127,8 +127,6 @@ files_read_usr_files(amavis_t)
 
 auth_dontaudit_read_shadow(amavis_t)
 
-init_use_fds(amavis_t)
-init_use_script_ptys(amavis_t)
 init_stream_connect_script(amavis_t)
 
 libs_use_ld_so(amavis_t)

policy/modules/services/apache.te

@@ -1,5 +1,5 @@
 
-policy_module(apache,1.5.3)
+policy_module(apache,1.5.4)
 
 #
 # NOTES: 
@@ -234,8 +234,6 @@ dev_rw_crypto(httpd_t)
 fs_getattr_all_fs(httpd_t)
 fs_search_auto_mountpoints(httpd_t)
 
-term_dontaudit_use_console(httpd_t)
-
 auth_use_nsswitch(httpd_t)
 
 # execute perl
@@ -260,9 +258,6 @@ files_read_var_lib_symlinks(httpd_t)
 
 fs_search_auto_mountpoints(httpd_sys_script_t)
 
-init_use_fds(httpd_t)
-init_use_script_ptys(httpd_t)
-
 libs_use_ld_so(httpd_t)
 libs_use_shared_libs(httpd_t)
 libs_read_lib_files(httpd_t)

policy/modules/services/apm.te

@@ -1,5 +1,5 @@
 
-policy_module(apm,1.3.2)
+policy_module(apm,1.3.3)
 
 ########################################
 #
@@ -104,8 +104,6 @@ fs_dontaudit_getattr_all_sockets(apmd_t); # Excessive?
 
 selinux_search_fs(apmd_t)
 
-term_dontaudit_use_console(apmd_t)
-
 corecmd_exec_all_executables(apmd_t)
 
 domain_read_all_domains_state(apmd_t)
@@ -123,8 +121,6 @@ files_dontaudit_getattr_all_pipes(apmd_t) # Excessive?
 files_dontaudit_getattr_all_sockets(apmd_t) # Excessive?
 
 init_domtrans_script(apmd_t)
-init_use_fds(apmd_t)
-init_use_script_ptys(apmd_t)
 init_rw_utmp(apmd_t)
 init_telinit(apmd_t)
 

policy/modules/services/arpwatch.te

@@ -1,5 +1,5 @@
 
-policy_module(arpwatch,1.2.0)
+policy_module(arpwatch,1.2.1)
 
 ########################################
 #
@@ -63,8 +63,6 @@ dev_read_sysfs(arpwatch_t)
 fs_getattr_all_fs(arpwatch_t)
 fs_search_auto_mountpoints(arpwatch_t)
 
-term_dontaudit_use_console(arpwatch_t)
-
 corecmd_read_sbin_symlinks(arpwatch_t)
 
 domain_use_interactive_fds(arpwatch_t)
@@ -73,9 +71,6 @@ files_read_etc_files(arpwatch_t)
 files_read_usr_files(arpwatch_t)
 files_search_var_lib(arpwatch_t)
 
-init_use_fds(arpwatch_t)
-init_use_script_ptys(arpwatch_t)
-
 libs_use_ld_so(arpwatch_t)
 libs_use_shared_libs(arpwatch_t)
 

policy/modules/services/asterisk.te

@@ -1,5 +1,5 @@
 
-policy_module(asterisk,1.1.0)
+policy_module(asterisk,1.1.1)
 
 ########################################
 #
@@ -114,11 +114,6 @@ files_read_usr_files(asterisk_t)
 fs_getattr_all_fs(asterisk_t)
 fs_search_auto_mountpoints(asterisk_t)
 
-term_dontaudit_use_console(asterisk_t)
-
-init_use_fds(asterisk_t)
-init_use_script_ptys(asterisk_t)
-
 libs_use_ld_so(asterisk_t)
 libs_use_shared_libs(asterisk_t)
 

policy/modules/services/audioentropy.te

@@ -1,5 +1,5 @@
 
-policy_module(audio_entropy,1.0.0)
+policy_module(audio_entropy,1.0.1)
 
 ########################################
 #
@@ -37,13 +37,8 @@ dev_read_sound(entropyd_t)
 fs_getattr_all_fs(entropyd_t)
 fs_search_auto_mountpoints(entropyd_t)
 
-term_dontaudit_use_console(entropyd_t)
-
 domain_use_interactive_fds(entropyd_t)
 
-init_use_fds(entropyd_t)
-init_use_script_ptys(entropyd_t)
-
 libs_use_ld_so(entropyd_t)
 libs_use_shared_libs(entropyd_t)
 

policy/modules/services/automount.te

@@ -1,5 +1,5 @@
 
-policy_module(automount,1.4.1)
+policy_module(automount,1.4.2)
 
 ########################################
 #
@@ -125,12 +125,8 @@ fs_unmount_autofs(automount_t)
 fs_mount_autofs(automount_t)
 fs_manage_autofs_symlinks(automount_t)
 
-term_dontaudit_use_console(automount_t)
 term_dontaudit_getattr_pty_dirs(automount_t)
 
-init_use_fds(automount_t)
-init_use_script_ptys(automount_t)
-
 libs_use_ld_so(automount_t)
 libs_use_shared_libs(automount_t)
 

policy/modules/services/avahi.te

@@ -1,5 +1,5 @@
 
-policy_module(avahi,1.4.0)
+policy_module(avahi,1.4.1)
 
 ########################################
 #
@@ -58,16 +58,12 @@ dev_read_urand(avahi_t)
 fs_getattr_all_fs(avahi_t)
 fs_search_auto_mountpoints(avahi_t)
 
-term_dontaudit_use_console(avahi_t)
-
 domain_use_interactive_fds(avahi_t)
 
 files_read_etc_files(avahi_t)
 files_read_etc_runtime_files(avahi_t)
 files_read_usr_files(avahi_t)
 
-init_use_fds(avahi_t)
-init_use_script_ptys(avahi_t)
 init_signal_script(avahi_t)
 init_signull_script(avahi_t)
 

policy/modules/services/bind.te

@@ -1,5 +1,5 @@
 
-policy_module(bind,1.3.0)
+policy_module(bind,1.3.1)
 
 ########################################
 #
@@ -117,8 +117,6 @@ dev_read_rand(named_t)
 fs_getattr_all_fs(named_t)
 fs_search_auto_mountpoints(named_t)
 
-term_dontaudit_use_console(named_t)
-
 corecmd_search_sbin(named_t)
 
 dev_read_urand(named_t)
@@ -128,9 +126,6 @@ domain_use_interactive_fds(named_t)
 files_read_etc_files(named_t)
 files_read_etc_runtime_files(named_t)
 
-init_use_fds(named_t)
-init_use_script_ptys(named_t)
-
 libs_use_ld_so(named_t)
 libs_use_shared_libs(named_t)
 

policy/modules/services/bluetooth.te

@@ -1,5 +1,5 @@
 
-policy_module(bluetooth,1.4.1)
+policy_module(bluetooth,1.4.2)
 
 ########################################
 #
@@ -100,7 +100,6 @@ fs_getattr_all_fs(bluetooth_t)
 fs_search_auto_mountpoints(bluetooth_t)
 fs_search_inotifyfs(bluetooth_t)
 
-term_dontaudit_use_console(bluetooth_t)
 #Handle bluetooth serial devices
 term_use_unallocated_ttys(bluetooth_t)
 
@@ -114,9 +113,6 @@ files_read_etc_files(bluetooth_t)
 files_read_etc_runtime_files(bluetooth_t)
 files_read_usr_files(bluetooth_t)
 
-init_use_fds(bluetooth_t)
-init_use_script_ptys(bluetooth_t)
-
 libs_use_ld_so(bluetooth_t)
 libs_use_shared_libs(bluetooth_t)
 

policy/modules/services/canna.te

@@ -1,5 +1,5 @@
 
-policy_module(canna,1.3.0)
+policy_module(canna,1.3.1)
 
 ########################################
 #
@@ -59,8 +59,6 @@ dev_read_sysfs(canna_t)
 fs_getattr_all_fs(canna_t)
 fs_search_auto_mountpoints(canna_t)
 
-term_dontaudit_use_console(canna_t)
-
 domain_use_interactive_fds(canna_t)
 
 files_read_etc_files(canna_t)
@@ -69,9 +67,6 @@ files_read_usr_files(canna_t)
 files_search_tmp(canna_t)
 files_dontaudit_read_root_files(canna_t)
 
-init_use_fds(canna_t)
-init_use_script_ptys(canna_t)
-
 libs_use_ld_so(canna_t)
 libs_use_shared_libs(canna_t)
 

policy/modules/services/ccs.te

@@ -1,5 +1,5 @@
 
-policy_module(ccs,1.0.2)
+policy_module(ccs,1.0.3)
 
 ########################################
 #
@@ -85,7 +85,6 @@ dev_read_urand(ccs_t)
 files_read_etc_files(ccs_t)
 files_read_etc_runtime_files(ccs_t)
 
-init_dontaudit_use_fds(ccs_t)
 init_rw_script_tmp_files(ccs_t)
 
 libs_use_ld_so(ccs_t)

policy/modules/services/cipe.te

@@ -1,5 +1,5 @@
 
-policy_module(cipe,1.1.0)
+policy_module(cipe,1.1.1)
 
 ########################################
 #
@@ -52,11 +52,6 @@ files_dontaudit_search_var(ciped_t)
 
 fs_search_auto_mountpoints(ciped_t)
 
-term_dontaudit_use_console(ciped_t)
-
-init_use_fds(ciped_t)
-init_use_script_ptys(ciped_t)
-
 libs_use_ld_so(ciped_t)
 libs_use_shared_libs(ciped_t)
 

policy/modules/services/clamav.te

@@ -1,5 +1,5 @@
 
-policy_module(clamav,1.2.0)
+policy_module(clamav,1.2.1)
 
 ########################################
 #
@@ -104,9 +104,6 @@ files_read_etc_files(clamd_t)
 files_read_etc_runtime_files(clamd_t)
 files_search_spool(clamd_t)
 
-init_use_fds(clamd_t)
-init_use_script_ptys(clamd_t)
-
 libs_use_ld_so(clamd_t)
 libs_use_shared_libs(clamd_t)
 
@@ -178,9 +175,6 @@ domain_use_interactive_fds(freshclam_t)
 files_read_etc_files(freshclam_t)
 files_read_etc_runtime_files(freshclam_t)
 
-init_use_fds(freshclam_t)
-init_use_script_ptys(freshclam_t)
-
 libs_use_ld_so(freshclam_t)
 libs_use_shared_libs(freshclam_t)
 

policy/modules/services/consolekit.te

@@ -1,5 +1,5 @@
 
-policy_module(consolekit,1.0.0)
+policy_module(consolekit,1.0.1)
 
 ########################################
 #
@@ -28,8 +28,6 @@ domain_use_interactive_fds(consolekit_t)
 
 files_read_etc_files(consolekit_t)
 
-init_use_script_ptys(consolekit_t)
-
 libs_use_ld_so(consolekit_t)
 libs_use_shared_libs(consolekit_t)
 

policy/modules/services/courier.if

@@ -67,11 +67,6 @@ template(`courier_domain_template',`
 	fs_getattr_xattr_fs(courier_$1_t)
 	fs_search_auto_mountpoints(courier_$1_t)
 
-	term_dontaudit_use_console(courier_$1_t)
-
-	init_use_fds(courier_$1_t)
-	init_use_script_ptys(courier_$1_t)
-
 	libs_use_ld_so(courier_$1_t)
 	libs_use_shared_libs(courier_$1_t)
 

policy/modules/services/courier.te

@@ -1,5 +1,5 @@
 
-policy_module(courier,1.1.0)
+policy_module(courier,1.1.1)
 
 ########################################
 #

policy/modules/services/cron.te

@@ -1,5 +1,5 @@
 
-policy_module(cron,1.5.0)
+policy_module(cron,1.5.1)
 
 gen_require(`
 	class passwd rootok;
@@ -113,8 +113,6 @@ dev_read_urand(crond_t)
 fs_getattr_all_fs(crond_t)
 fs_search_auto_mountpoints(crond_t)
 
-term_dontaudit_use_console(crond_t)
-
 # need auth_chkpwd to check for locked accounts.
 auth_domtrans_chk_passwd(crond_t)
 
@@ -131,8 +129,6 @@ files_list_usr(crond_t)
 files_search_var_lib(crond_t)
 files_search_default(crond_t)
 
-init_use_fds(crond_t)
-init_use_script_ptys(crond_t)
 init_rw_utmp(crond_t)
 
 libs_use_ld_so(crond_t)
@@ -352,9 +348,7 @@ ifdef(`targeted_policy',`
 	# /var/spool/anacron and /var/spool/slrnpull.
 	files_manage_generic_spool(system_crond_t)
 
-	init_use_fds(system_crond_t)
 	init_use_script_fds(system_crond_t)
-	init_use_script_ptys(system_crond_t)
 	init_read_utmp(system_crond_t)
 	init_dontaudit_rw_utmp(system_crond_t)
 	# prelink tells init to restart it self, we either need to allow or dontaudit

policy/modules/services/cups.te

@@ -1,5 +1,5 @@
 
-policy_module(cups,1.5.1)
+policy_module(cups,1.5.2)
 
 ########################################
 #
@@ -173,7 +173,6 @@ mls_file_read_up(cupsd_t)
 mls_rangetrans_target(cupsd_t)
 mls_socket_write_all_levels(cupsd_t)
 
-term_dontaudit_use_console(cupsd_t)
 term_use_unallocated_ttys(cupsd_t)
 term_search_ptys(cupsd_t)
 
@@ -208,8 +207,6 @@ files_dontaudit_getattr_all_tmp_files(cupsd_t)
 
 selinux_compute_access_vector(cupsd_t)
 
-init_use_fds(cupsd_t)
-init_use_script_ptys(cupsd_t)
 init_exec_script_files(cupsd_t)
 
 libs_use_ld_so(cupsd_t)
@@ -359,8 +356,6 @@ dev_read_rand(cupsd_config_t)
 fs_getattr_all_fs(cupsd_config_t)
 fs_search_auto_mountpoints(cupsd_config_t)
 
-term_dontaudit_use_console(cupsd_config_t)
-
 corecmd_exec_bin(cupsd_config_t)
 corecmd_exec_sbin(cupsd_config_t)
 corecmd_exec_shell(cupsd_config_t)
@@ -374,8 +369,6 @@ files_read_etc_files(cupsd_config_t)
 files_read_etc_runtime_files(cupsd_config_t)
 files_read_var_symlinks(cupsd_config_t)
 
-init_use_fds(cupsd_config_t)
-init_use_script_ptys(cupsd_config_t)
 # Alternatives asks for this
 init_getattr_script_files(cupsd_config_t)
 
@@ -601,8 +594,6 @@ dev_read_usbfs(hplip_t)
 fs_getattr_all_fs(hplip_t)
 fs_search_auto_mountpoints(hplip_t)
 
-term_dontaudit_use_console(hplip_t)
-
 # for python
 corecmd_exec_bin(hplip_t)
 corecmd_search_sbin(hplip_t)
@@ -613,9 +604,6 @@ files_read_etc_files(hplip_t)
 files_read_etc_runtime_files(hplip_t)
 files_read_usr_files(hplip_t)
 
-init_use_fds(hplip_t)
-init_use_script_ptys(hplip_t)
-
 libs_use_ld_so(hplip_t)
 libs_use_shared_libs(hplip_t)
 
@@ -691,16 +679,11 @@ dev_rw_printer(ptal_t)
 fs_getattr_all_fs(ptal_t)
 fs_search_auto_mountpoints(ptal_t)
 
-term_dontaudit_use_console(ptal_t)
-
 domain_use_interactive_fds(ptal_t)
 
 files_read_etc_files(ptal_t)
 files_read_etc_runtime_files(ptal_t)
 
-init_use_fds(ptal_t)
-init_use_script_ptys(ptal_t)
-
 libs_use_ld_so(ptal_t)
 libs_use_shared_libs(ptal_t)
 

policy/modules/services/cyrus.te

@@ -1,5 +1,5 @@
 
-policy_module(cyrus,1.2.0)
+policy_module(cyrus,1.2.1)
 
 ########################################
 #
@@ -85,8 +85,6 @@ dev_read_sysfs(cyrus_t)
 fs_getattr_all_fs(cyrus_t)
 fs_search_auto_mountpoints(cyrus_t)
 
-term_dontaudit_use_console(cyrus_t)
-
 corecmd_exec_bin(cyrus_t)
 
 domain_use_interactive_fds(cyrus_t)
@@ -96,9 +94,6 @@ files_read_etc_files(cyrus_t)
 files_read_etc_runtime_files(cyrus_t)
 files_read_usr_files(cyrus_t)
 
-init_use_fds(cyrus_t)
-init_use_script_ptys(cyrus_t)
-
 libs_use_ld_so(cyrus_t)
 libs_use_shared_libs(cyrus_t)
 libs_exec_lib_files(cyrus_t)

policy/modules/services/dante.te

@@ -1,5 +1,5 @@
 
-policy_module(dante,1.1.0)
+policy_module(dante,1.1.1)
 
 ########################################
 #
@@ -59,10 +59,6 @@ files_read_etc_runtime_files(dante_t)
 fs_getattr_all_fs(dante_t)
 fs_search_auto_mountpoints(dante_t)
 
-term_dontaudit_use_console(dante_t)
-
-init_use_fds(dante_t)
-init_use_script_ptys(dante_t)
 init_write_utmp(dante_t)
 
 libs_use_ld_so(dante_t)

policy/modules/services/dcc.te

@@ -1,5 +1,5 @@
 
-policy_module(dcc,1.1.0)
+policy_module(dcc,1.1.1)
 
 ########################################
 #
@@ -261,11 +261,6 @@ files_read_etc_runtime_files(dccd_t)
 fs_getattr_all_fs(dccd_t)
 fs_search_auto_mountpoints(dccd_t)
 
-term_dontaudit_use_console(dccd_t)
-
-init_use_fds(dccd_t)
-init_use_script_ptys(dccd_t)
-
 libs_use_ld_so(dccd_t)
 libs_use_shared_libs(dccd_t)
 
@@ -344,11 +339,6 @@ files_read_etc_runtime_files(dccifd_t)
 fs_getattr_all_fs(dccifd_t)
 fs_search_auto_mountpoints(dccifd_t)
 
-term_dontaudit_use_console(dccifd_t)
-
-init_use_fds(dccifd_t)
-init_use_script_ptys(dccifd_t)
-
 libs_use_ld_so(dccifd_t)
 libs_use_shared_libs(dccifd_t)
 
@@ -426,11 +416,6 @@ files_read_etc_runtime_files(dccm_t)
 fs_getattr_all_fs(dccm_t)
 fs_search_auto_mountpoints(dccm_t)
 
-term_dontaudit_use_console(dccm_t)
-
-init_use_fds(dccm_t)
-init_use_script_ptys(dccm_t)
-
 libs_use_ld_so(dccm_t)
 libs_use_shared_libs(dccm_t)
 

policy/modules/services/ddclient.te

@@ -1,5 +1,5 @@
 
-policy_module(ddclient,1.1.0)
+policy_module(ddclient,1.1.1)
 
 ########################################
 #
@@ -86,11 +86,6 @@ files_read_usr_files(ddclient_t)
 fs_getattr_all_fs(ddclient_t)
 fs_search_auto_mountpoints(ddclient_t)
 
-term_dontaudit_use_console(ddclient_t)
-
-init_use_fds(ddclient_t)
-init_use_script_ptys(ddclient_t)
-
 libs_use_ld_so(ddclient_t)
 libs_use_shared_libs(ddclient_t)
 

policy/modules/services/dhcp.te

@@ -1,5 +1,5 @@
 
-policy_module(dhcp,1.2.0)
+policy_module(dhcp,1.2.1)
 
 ########################################
 #
@@ -78,8 +78,6 @@ dev_read_urand(dhcpd_t)
 fs_getattr_all_fs(dhcpd_t)
 fs_search_auto_mountpoints(dhcpd_t)
 
-term_dontaudit_use_console(dhcpd_t)
-
 corecmd_exec_bin(dhcpd_t)
 corecmd_exec_sbin(dhcpd_t)
 
@@ -90,9 +88,6 @@ files_read_usr_files(dhcpd_t)
 files_read_etc_runtime_files(dhcpd_t)
 files_search_var_lib(dhcpd_t)
 
-init_use_fds(dhcpd_t)
-init_use_script_ptys(dhcpd_t)
-
 libs_use_ld_so(dhcpd_t)
 libs_use_shared_libs(dhcpd_t)
 

policy/modules/services/dictd.te

@@ -1,5 +1,5 @@
 
-policy_module(dictd,1.2.0)
+policy_module(dictd,1.2.1)
 
 ########################################
 #
@@ -8,7 +8,7 @@ policy_module(dictd,1.2.0)
 
 type dictd_t;
 type dictd_exec_t;
-init_system_domain(dictd_t,dictd_exec_t)
+init_daemon_domain(dictd_t,dictd_exec_t)
 
 type dictd_etc_t;
 files_config_file(dictd_etc_t)
@@ -55,8 +55,6 @@ dev_read_sysfs(dictd_t)
 fs_getattr_xattr_fs(dictd_t)
 fs_search_auto_mountpoints(dictd_t)
 
-term_dontaudit_use_console(dictd_t)
-
 domain_use_interactive_fds(dictd_t)
 
 files_read_etc_files(dictd_t)
@@ -66,9 +64,6 @@ files_search_var_lib(dictd_t)
 # for checking for nscd
 files_dontaudit_search_pids(dictd_t)
 
-init_use_fds(dictd_t)
-init_use_script_ptys(dictd_t)
-
 libs_use_ld_so(dictd_t)
 libs_use_shared_libs(dictd_t)
 

policy/modules/services/distcc.te

@@ -1,5 +1,5 @@
 
-policy_module(distcc,1.2.0)
+policy_module(distcc,1.2.1)
 
 ########################################
 #
@@ -60,8 +60,6 @@ dev_read_sysfs(distccd_t)
 fs_getattr_all_fs(distccd_t)
 fs_search_auto_mountpoints(distccd_t)
 
-term_dontaudit_use_console(distccd_t)
-
 corecmd_exec_bin(distccd_t)
 corecmd_read_sbin_symlinks(distccd_t)
 
@@ -70,9 +68,6 @@ domain_use_interactive_fds(distccd_t)
 files_read_etc_files(distccd_t)
 files_read_etc_runtime_files(distccd_t)
 
-init_use_fds(distccd_t)
-init_use_script_ptys(distccd_t)
-
 libs_use_ld_so(distccd_t)
 libs_use_shared_libs(distccd_t)
 libs_exec_lib_files(distccd_t)

policy/modules/services/dnsmasq.te

@@ -1,5 +1,5 @@
 
-policy_module(dnsmasq,1.2.0)
+policy_module(dnsmasq,1.2.1)
 
 ########################################
 #
@@ -70,11 +70,6 @@ files_read_etc_files(dnsmasq_t)
 fs_getattr_all_fs(dnsmasq_t)
 fs_search_auto_mountpoints(dnsmasq_t)
 
-term_dontaudit_use_console(dnsmasq_t)
-
-init_use_fds(dnsmasq_t)
-init_use_script_ptys(dnsmasq_t)
-
 libs_use_ld_so(dnsmasq_t)
 libs_use_shared_libs(dnsmasq_t)
 

policy/modules/services/dovecot.te

@@ -1,5 +1,5 @@
 
-policy_module(dovecot,1.4.0)
+policy_module(dovecot,1.4.1)
 
 ########################################
 #
@@ -87,8 +87,6 @@ fs_getattr_all_fs(dovecot_t)
 fs_search_auto_mountpoints(dovecot_t)
 fs_list_inotifyfs(dovecot_t)
 
-term_dontaudit_use_console(dovecot_t)
-
 corecmd_exec_bin(dovecot_t)
 
 domain_use_interactive_fds(dovecot_t)
@@ -101,8 +99,6 @@ files_dontaudit_list_default(dovecot_t)
 files_read_etc_runtime_files(dovecot_t)
 files_getattr_all_mountpoints(dovecot_t)
 
-init_use_fds(dovecot_t)
-init_use_script_ptys(dovecot_t)
 init_getattr_utmp(dovecot_t)
 
 libs_use_ld_so(dovecot_t)

policy/modules/services/fetchmail.te

@@ -1,5 +1,5 @@
 
-policy_module(fetchmail,1.2.0)
+policy_module(fetchmail,1.2.1)
 
 ########################################
 #
@@ -69,13 +69,8 @@ files_dontaudit_search_home(fetchmail_t)
 fs_getattr_all_fs(fetchmail_t)
 fs_search_auto_mountpoints(fetchmail_t)
 
-term_dontaudit_use_console(fetchmail_t)
-
 domain_use_interactive_fds(fetchmail_t)
 
-init_use_fds(fetchmail_t)
-init_use_script_ptys(fetchmail_t)
-
 libs_use_ld_so(fetchmail_t)
 libs_use_shared_libs(fetchmail_t)
 

policy/modules/services/finger.te

@@ -1,5 +1,5 @@
 
-policy_module(finger,1.2.0)
+policy_module(finger,1.2.1)
 
 ########################################
 #
@@ -62,7 +62,6 @@ dev_read_sysfs(fingerd_t)
 fs_getattr_all_fs(fingerd_t)
 fs_search_auto_mountpoints(fingerd_t)
 
-term_dontaudit_use_console(fingerd_t)
 term_getattr_all_user_ttys(fingerd_t)
 term_getattr_all_user_ptys(fingerd_t)
 
@@ -80,8 +79,6 @@ files_read_etc_runtime_files(fingerd_t)
 
 init_read_utmp(fingerd_t)
 init_dontaudit_write_utmp(fingerd_t)
-init_use_fds(fingerd_t)
-init_use_script_ptys(fingerd_t)
 
 libs_use_ld_so(fingerd_t)
 libs_use_shared_libs(fingerd_t)

policy/modules/services/ftp.te

@@ -1,5 +1,5 @@
 
-policy_module(ftp,1.4.2)
+policy_module(ftp,1.4.3)
 
 ########################################
 #
@@ -117,8 +117,6 @@ files_search_var_lib(ftpd_t)
 fs_search_auto_mountpoints(ftpd_t)
 fs_getattr_all_fs(ftpd_t)
 
-term_dontaudit_use_console(ftpd_t)
-
 auth_use_nsswitch(ftpd_t)
 auth_domtrans_chk_passwd(ftpd_t)
 # Append to /var/log/wtmp.
@@ -127,8 +125,6 @@ auth_append_login_records(ftpd_t)
 auth_write_login_records(ftpd_t)
 auth_rw_faillog(ftpd_t)
 
-init_use_fds(ftpd_t)
-init_use_script_ptys(ftpd_t)
 init_rw_utmp(ftpd_t)
 
 libs_use_ld_so(ftpd_t)

policy/modules/services/gatekeeper.te

@@ -1,5 +1,5 @@
 
-policy_module(gatekeeper,1.1.0)
+policy_module(gatekeeper,1.1.1)
 
 ########################################
 #
@@ -77,11 +77,6 @@ files_read_etc_files(gatekeeper_t)
 fs_getattr_all_fs(gatekeeper_t)
 fs_search_auto_mountpoints(gatekeeper_t)
 
-term_dontaudit_use_console(gatekeeper_t)
-
-init_use_fds(gatekeeper_t)
-init_use_script_ptys(gatekeeper_t)
-
 libs_use_ld_so(gatekeeper_t)
 libs_use_shared_libs(gatekeeper_t)
 

policy/modules/services/gpm.te

@@ -1,5 +1,5 @@
 
-policy_module(gpm,1.2.0)
+policy_module(gpm,1.2.1)
 
 ########################################
 #
@@ -58,13 +58,9 @@ fs_getattr_all_fs(gpm_t)
 fs_search_auto_mountpoints(gpm_t)
 
 term_use_unallocated_ttys(gpm_t)
-term_dontaudit_use_console(gpm_t)
 
 domain_use_interactive_fds(gpm_t)
 
-init_use_fds(gpm_t)
-init_use_script_ptys(gpm_t)
-
 libs_use_ld_so(gpm_t)
 libs_use_shared_libs(gpm_t)
 

policy/modules/services/hal.te

@@ -1,5 +1,5 @@
 
-policy_module(hal,1.5.1)
+policy_module(hal,1.5.2)
 
 ########################################
 #
@@ -127,8 +127,6 @@ term_dontaudit_use_unallocated_ttys(hald_t)
 
 auth_use_nsswitch(hald_t)
 
-init_use_fds(hald_t)
-init_use_script_ptys(hald_t)
 init_domtrans_script(hald_t)
 init_write_initctl(hald_t)
 init_read_utmp(hald_t)
@@ -157,7 +155,6 @@ userdom_dontaudit_use_unpriv_user_fds(hald_t)
 userdom_dontaudit_search_sysadm_home_dirs(hald_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_console(hald_t)
 	term_dontaudit_use_generic_ptys(hald_t)
 	files_dontaudit_read_root_files(hald_t)
 ')

policy/modules/services/howl.te

@@ -1,5 +1,5 @@
 
-policy_module(howl,1.2.0)
+policy_module(howl,1.2.1)
 
 ########################################
 #
@@ -52,14 +52,10 @@ dev_read_sysfs(howl_t)
 fs_getattr_all_fs(howl_t)
 fs_search_auto_mountpoints(howl_t)
 
-term_dontaudit_use_console(howl_t)
-
 domain_use_interactive_fds(howl_t)
 
 files_read_etc_files(howl_t)
 
-init_use_fds(howl_t)
-init_use_script_ptys(howl_t)
 init_rw_utmp(howl_t)
 
 libs_use_ld_so(howl_t)

policy/modules/services/i18n_input.te

@@ -1,5 +1,5 @@
 
-policy_module(i18n_input,1.2.0)
+policy_module(i18n_input,1.2.1)
 
 ########################################
 #
@@ -55,8 +55,6 @@ dev_read_sysfs(i18n_input_t)
 fs_getattr_all_fs(i18n_input_t)
 fs_search_auto_mountpoints(i18n_input_t)
 
-term_dontaudit_use_console(i18n_input_t)
-
 corecmd_search_sbin(i18n_input_t)
 corecmd_search_bin(i18n_input_t)
 corecmd_exec_bin(i18n_input_t)
@@ -67,8 +65,6 @@ files_read_etc_files(i18n_input_t)
 files_read_etc_runtime_files(i18n_input_t)
 files_read_usr_files(i18n_input_t)
 
-init_use_fds(i18n_input_t)
-init_use_script_ptys(i18n_input_t)
 init_stream_connect_script(i18n_input_t)
 
 libs_use_ld_so(i18n_input_t)

policy/modules/services/imaze.te

@@ -1,5 +1,5 @@
 
-policy_module(imaze,1.1.0)
+policy_module(imaze,1.1.1)
 
 ########################################
 #
@@ -77,11 +77,6 @@ files_read_etc_files(imazesrv_t)
 fs_getattr_all_fs(imazesrv_t)
 fs_search_auto_mountpoints(imazesrv_t)
 
-term_dontaudit_use_console(imazesrv_t)
-
-init_use_fds(imazesrv_t)
-init_use_script_ptys(imazesrv_t)
-
 libs_use_ld_so(imazesrv_t)
 libs_use_shared_libs(imazesrv_t)
 

policy/modules/services/inetd.te

@@ -1,5 +1,5 @@
 
-policy_module(inetd,1.2.1)
+policy_module(inetd,1.2.2)
 
 ########################################
 #
@@ -116,8 +116,6 @@ fs_search_auto_mountpoints(inetd_t)
 selinux_validate_context(inetd_t)
 selinux_compute_create_context(inetd_t)
 
-term_dontaudit_use_console(inetd_t)
-
 # Run other daemons in the inetd_child_t domain.
 corecmd_search_bin(inetd_t)
 corecmd_read_sbin_symlinks(inetd_t)
@@ -126,9 +124,6 @@ domain_use_interactive_fds(inetd_t)
 
 files_read_etc_files(inetd_t)
 
-init_use_fds(inetd_t)
-init_use_script_ptys(inetd_t)
-
 libs_use_ld_so(inetd_t)
 libs_use_shared_libs(inetd_t)
 

policy/modules/services/inn.te

@@ -1,5 +1,5 @@
 
-policy_module(inn,1.2.0)
+policy_module(inn,1.2.1)
 
 ########################################
 #
@@ -82,8 +82,6 @@ dev_read_urand(innd_t)
 fs_getattr_all_fs(innd_t)
 fs_search_auto_mountpoints(innd_t)
 
-term_dontaudit_use_console(innd_t)
-
 corecmd_exec_bin(innd_t)
 corecmd_exec_shell(innd_t)
 corecmd_search_sbin(innd_t)
@@ -96,9 +94,6 @@ files_read_etc_files(innd_t)
 files_read_etc_runtime_files(innd_t)
 files_read_usr_files(innd_t)
 
-init_use_fds(innd_t)
-init_use_script_ptys(innd_t)
-
 libs_use_ld_so(innd_t)
 libs_use_shared_libs(innd_t)
 

policy/modules/services/ircd.te

@@ -1,5 +1,5 @@
 
-policy_module(ircd,1.1.0)
+policy_module(ircd,1.1.1)
 
 ########################################
 #
@@ -71,11 +71,6 @@ files_read_etc_runtime_files(ircd_t)
 fs_getattr_all_fs(ircd_t)
 fs_search_auto_mountpoints(ircd_t)
 
-term_dontaudit_use_console(ircd_t)
-
-init_use_fds(ircd_t)
-init_use_script_ptys(ircd_t)
-
 libs_use_ld_so(ircd_t)
 libs_use_shared_libs(ircd_t)
 

policy/modules/services/irqbalance.te

@@ -1,5 +1,5 @@
 
-policy_module(irqbalance,1.0.1)
+policy_module(irqbalance,1.0.2)
 
 ########################################
 #
@@ -40,13 +40,8 @@ files_read_etc_runtime_files(irqbalance_t)
 fs_getattr_all_fs(irqbalance_t)
 fs_search_auto_mountpoints(irqbalance_t)
 
-term_dontaudit_use_console(irqbalance_t)
-
 domain_use_interactive_fds(irqbalance_t)
 
-init_use_fds(irqbalance_t)
-init_use_script_ptys(irqbalance_t)
-
 libs_use_ld_so(irqbalance_t)
 libs_use_shared_libs(irqbalance_t)
 

policy/modules/services/jabber.te

@@ -1,5 +1,5 @@
 
-policy_module(jabber,1.1.0)
+policy_module(jabber,1.1.1)
 
 ########################################
 #
@@ -69,11 +69,6 @@ files_read_etc_runtime_files(jabberd_t)
 fs_getattr_all_fs(jabberd_t)
 fs_search_auto_mountpoints(jabberd_t)
 
-term_dontaudit_use_console(jabberd_t)
-
-init_use_fds(jabberd_t)
-init_use_script_ptys(jabberd_t)
-
 libs_use_ld_so(jabberd_t)
 libs_use_shared_libs(jabberd_t)
 

policy/modules/services/kerberos.te

@@ -1,5 +1,5 @@
 
-policy_module(kerberos,1.3.2)
+policy_module(kerberos,1.3.3)
 
 ########################################
 #
@@ -107,15 +107,10 @@ dev_read_urand(kadmind_t)
 fs_getattr_all_fs(kadmind_t)
 fs_search_auto_mountpoints(kadmind_t)
 
-term_dontaudit_use_console(kadmind_t)
-
 domain_use_interactive_fds(kadmind_t)
 
 files_read_etc_files(kadmind_t)
 
-init_use_fds(kadmind_t)
-init_use_script_ptys(kadmind_t)
-
 libs_use_ld_so(kadmind_t)
 libs_use_shared_libs(kadmind_t)
 
@@ -212,17 +207,12 @@ dev_read_urand(krb5kdc_t)
 fs_getattr_all_fs(krb5kdc_t)
 fs_search_auto_mountpoints(krb5kdc_t)
 
-term_dontaudit_use_console(krb5kdc_t)
-
 domain_use_interactive_fds(krb5kdc_t)
 
 files_read_etc_files(krb5kdc_t)
 files_read_usr_symlinks(krb5kdc_t)
 files_read_var_files(krb5kdc_t)
 
-init_use_fds(krb5kdc_t)
-init_use_script_ptys(krb5kdc_t)
-
 libs_use_ld_so(krb5kdc_t)
 libs_use_shared_libs(krb5kdc_t)
 

policy/modules/services/ldap.te

@@ -1,5 +1,5 @@
 
-policy_module(ldap,1.3.0)
+policy_module(ldap,1.3.1)
 
 ########################################
 #
@@ -96,8 +96,6 @@ dev_read_sysfs(slapd_t)
 fs_getattr_all_fs(slapd_t)
 fs_search_auto_mountpoints(slapd_t)
 
-term_dontaudit_use_console(slapd_t)
-
 domain_use_interactive_fds(slapd_t)
 
 files_read_etc_files(slapd_t)
@@ -105,9 +103,6 @@ files_read_etc_runtime_files(slapd_t)
 files_read_usr_files(slapd_t)
 files_list_var_lib(slapd_t)
 
-init_use_fds(slapd_t)
-init_use_script_ptys(slapd_t)
-
 libs_use_ld_so(slapd_t)
 libs_use_shared_libs(slapd_t)
 

policy/modules/services/lpd.te

@@ -1,5 +1,5 @@
 
-policy_module(lpd,1.4.1)
+policy_module(lpd,1.4.2)
 
 ########################################
 #
@@ -168,8 +168,6 @@ dev_rw_printer(lpd_t)
 fs_getattr_all_fs(lpd_t)
 fs_search_auto_mountpoints(lpd_t)
 
-term_dontaudit_use_console(lpd_t)
-
 # Filter scripts may be shell scripts, and may invoke progs like /bin/mktemp
 corecmd_exec_bin(lpd_t)
 corecmd_exec_sbin(lpd_t)
@@ -189,9 +187,6 @@ files_read_var_lib_symlinks(lpd_t)
 # config files for lpd are of type etc_t, probably should change this
 files_read_etc_files(lpd_t)
 
-init_use_fds(lpd_t)
-init_use_script_ptys(lpd_t)
-
 libs_use_ld_so(lpd_t)
 libs_use_shared_libs(lpd_t)
 

policy/modules/services/monop.te

@@ -1,5 +1,5 @@
 
-policy_module(monop,1.1.0)
+policy_module(monop,1.1.1)
 
 ########################################
 #
@@ -63,11 +63,6 @@ files_read_etc_files(monopd_t)
 fs_getattr_all_fs(monopd_t)
 fs_search_auto_mountpoints(monopd_t)
 
-term_dontaudit_use_console(monopd_t)
-
-init_use_fds(monopd_t)
-init_use_script_ptys(monopd_t)
-
 libs_use_ld_so(monopd_t)
 libs_use_shared_libs(monopd_t)
 

policy/modules/services/munin.te

@@ -1,5 +1,5 @@
 
-policy_module(munin,1.1.0)
+policy_module(munin,1.1.1)
 
 ########################################
 #
@@ -85,11 +85,6 @@ files_read_usr_files(munin_t)
 fs_getattr_all_fs(munin_t)
 fs_search_auto_mountpoints(munin_t)
 
-term_dontaudit_use_console(munin_t)
-
-init_use_fds(munin_t)
-init_use_script_ptys(munin_t)
-
 libs_use_ld_so(munin_t)
 libs_use_shared_libs(munin_t)
 

policy/modules/services/mysql.te

@@ -1,5 +1,5 @@
 
-policy_module(mysql,1.3.0)
+policy_module(mysql,1.3.1)
 
 ########################################
 #
@@ -79,8 +79,6 @@ dev_read_sysfs(mysqld_t)
 fs_getattr_all_fs(mysqld_t)
 fs_search_auto_mountpoints(mysqld_t)
 
-term_dontaudit_use_console(mysqld_t)
-
 domain_use_interactive_fds(mysqld_t)
 
 files_getattr_var_lib_dirs(mysqld_t)
@@ -91,9 +89,6 @@ files_search_var_lib(mysqld_t)
 
 auth_use_nsswitch(mysqld_t)
 
-init_use_fds(mysqld_t)
-init_use_script_ptys(mysqld_t)
-
 libs_use_ld_so(mysqld_t)
 libs_use_shared_libs(mysqld_t)
 

policy/modules/services/nagios.te

@@ -1,5 +1,5 @@
 
-policy_module(nagios,1.1.0)
+policy_module(nagios,1.1.1)
 
 ########################################
 #
@@ -87,10 +87,6 @@ files_read_kernel_symbol_table(nagios_t)
 fs_getattr_all_fs(nagios_t)
 fs_search_auto_mountpoints(nagios_t)
 
-term_dontaudit_use_console(nagios_t)
-
-init_use_fds(nagios_t)
-init_use_script_ptys(nagios_t)
 # for who
 init_read_utmp(nagios_t)
 
@@ -210,11 +206,6 @@ files_read_etc_runtime_files(nrpe_t)
 
 fs_search_auto_mountpoints(nrpe_t)
 
-term_dontaudit_use_console(nrpe_t)
-
-init_use_fds(nrpe_t)
-init_use_script_ptys(nrpe_t)
-
 libs_use_ld_so(nrpe_t)
 libs_use_shared_libs(nrpe_t)
 

policy/modules/services/nessus.te

@@ -1,5 +1,5 @@
 
-policy_module(nessus,1.1.0)
+policy_module(nessus,1.1.1)
 
 ########################################
 #
@@ -83,11 +83,6 @@ files_read_etc_runtime_files(nessusd_t)
 fs_getattr_all_fs(nessusd_t)
 fs_search_auto_mountpoints(nessusd_t)
 
-term_dontaudit_use_console(nessusd_t)
-
-init_use_fds(nessusd_t)
-init_use_script_ptys(nessusd_t)
-
 libs_use_ld_so(nessusd_t)
 libs_use_shared_libs(nessusd_t)
 

policy/modules/services/networkmanager.te

@@ -1,5 +1,5 @@
 
-policy_module(networkmanager,1.5.2)
+policy_module(networkmanager,1.5.3)
 
 ########################################
 #
@@ -69,8 +69,6 @@ mls_file_read_up(NetworkManager_t)
 
 selinux_dontaudit_search_fs(NetworkManager_t)
 
-term_dontaudit_use_console(NetworkManager_t)
-
 corecmd_exec_shell(NetworkManager_t)
 corecmd_exec_bin(NetworkManager_t)
 corecmd_exec_sbin(NetworkManager_t)
@@ -84,8 +82,6 @@ files_read_etc_files(NetworkManager_t)
 files_read_etc_runtime_files(NetworkManager_t)
 files_read_usr_files(NetworkManager_t)
 
-init_use_fds(NetworkManager_t)
-init_use_script_ptys(NetworkManager_t)
 init_read_utmp(NetworkManager_t)
 init_domtrans_script(NetworkManager_t)
 

policy/modules/services/nis.te

@@ -1,5 +1,5 @@
 
-policy_module(nis,1.3.2)
+policy_module(nis,1.3.3)
 
 ########################################
 #
@@ -95,16 +95,11 @@ dev_read_sysfs(ypbind_t)
 fs_getattr_all_fs(ypbind_t)
 fs_search_auto_mountpoints(ypbind_t)
 
-term_dontaudit_use_console(ypbind_t)
-
 domain_use_interactive_fds(ypbind_t)
 
 files_read_etc_files(ypbind_t)
 files_list_var(ypbind_t)
 
-init_use_fds(ypbind_t)
-init_use_script_ptys(ypbind_t)
-
 libs_use_ld_so(ypbind_t)
 libs_use_shared_libs(ypbind_t)
 
@@ -179,8 +174,6 @@ fs_search_auto_mountpoints(yppasswdd_t)
 
 selinux_get_fs_mount(yppasswdd_t)
 
-term_dontaudit_use_console(yppasswdd_t)
-
 auth_manage_shadow(yppasswdd_t)
 auth_relabel_shadow(yppasswdd_t)
 auth_etc_filetrans_shadow(yppasswdd_t)
@@ -195,9 +188,6 @@ files_read_etc_files(yppasswdd_t)
 files_read_etc_runtime_files(yppasswdd_t)
 files_relabel_etc_files(yppasswdd_t)
 
-init_use_fds(yppasswdd_t)
-init_use_script_ptys(yppasswdd_t)
-
 libs_use_ld_so(yppasswdd_t)
 libs_use_shared_libs(yppasswdd_t)
 
@@ -278,8 +268,6 @@ dev_read_sysfs(ypserv_t)
 fs_getattr_all_fs(ypserv_t)
 fs_search_auto_mountpoints(ypserv_t)
 
-term_dontaudit_use_console(ypserv_t)
-
 corecmd_exec_bin(ypserv_t)
 
 domain_use_interactive_fds(ypserv_t)
@@ -287,9 +275,6 @@ domain_use_interactive_fds(ypserv_t)
 files_read_var_files(ypserv_t)
 files_read_etc_files(ypserv_t)
 
-init_use_fds(ypserv_t)
-init_use_script_ptys(ypserv_t)
-
 libs_use_ld_so(ypserv_t)
 libs_use_shared_libs(ypserv_t)
 
@@ -357,8 +342,6 @@ corenet_sendrecv_all_client_packets(ypxfr_t)
 files_read_etc_files(ypxfr_t)
 files_search_usr(ypxfr_t)
 
-init_use_fds(ypxfr_t)
-
 libs_use_shared_libs(ypxfr_t)
 libs_use_ld_so(ypxfr_t)
 

policy/modules/services/nscd.te

@@ -1,5 +1,5 @@
 
-policy_module(nscd,1.3.2)
+policy_module(nscd,1.3.3)
 
 gen_require(`
 	class nscd all_nscd_perms;
@@ -61,8 +61,6 @@ dev_read_urand(nscd_t)
 fs_getattr_all_fs(nscd_t)
 fs_search_auto_mountpoints(nscd_t)
 
-term_dontaudit_use_console(nscd_t)
-
 # for when /etc/passwd has just been updated and has the wrong type
 auth_getattr_shadow(nscd_t)
 auth_use_nsswitch(nscd_t)
@@ -91,9 +89,6 @@ files_read_generic_tmp_symlinks(nscd_t)
 # Needed to read files created by firstboot "/etc/hesiod.conf"
 files_read_etc_runtime_files(nscd_t)
 
-init_use_fds(nscd_t)
-init_use_script_ptys(nscd_t)
-
 libs_use_ld_so(nscd_t)
 libs_use_shared_libs(nscd_t)
 
@@ -113,9 +108,6 @@ userdom_dontaudit_search_sysadm_home_dirs(nscd_t)
 ifdef(`targeted_policy',`
 	term_use_unallocated_ttys(nscd_t)
 	term_use_generic_ptys(nscd_t)
-
-	term_dontaudit_use_unallocated_ttys(nscd_t)
-	term_dontaudit_use_generic_ptys(nscd_t)
 	files_dontaudit_read_root_files(nscd_t)
 ')
 

policy/modules/services/nsd.te

@@ -1,5 +1,5 @@
 
-policy_module(nsd,1.1.0)
+policy_module(nsd,1.1.1)
 
 ########################################
 #
@@ -85,11 +85,6 @@ files_read_etc_runtime_files(nsd_t)
 fs_getattr_all_fs(nsd_t)
 fs_search_auto_mountpoints(nsd_t)
 
-term_dontaudit_use_console(nsd_t)
-
-init_use_fds(nsd_t)
-init_use_script_ptys(nsd_t)
-
 libs_use_ld_so(nsd_t)
 libs_use_shared_libs(nsd_t)
 

policy/modules/services/ntop.te

@@ -1,5 +1,5 @@
 
-policy_module(ntop,1.1.0)
+policy_module(ntop,1.1.1)
 
 ########################################
 #
@@ -80,11 +80,6 @@ files_read_etc_files(ntop_t)
 fs_getattr_all_fs(ntop_t)
 fs_search_auto_mountpoints(ntop_t)
 
-term_dontaudit_use_console(ntop_t)
-
-init_use_fds(ntop_t)
-init_use_script_ptys(ntop_t)
-
 libs_use_ld_so(ntop_t)
 libs_use_shared_libs(ntop_t)
 

policy/modules/services/ntp.te

@@ -1,5 +1,5 @@
 
-policy_module(ntp,1.2.0)
+policy_module(ntp,1.2.1)
 
 ########################################
 #
@@ -82,8 +82,6 @@ dev_read_urand(ntpd_t)
 fs_getattr_all_fs(ntpd_t)
 fs_search_auto_mountpoints(ntpd_t)
 
-term_dontaudit_use_console(ntpd_t)
-
 auth_use_nsswitch(ntpd_t)
 
 corecmd_exec_bin(ntpd_t)
@@ -100,8 +98,6 @@ files_read_usr_files(ntpd_t)
 files_list_var_lib(ntpd_t)
 
 init_exec_script_files(ntpd_t)
-init_use_fds(ntpd_t)
-init_use_script_ptys(ntpd_t)
 
 libs_use_ld_so(ntpd_t)
 libs_use_shared_libs(ntpd_t)

policy/modules/services/oav.te

@@ -1,5 +1,5 @@
 
-policy_module(oav,1.1.0)
+policy_module(oav,1.1.1)
 
 ########################################
 #
@@ -124,13 +124,8 @@ files_exec_etc_files(scannerdaemon_t)
 fs_getattr_all_fs(scannerdaemon_t)
 fs_search_auto_mountpoints(scannerdaemon_t)
 
-term_dontaudit_use_console(scannerdaemon_t)
-
 auth_dontaudit_read_shadow(scannerdaemon_t)
 
-init_use_fds(scannerdaemon_t)
-init_use_script_ptys(scannerdaemon_t)
-
 libs_use_ld_so(scannerdaemon_t)
 libs_use_shared_libs(scannerdaemon_t)
 # Can run kaffe

policy/modules/services/oddjob.te

@@ -1,5 +1,5 @@
 
-policy_module(oddjob,1.1.0)
+policy_module(oddjob,1.1.1)
 
 ########################################
 #
@@ -53,12 +53,9 @@ libs_use_shared_libs(oddjob_t)
 
 miscfiles_read_localization(oddjob_t)
 
-init_dontaudit_use_fds(oddjob_t)
-
 locallogin_dontaudit_use_fds(oddjob_t)
 
 ifdef(`targeted_policy',`
-	term_dontaudit_use_console(oddjob_t)
 	term_dontaudit_use_generic_ptys(oddjob_t)
 	term_dontaudit_use_unallocated_ttys(oddjob_t)
 ')

policy/modules/services/openct.te

@@ -1,5 +1,5 @@
 
-policy_module(openct,1.0.0)
+policy_module(openct,1.0.1)
 
 ########################################
 #
@@ -40,11 +40,6 @@ files_read_etc_files(openct_t)
 fs_getattr_all_fs(openct_t)
 fs_search_auto_mountpoints(openct_t)
 
-term_dontaudit_use_console(openct_t)
-
-init_use_fds(openct_t)
-init_use_script_ptys(openct_t)
-
 libs_use_ld_so(openct_t)
 libs_use_shared_libs(openct_t)
 

policy/modules/services/openvpn.te

@@ -1,5 +1,5 @@
 
-policy_module(openvpn,1.1.1)
+policy_module(openvpn,1.1.2)
 
 ########################################
 #
@@ -75,8 +75,6 @@ dev_read_urand(openvpn_t)
 files_read_etc_files(openvpn_t)
 files_read_etc_runtime_files(openvpn_t)
 
-init_use_fds(openvpn_t)
-
 libs_use_ld_so(openvpn_t)
 libs_use_shared_libs(openvpn_t)
 

policy/modules/services/pcscd.te

@@ -1,5 +1,5 @@
 
-policy_module(pcscd,1.0.0)
+policy_module(pcscd,1.0.1)
 
 ########################################
 #
@@ -45,8 +45,6 @@ files_read_etc_runtime_files(pcscd_t)
 
 term_dontaudit_getattr_pty_dirs(pcscd_t)
 
-init_dontaudit_use_fds(pcscd_t)
-
 libs_use_ld_so(pcscd_t)
 libs_use_shared_libs(pcscd_t)
 
@@ -61,7 +59,6 @@ sysnet_dns_name_resolve(pcscd_t)
 ifdef(`targeted_policy',`
 	term_dontaudit_use_generic_ptys(pcscd_t)
 	term_dontaudit_use_unallocated_ttys(pcscd_t)
-	term_dontaudit_use_console(pcscd_t)
 ')
 
 optional_policy(`

policy/modules/services/pegasus.te

@@ -1,5 +1,5 @@
 
-policy_module(pegasus,1.2.0)
+policy_module(pegasus,1.2.1)
 
 ########################################
 #
@@ -95,8 +95,6 @@ fs_getattr_all_fs(pegasus_t)
 fs_search_auto_mountpoints(pegasus_t)
 files_getattr_all_dirs(pegasus_t)
 
-term_dontaudit_use_console(pegasus_t)
-
 auth_use_nsswitch(pegasus_t)
 auth_domtrans_chk_passwd(pegasus_t)
 
@@ -110,8 +108,6 @@ files_read_var_lib_symlinks(pegasus_t)
 
 hostname_exec(pegasus_t)
 
-init_use_fds(pegasus_t)
-init_use_script_ptys(pegasus_t)
 init_rw_utmp(pegasus_t)
 init_stream_connect_script(pegasus_t)
 

policy/modules/services/perdition.te

@@ -1,5 +1,5 @@
 
-policy_module(perdition,1.1.0)
+policy_module(perdition,1.1.1)
 
 ########################################
 #
@@ -57,11 +57,6 @@ fs_search_auto_mountpoints(perdition_t)
 
 files_read_etc_files(perdition_t)
 
-term_dontaudit_use_console(perdition_t)
-
-init_use_fds(perdition_t)
-init_use_script_ptys(perdition_t)
-
 libs_use_ld_so(perdition_t)
 libs_use_shared_libs(perdition_t)
 

policy/modules/services/portmap.te

@@ -1,5 +1,5 @@
 
-policy_module(portmap,1.3.0)
+policy_module(portmap,1.3.1)
 
 ########################################
 #
@@ -72,15 +72,10 @@ dev_read_sysfs(portmap_t)
 fs_getattr_all_fs(portmap_t)
 fs_search_auto_mountpoints(portmap_t)
 
-term_dontaudit_use_console(portmap_t)
-
 domain_use_interactive_fds(portmap_t)
 
 files_read_etc_files(portmap_t)
 
-init_use_fds(portmap_t)
-init_use_script_ptys(portmap_t)
-
 libs_use_ld_so(portmap_t)
 libs_use_shared_libs(portmap_t)
 

policy/modules/services/portslave.te

@@ -1,5 +1,5 @@
 
-policy_module(portslave,1.1.0)
+policy_module(portslave,1.1.1)
 
 ########################################
 #
@@ -80,13 +80,11 @@ fs_getattr_xattr_fs(portslave_t)
 term_use_unallocated_ttys(portslave_t)
 term_setattr_unallocated_ttys(portslave_t)
 term_use_all_user_ttys(portslave_t)
-term_dontaudit_use_console(portslave_t)
 term_search_ptys(portslave_t)
 
 auth_rw_login_records(portslave_t)
 auth_domtrans_chk_passwd(portslave_t)
-init_use_fds(portslave_t)
-init_use_script_ptys(portslave_t)
+
 init_rw_utmp(portslave_t)
 
 libs_use_ld_so(portslave_t)

policy/modules/services/postfix.if

@@ -81,7 +81,7 @@ template(`postfix_domain_template',`
 	files_search_spool(postfix_$1_t)
 	files_getattr_tmp_dirs(postfix_$1_t)
 
-	init_use_fds(postfix_$1_t)
+	init_dontaudit_use_fds(postfix_$1_t)
 	init_sigchld(postfix_$1_t)
 
 	libs_use_ld_so(postfix_$1_t)

policy/modules/services/postfix.te

@@ -1,5 +1,5 @@
 
-policy_module(postfix,1.4.1)
+policy_module(postfix,1.4.2)
 
 ########################################
 #
@@ -160,8 +160,6 @@ domain_use_interactive_fds(postfix_master_t)
 
 files_read_usr_files(postfix_master_t)
 
-init_use_script_ptys(postfix_master_t)
-
 miscfiles_read_man_pages(postfix_master_t)
 
 seutil_sigchld_newrole(postfix_master_t)

policy/modules/services/postgresql.te

@@ -1,5 +1,5 @@
 
-policy_module(postgresql,1.2.0)
+policy_module(postgresql,1.2.1)
 
 #################################
 #
@@ -102,7 +102,6 @@ fs_getattr_all_fs(postgresql_t)
 fs_search_auto_mountpoints(postgresql_t)
 
 term_use_controlling_term(postgresql_t)
-term_dontaudit_use_console(postgresql_t)
 
 corecmd_exec_bin(postgresql_t)
 corecmd_exec_ls(postgresql_t)
@@ -119,8 +118,6 @@ files_read_etc_runtime_files(postgresql_t)
 files_read_usr_files(postgresql_t)
 
 init_read_utmp(postgresql_t)
-init_use_fds(postgresql_t)
-init_use_script_ptys(postgresql_t)
 
 libs_use_ld_so(postgresql_t)
 libs_use_shared_libs(postgresql_t)

policy/modules/services/postgrey.te

@@ -1,5 +1,5 @@
 
-policy_module(postgrey,1.1.0)
+policy_module(postgrey,1.1.1)
 
 ########################################
 #
@@ -68,11 +68,6 @@ files_getattr_tmp_dirs(postgrey_t)
 fs_getattr_all_fs(postgrey_t)
 fs_search_auto_mountpoints(postgrey_t)
 
-term_dontaudit_use_console(postgrey_t)
-
-init_use_fds(postgrey_t)
-init_use_script_ptys(postgrey_t)
-
 libs_use_ld_so(postgrey_t)
 libs_use_shared_libs(postgrey_t)
 

policy/modules/services/ppp.te

@@ -1,5 +1,5 @@
 
-policy_module(ppp,1.3.0)
+policy_module(ppp,1.3.1)
 
 ########################################
 #
@@ -130,7 +130,6 @@ term_setattr_unallocated_ttys(pppd_t)
 term_ioctl_generic_ptys(pppd_t)
 # for pppoe
 term_create_pty(pppd_t,pppd_devpts_t)
-term_dontaudit_use_console(pppd_t)
 
 # allow running ip-up and ip-down scripts and running chat.
 corecmd_exec_bin(pppd_t)
@@ -149,8 +148,6 @@ files_read_etc_files(pppd_t)
 
 init_read_utmp(pppd_t)
 init_dontaudit_write_utmp(pppd_t)
-init_use_fds(pppd_t)
-init_use_script_ptys(pppd_t)
 
 libs_use_ld_so(pppd_t)
 libs_use_shared_libs(pppd_t)
@@ -274,16 +271,12 @@ corenet_sendrecv_generic_client_packets(pptp_t)
 fs_getattr_all_fs(pptp_t)
 fs_search_auto_mountpoints(pptp_t)
 
-term_dontaudit_use_console(pptp_t)
 term_ioctl_generic_ptys(pptp_t)
 term_search_ptys(pptp_t)
 term_use_ptmx(pptp_t)
 
 domain_use_interactive_fds(pptp_t)
 
-init_use_fds(pptp_t)
-init_use_script_ptys(pptp_t)
-
 libs_use_ld_so(pptp_t)
 libs_use_shared_libs(pptp_t)
 

policy/modules/services/privoxy.te

@@ -1,5 +1,5 @@
 
-policy_module(privoxy,1.2.0)
+policy_module(privoxy,1.2.1)
 
 ########################################
 #
@@ -61,15 +61,10 @@ dev_read_sysfs(privoxy_t)
 fs_getattr_all_fs(privoxy_t)
 fs_search_auto_mountpoints(privoxy_t)
 
-term_dontaudit_use_console(privoxy_t)
-
 domain_use_interactive_fds(privoxy_t)
 
 files_read_etc_files(privoxy_t)
 
-init_use_fds(privoxy_t)
-init_use_script_ptys(privoxy_t)
-
 libs_use_ld_so(privoxy_t)
 libs_use_shared_libs(privoxy_t)
 

policy/modules/services/pxe.te

@@ -1,5 +1,5 @@
 
-policy_module(pxe,1.0.0)
+policy_module(pxe,1.0.1)
 
 # cjp: policy seems incomplete
 
@@ -48,11 +48,6 @@ files_read_etc_files(pxe_t)
 fs_getattr_all_fs(pxe_t)
 fs_search_auto_mountpoints(pxe_t)
 
-term_dontaudit_use_console(pxe_t)
-
-init_use_fds(pxe_t)
-init_use_script_ptys(pxe_t)
-
 libs_use_ld_so(pxe_t)
 libs_use_shared_libs(pxe_t)
 

policy/modules/services/radius.te

@@ -1,5 +1,5 @@
 
-policy_module(radius,1.2.1)
+policy_module(radius,1.2.2)
 
 ########################################
 #
@@ -79,8 +79,6 @@ dev_read_sysfs(radiusd_t)
 fs_getattr_all_fs(radiusd_t)
 fs_search_auto_mountpoints(radiusd_t)
 
-term_dontaudit_use_console(radiusd_t)
-
 auth_read_shadow(radiusd_t)
 auth_domtrans_chk_passwd(radiusd_t)
 
@@ -94,9 +92,6 @@ files_read_usr_files(radiusd_t)
 files_read_etc_files(radiusd_t)
 files_read_etc_runtime_files(radiusd_t)
 
-init_use_fds(radiusd_t)
-init_use_script_ptys(radiusd_t)
-
 libs_use_ld_so(radiusd_t)
 libs_use_shared_libs(radiusd_t)
 libs_exec_lib_files(radiusd_t)

policy/modules/services/radvd.te

@@ -1,5 +1,5 @@
 
-policy_module(radvd,1.2.1)
+policy_module(radvd,1.2.2)
 
 ########################################
 #
@@ -53,16 +53,11 @@ dev_read_sysfs(radvd_t)
 fs_getattr_all_fs(radvd_t)
 fs_search_auto_mountpoints(radvd_t)
 
-term_dontaudit_use_console(radvd_t)
-
 domain_use_interactive_fds(radvd_t)
 
 files_read_etc_files(radvd_t)
 files_list_usr(radvd_t)
 
-init_use_fds(radvd_t)
-init_use_script_ptys(radvd_t)
-
 libs_use_ld_so(radvd_t)
 libs_use_shared_libs(radvd_t)
 

policy/modules/services/rdisc.te

@@ -1,5 +1,5 @@
 
-policy_module(rdisc,1.2.0)
+policy_module(rdisc,1.2.1)
 
 ########################################
 #
@@ -37,15 +37,10 @@ dev_read_sysfs(rdisc_t)
 
 fs_search_auto_mountpoints(rdisc_t)
 
-term_dontaudit_use_console(rdisc_t)
-
 domain_use_interactive_fds(rdisc_t)
 
 files_read_etc_files(rdisc_t)
 
-init_use_fds(rdisc_t)
-init_use_script_ptys(rdisc_t)
-
 libs_use_ld_so(rdisc_t)
 libs_use_shared_libs(rdisc_t)
 

policy/modules/services/resmgr.te

@@ -1,5 +1,5 @@
 
-policy_module(resmgr,1.0.0)
+policy_module(resmgr,1.0.1)
 
 ########################################
 #
@@ -52,11 +52,6 @@ storage_raw_read_removable_device(resmgrd_t)
 storage_write_scsi_generic(resmgrd_t)
 storage_raw_write_removable_device(resmgrd_t)
 
-term_dontaudit_use_console(resmgrd_t)
-
-init_use_fds(resmgrd_t)
-init_use_script_ptys(resmgrd_t)
-
 libs_use_ld_so(resmgrd_t)
 libs_use_shared_libs(resmgrd_t)
 

policy/modules/services/rhgb.te

@@ -1,5 +1,5 @@
 
-policy_module(rhgb,1.2.1)
+policy_module(rhgb,1.2.2)
 
 ########################################
 #
@@ -82,13 +82,10 @@ fs_manage_ramfs_sockets(rhgb_t)
 
 selinux_dontaudit_read_fs(rhgb_t)
 
-term_dontaudit_use_console(rhgb_t)
 term_use_unallocated_ttys(rhgb_t)
 term_use_ptmx(rhgb_t)
 term_getattr_pty_fs(rhgb_t)
 
-init_use_fds(rhgb_t)
-init_use_script_ptys(rhgb_t)
 init_write_initctl(rhgb_t)
 
 libs_use_ld_so(rhgb_t)

policy/modules/services/ricci.te

@@ -1,5 +1,5 @@
 
-policy_module(ricci,1.0.2)
+policy_module(ricci,1.0.3)
 
 ########################################
 #
@@ -140,7 +140,6 @@ files_create_boot_flag(ricci_t)
 auth_domtrans_chk_passwd(ricci_t)
 auth_append_login_records(ricci_t)
 
-init_dontaudit_use_fds(ricci_t)
 init_dontaudit_stream_connect_script(ricci_t)
 
 libs_use_ld_so(ricci_t)
@@ -155,7 +154,6 @@ miscfiles_read_localization(ricci_t)
 sysnet_dns_name_resolve(ricci_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_console(ricci_t)
 	term_dontaudit_use_generic_ptys(ricci_t)
 	term_dontaudit_use_unallocated_ttys(ricci_t)
 ')
@@ -307,7 +305,6 @@ files_read_etc_runtime_files(ricci_modclusterd_t)
 
 fs_getattr_xattr_fs(ricci_modclusterd_t)
 
-init_dontaudit_use_fds(ricci_modclusterd_t)
 init_dontaudit_stream_connect_script(ricci_modclusterd_t)
 
 libs_use_ld_so(ricci_modclusterd_t)
@@ -323,7 +320,6 @@ sysnet_domtrans_ifconfig(ricci_modclusterd_t)
 sysnet_dns_name_resolve(ricci_modclusterd_t)
 
 ifdef(`targeted_policy', `
-	term_dontaudit_use_console(ricci_modclusterd_t)
 	term_dontaudit_use_generic_ptys(ricci_modclusterd_t)
 	term_dontaudit_use_unallocated_ttys(ricci_modclusterd_t)
 ')

policy/modules/services/roundup.te

@@ -1,5 +1,5 @@
 
-policy_module(roundup,1.1.0)
+policy_module(roundup,1.1.1)
 
 ########################################
 #
@@ -70,11 +70,6 @@ files_read_etc_files(roundup_t)
 fs_getattr_all_fs(roundup_t)
 fs_search_auto_mountpoints(roundup_t)
 
-term_dontaudit_use_console(roundup_t)
-
-init_use_fds(roundup_t)
-init_use_script_ptys(roundup_t)
-
 libs_use_ld_so(roundup_t)
 libs_use_shared_libs(roundup_t)
 

policy/modules/services/rpc.if

@@ -95,16 +95,11 @@ template(`rpc_domain_template', `
 	fs_rw_rpc_named_pipes($1_t) 
 	fs_search_auto_mountpoints($1_t)
 
-	term_dontaudit_use_console($1_t)
-
 	files_read_etc_files($1_t)
 	files_read_etc_runtime_files($1_t)
 	files_search_var($1_t)
 	files_search_var_lib($1_t)
 
-	init_use_fds($1_t)
-	init_use_script_ptys($1_t)
-
 	libs_use_ld_so($1_t)
 	libs_use_shared_libs($1_t)
 

policy/modules/services/rpc.te

@@ -1,5 +1,5 @@
 
-policy_module(rpc,1.4.2)
+policy_module(rpc,1.4.3)
 
 ########################################
 #

policy/modules/services/rsync.te

@@ -1,5 +1,5 @@
 
-policy_module(rsync,1.3.0)
+policy_module(rsync,1.3.1)
 
 ########################################
 #
@@ -71,8 +71,6 @@ fs_getattr_xattr_fs(rsync_t)
 files_read_etc_files(rsync_t)
 files_search_home(rsync_t)
 
-init_dontaudit_use_fds(rsync_t)
-
 libs_use_ld_so(rsync_t)
 libs_use_shared_libs(rsync_t)
 

policy/modules/services/samba.te

@@ -1,5 +1,5 @@
 
-policy_module(samba,1.4.1)
+policy_module(samba,1.4.2)
 
 #################################
 #
@@ -244,8 +244,6 @@ fs_get_xattr_fs_quotas(smbd_t)
 fs_search_auto_mountpoints(smbd_t)
 fs_getattr_rpc_dirs(smbd_t)
 
-term_dontaudit_use_console(smbd_t)
-
 auth_use_nsswitch(smbd_t)
 auth_domtrans_chk_passwd(smbd_t)
 
@@ -259,8 +257,6 @@ files_search_spool(smbd_t)
 # Allow samba to list mnt_t for potential mounted dirs
 files_list_mnt(smbd_t)
 
-init_use_fds(smbd_t)
-init_use_script_ptys(smbd_t)
 init_rw_utmp(smbd_t)
 
 libs_use_ld_so(smbd_t)
@@ -380,16 +376,11 @@ dev_getattr_mtrr_dev(nmbd_t)
 fs_getattr_all_fs(nmbd_t)
 fs_search_auto_mountpoints(nmbd_t)
 
-term_dontaudit_use_console(nmbd_t)
-
 domain_use_interactive_fds(nmbd_t)
 
 files_read_usr_files(nmbd_t)
 files_read_etc_files(nmbd_t)
 
-init_use_fds(nmbd_t)
-init_use_script_ptys(nmbd_t)
-
 libs_use_ld_so(nmbd_t)
 libs_use_shared_libs(nmbd_t)
 
@@ -669,17 +660,12 @@ dev_read_urand(winbind_t)
 fs_getattr_all_fs(winbind_t)
 fs_search_auto_mountpoints(winbind_t)
 
-term_dontaudit_use_console(winbind_t)
-
 auth_domtrans_chk_passwd(winbind_t)
 
 domain_use_interactive_fds(winbind_t)
 
 files_read_etc_files(winbind_t)
 
-init_use_fds(winbind_t)
-init_use_script_ptys(winbind_t)
-
 libs_use_ld_so(winbind_t)
 libs_use_shared_libs(winbind_t)
 

policy/modules/services/sasl.te

@@ -1,5 +1,5 @@
 
-policy_module(sasl,1.4.0)
+policy_module(sasl,1.4.1)
 
 ########################################
 #
@@ -48,8 +48,6 @@ fs_search_auto_mountpoints(saslauthd_t)
 
 selinux_compute_access_vector(saslauthd_t)
 
-term_dontaudit_use_console(saslauthd_t)
-
 auth_domtrans_chk_passwd(saslauthd_t)
 auth_use_nsswitch(saslauthd_t)
 
@@ -61,8 +59,6 @@ files_search_var_lib(saslauthd_t)
 files_dontaudit_getattr_home_dir(saslauthd_t)
 files_dontaudit_getattr_tmp_dirs(saslauthd_t)
 
-init_use_fds(saslauthd_t)
-init_use_script_ptys(saslauthd_t)
 init_dontaudit_stream_connect_script(saslauthd_t)
 
 libs_use_ld_so(saslauthd_t)

policy/modules/services/setroubleshoot.te

@@ -1,5 +1,5 @@
 
-policy_module(setroubleshoot,1.2.2)
+policy_module(setroubleshoot,1.2.3)
 
 ########################################
 #
@@ -79,14 +79,11 @@ files_getattr_all_files(setroubleshootd_t)
 selinux_get_enforce_mode(setroubleshootd_t)
 selinux_validate_context(setroubleshootd_t)
 
-term_dontaudit_use_console(setroubleshootd_t)
 term_dontaudit_use_all_user_ptys(setroubleshootd_t)
 term_dontaudit_use_all_user_ttys(setroubleshootd_t)
 
 init_read_utmp(setroubleshootd_t)
 init_dontaudit_write_utmp(setroubleshootd_t)
-init_use_fds(setroubleshootd_t)
-init_use_script_ptys(setroubleshootd_t)
 
 libs_use_ld_so(setroubleshootd_t)
 libs_use_shared_libs(setroubleshootd_t)

policy/modules/services/slrnpull.te

@@ -1,5 +1,5 @@
 
-policy_module(slrnpull,1.0.0)
+policy_module(slrnpull,1.0.1)
 
 ########################################
 #
@@ -51,11 +51,6 @@ files_read_etc_files(slrnpull_t)
 fs_getattr_all_fs(slrnpull_t)
 fs_search_auto_mountpoints(slrnpull_t)
 
-term_dontaudit_use_console(slrnpull_t)
-
-init_use_fds(slrnpull_t)
-init_use_script_ptys(slrnpull_t)
-
 libs_use_ld_so(slrnpull_t)
 libs_use_shared_libs(slrnpull_t)
 

policy/modules/services/smartmon.te

@@ -1,5 +1,5 @@
 
-policy_module(smartmon,1.1.0)
+policy_module(smartmon,1.1.1)
 
 ########################################
 #
@@ -65,12 +65,8 @@ storage_raw_read_fixed_disk(fsdaemon_t)
 storage_raw_write_fixed_disk(fsdaemon_t)
 storage_raw_read_removable_device(fsdaemon_t)
 
-term_dontaudit_use_console(fsdaemon_t)
 term_dontaudit_search_ptys(fsdaemon_t)
 
-init_use_fds(fsdaemon_t)
-init_use_script_ptys(fsdaemon_t)
-
 libs_use_ld_so(fsdaemon_t)
 libs_use_shared_libs(fsdaemon_t)
 libs_exec_ld_so(fsdaemon_t)

policy/modules/services/snmp.te

@@ -1,5 +1,5 @@
 
-policy_module(snmp,1.3.1)
+policy_module(snmp,1.3.2)
 
 ########################################
 #
@@ -96,11 +96,7 @@ fs_search_auto_mountpoints(snmpd_t)
 storage_dontaudit_read_fixed_disk(snmpd_t)
 storage_dontaudit_read_removable_device(snmpd_t)
 
-term_dontaudit_use_console(snmpd_t)
-
 init_read_utmp(snmpd_t)
-init_use_fds(snmpd_t)
-init_use_script_ptys(snmpd_t)
 init_dontaudit_write_utmp(snmpd_t)
 
 libs_use_ld_so(snmpd_t)

policy/modules/services/snort.te

@@ -1,5 +1,5 @@
 
-policy_module(snort,1.1.0)
+policy_module(snort,1.1.1)
 
 ########################################
 #
@@ -75,11 +75,6 @@ files_dontaudit_read_etc_runtime_files(snort_t)
 fs_getattr_all_fs(snort_t)
 fs_search_auto_mountpoints(snort_t)
 
-term_dontaudit_use_console(snort_t)
-
-init_use_fds(snort_t)
-init_use_script_ptys(snort_t)
-
 libs_use_ld_so(snort_t)
 libs_use_shared_libs(snort_t)
 

policy/modules/services/soundserver.te

@@ -1,5 +1,5 @@
 
-policy_module(soundserver,1.1.0)
+policy_module(soundserver,1.1.1)
 
 ########################################
 #
@@ -85,11 +85,6 @@ files_read_etc_runtime_files(soundd_t)
 fs_getattr_all_fs(soundd_t)
 fs_search_auto_mountpoints(soundd_t)
 
-term_dontaudit_use_console(soundd_t)
-
-init_use_fds(soundd_t)
-init_use_script_ptys(soundd_t)
-
 libs_use_ld_so(soundd_t)
 libs_use_shared_libs(soundd_t)
 

policy/modules/services/spamassassin.te

@@ -1,5 +1,5 @@
 
-policy_module(spamassassin,1.5.4)
+policy_module(spamassassin,1.5.5)
 
 ########################################
 #
@@ -103,8 +103,6 @@ dev_read_urand(spamd_t)
 fs_getattr_all_fs(spamd_t)
 fs_search_auto_mountpoints(spamd_t)
 
-term_dontaudit_use_console(spamd_t)
-
 auth_dontaudit_read_shadow(spamd_t)
 
 corecmd_exec_bin(spamd_t)
@@ -118,8 +116,6 @@ files_read_etc_runtime_files(spamd_t)
 # /var/lib/spamassin
 files_read_var_lib_files(spamd_t)
 
-init_use_fds(spamd_t)
-init_use_script_ptys(spamd_t)
 init_dontaudit_rw_utmp(spamd_t)
 
 libs_use_ld_so(spamd_t)

policy/modules/services/speedtouch.te

@@ -1,5 +1,5 @@
 
-policy_module(speedtouch,1.0.0)
+policy_module(speedtouch,1.0.1)
 
 #######################################
 #
@@ -46,11 +46,6 @@ files_read_usr_files(speedmgmt_t)
 fs_getattr_all_fs(speedmgmt_t)
 fs_search_auto_mountpoints(speedmgmt_t)
 
-term_dontaudit_use_console(speedmgmt_t)
-
-init_use_fds(speedmgmt_t)
-init_use_script_ptys(speedmgmt_t)
-
 libs_use_ld_so(speedmgmt_t)
 libs_use_shared_libs(speedmgmt_t)
 

policy/modules/services/squid.te

@@ -1,5 +1,5 @@
 
-policy_module(squid,1.2.0)
+policy_module(squid,1.2.1)
 
 ########################################
 #
@@ -99,7 +99,6 @@ fs_search_auto_mountpoints(squid_t)
 
 selinux_dontaudit_getattr_dir(squid_t)
 
-term_dontaudit_use_console(squid_t)
 term_dontaudit_getattr_pty_dirs(squid_t)
 
 # to allow running programs from /usr/lib/squid (IE unlinkd)
@@ -116,9 +115,6 @@ files_search_spool(squid_t)
 files_dontaudit_getattr_tmp_dirs(squid_t)
 files_getattr_home_dir(squid_t)
 
-init_use_fds(squid_t)
-init_use_script_ptys(squid_t)
-
 libs_use_ld_so(squid_t)
 libs_use_shared_libs(squid_t)
 # to allow running programs from /usr/lib/squid (IE unlinkd)

policy/modules/services/stunnel.te

@@ -1,5 +1,5 @@
 
-policy_module(stunnel,1.2.0)
+policy_module(stunnel,1.2.1)
 
 ########################################
 #
@@ -84,13 +84,8 @@ ifdef(`distro_gentoo', `
 
 	fs_search_auto_mountpoints(stunnel_t)
 
-	term_dontaudit_use_console(stunnel_t)
-
 	domain_use_interactive_fds(stunnel_t)
 
-	init_use_fds(stunnel_t)
-	init_use_script_ptys(stunnel_t)
-
 	userdom_dontaudit_use_unpriv_user_fds(stunnel_t)
 	userdom_dontaudit_search_sysadm_home_dirs(stunnel_t)
 

policy/modules/services/sysstat.te

@@ -1,5 +1,5 @@
 
-policy_module(sysstat,1.1.1)
+policy_module(sysstat,1.1.2)
 
 ########################################
 #
@@ -53,7 +53,6 @@ term_use_console(sysstat_t)
 term_use_all_terms(sysstat_t)
 
 init_use_fds(sysstat_t)
-init_use_script_ptys(sysstat_t)
 
 libs_use_ld_so(sysstat_t)
 libs_use_shared_libs(sysstat_t)

policy/modules/services/tftp.te

@@ -1,5 +1,5 @@
 
-policy_module(tftp,1.3.0)
+policy_module(tftp,1.3.1)
 
 ########################################
 #
@@ -56,8 +56,6 @@ dev_read_sysfs(tftpd_t)
 fs_getattr_all_fs(tftpd_t)
 fs_search_auto_mountpoints(tftpd_t)
 
-term_dontaudit_use_console(tftpd_t)
-
 domain_use_interactive_fds(tftpd_t)
 
 files_read_etc_files(tftpd_t);
@@ -65,9 +63,6 @@ files_read_var_files(tftpd_t)
 files_read_var_symlinks(tftpd_t)
 files_search_var(tftpd_t)
 
-init_use_fds(tftpd_t)
-init_use_script_ptys(tftpd_t)
-
 libs_use_ld_so(tftpd_t)
 libs_use_shared_libs(tftpd_t)
 

policy/modules/services/timidity.te

@@ -1,5 +1,5 @@
 
-policy_module(timidity,1.2.0)
+policy_module(timidity,1.2.1)
 
 # Note: You only need this policy if you want to run timidity as a server
 
@@ -53,8 +53,6 @@ dev_write_sound(timidity_t)
 
 fs_search_auto_mountpoints(timidity_t)
 
-term_dontaudit_use_console(timidity_t)
-
 domain_use_interactive_fds(timidity_t)
 
 files_search_tmp(timidity_t)
@@ -63,9 +61,6 @@ files_read_usr_files(timidity_t)
 # read /etc/esd.conf
 files_read_etc_files(timidity_t)
 
-init_use_fds(timidity_t)
-init_use_script_ptys(timidity_t)
-
 libs_use_ld_so(timidity_t)
 libs_use_shared_libs(timidity_t)
 # read libartscbackend.la

policy/modules/services/tor.te

@@ -1,5 +1,5 @@
 
-policy_module(tor,1.1.0)
+policy_module(tor,1.1.1)
 
 ########################################
 #
@@ -85,12 +85,6 @@ domain_use_interactive_fds(tor_t)
 files_read_etc_files(tor_t)
 files_read_etc_runtime_files(tor_t)
 
-term_dontaudit_use_console(tor_t)
-
-# comm with init
-init_use_fds(tor_t)
-init_use_script_ptys(tor_t)
-
 libs_use_ld_so(tor_t)
 libs_use_shared_libs(tor_t)
 

policy/modules/services/transproxy.te

@@ -1,5 +1,5 @@
 
-policy_module(transproxy,1.1.0)
+policy_module(transproxy,1.1.1)
 
 ########################################
 #
@@ -47,11 +47,6 @@ files_read_etc_files(transproxy_t)
 fs_getattr_all_fs(transproxy_t)
 fs_search_auto_mountpoints(transproxy_t)
 
-term_dontaudit_use_console(transproxy_t)
-
-init_use_fds(transproxy_t)
-init_use_script_ptys(transproxy_t)
-
 libs_use_ld_so(transproxy_t)
 libs_use_shared_libs(transproxy_t)