rpms/selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

roles patch from Dan Walsh to move unwanted interface calls into a ifndef

Browse Source
This commit is contained in:
Jeremy Solt 2010-07-21 10:39:57 -04:00 committed by Chris PeBenito
parent 00ca404a20
commit c87e150280
3 changed files with 304 additions and 298 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

243
policy/modules/roles/staff.te
View File

@ -18,119 +18,22 @@ optional_policy(`
apache_role(staff_r, staff_t)
')
optional_policy(`
auth_role(staff_r, staff_t)
')
optional_policy(`
auditadm_role_change(staff_r)
')
optional_policy(`
bluetooth_role(staff_r, staff_t)
')
optional_policy(`
cdrecord_role(staff_r, staff_t)
')
optional_policy(`
cron_role(staff_r, staff_t)
')
optional_policy(`
dbus_role_template(staff, staff_r, staff_t)
')
optional_policy(`
evolution_role(staff_r, staff_t)
')
optional_policy(`
games_role(staff_r, staff_t)
')
optional_policy(`
gift_role(staff_r, staff_t)
')
optional_policy(`
gnome_role(staff_r, staff_t)
')
optional_policy(`
gpg_role(staff_r, staff_t)
')
optional_policy(`
irc_role(staff_r, staff_t)
')
optional_policy(`
java_role(staff_r, staff_t)
')
optional_policy(`
lockdev_role(staff_r, staff_t)
')
optional_policy(`
lpd_role(staff_r, staff_t)
')
optional_policy(`
mozilla_role(staff_r, staff_t)
')
optional_policy(`
mplayer_role(staff_r, staff_t)
')
optional_policy(`
mta_role(staff_r, staff_t)
')
optional_policy(`
oident_manage_user_content(staff_t)
oident_relabel_user_content(staff_t)
')
optional_policy(`
postgresql_role(staff_r, staff_t)
')
optional_policy(`
pyzor_role(staff_r, staff_t)
')
optional_policy(`
razor_role(staff_r, staff_t)
')
optional_policy(`
rssh_role(staff_r, staff_t)
')
optional_policy(`
screen_role_template(staff, staff_r, staff_t)
')
optional_policy(`
secadm_role_change(staff_r)
')
optional_policy(`
spamassassin_role(staff_r, staff_t)
')
optional_policy(`
ssh_role_template(staff, staff_r, staff_t)
')
optional_policy(`
su_role_template(staff, staff_r, staff_t)
')
optional_policy(`
sudo_role_template(staff, staff_r, staff_t)
')
@ -140,30 +43,128 @@ optional_policy(`
userdom_dontaudit_use_user_terminals(staff_t)
')
optional_policy(`
thunderbird_role(staff_r, staff_t)
')
optional_policy(`
tvtime_role(staff_r, staff_t)
')
optional_policy(`
uml_role(staff_r, staff_t)
')
optional_policy(`
userhelper_role_template(staff, staff_r, staff_t)
')
optional_policy(`
vmware_role(staff_r, staff_t)
')
optional_policy(`
wireshark_role(staff_r, staff_t)
')
optional_policy(`
xserver_role(staff_r, staff_t)
')
ifndef(`distro_redhat',`
optional_policy(`
auth_role(staff_r, staff_t)
')
optional_policy(`
bluetooth_role(staff_r, staff_t)
')
optional_policy(`
cdrecord_role(staff_r, staff_t)
')
optional_policy(`
cron_role(staff_r, staff_t)
')
optional_policy(`
dbus_role_template(staff, staff_r, staff_t)
')
optional_policy(`
evolution_role(staff_r, staff_t)
')
optional_policy(`
games_role(staff_r, staff_t)
')
optional_policy(`
gift_role(staff_r, staff_t)
')
optional_policy(`
gnome_role(staff_r, staff_t)
')
optional_policy(`
gpg_role(staff_r, staff_t)
')
optional_policy(`
irc_role(staff_r, staff_t)
')
optional_policy(`
java_role(staff_r, staff_t)
')
optional_policy(`
lockdev_role(staff_r, staff_t)
')
optional_policy(`
lpd_role(staff_r, staff_t)
')
optional_policy(`
mozilla_role(staff_r, staff_t)
')
optional_policy(`
mplayer_role(staff_r, staff_t)
')
optional_policy(`
mta_role(staff_r, staff_t)
')
optional_policy(`
oident_manage_user_content(staff_t)
oident_relabel_user_content(staff_t)
')
optional_policy(`
pyzor_role(staff_r, staff_t)
')
optional_policy(`
razor_role(staff_r, staff_t)
')
optional_policy(`
rssh_role(staff_r, staff_t)
')
optional_policy(`
screen_role_template(staff, staff_r, staff_t)
')
optional_policy(`
spamassassin_role(staff_r, staff_t)
')
optional_policy(`
su_role_template(staff, staff_r, staff_t)
')
optional_policy(`
thunderbird_role(staff_r, staff_t)
')
optional_policy(`
tvtime_role(staff_r, staff_t)
')
optional_policy(`
uml_role(staff_r, staff_t)
')
optional_policy(`
userhelper_role_template(staff, staff_r, staff_t)
')
optional_policy(`
vmware_role(staff_r, staff_t)
')
optional_policy(`
wireshark_role(staff_r, staff_t)
')
')

99
policy/modules/roles/sysadm.te
View File

@ -85,10 +85,6 @@ optional_policy(`
auditadm_role_change(sysadm_r)
')
optional_policy(`
auth_role(sysadm_r, sysadm_t)
')
optional_policy(`
backup_run(sysadm_t, sysadm_r)
')
@ -97,18 +93,10 @@ optional_policy(`
bind_run_ndc(sysadm_t, sysadm_r)
')
optional_policy(`
bluetooth_role(sysadm_r, sysadm_t)
')
optional_policy(`
bootloader_run(sysadm_t, sysadm_r)
')
optional_policy(`
cdrecord_role(sysadm_r, sysadm_t)
')
optional_policy(`
certwatch_run(sysadm_t, sysadm_r)
')
@ -125,18 +113,10 @@ optional_policy(`
consoletype_run(sysadm_t, sysadm_r)
')
optional_policy(`
cron_admin_role(sysadm_r, sysadm_t)
')
optional_policy(`
cvs_exec(sysadm_t)
')
optional_policy(`
dbus_role_template(sysadm, sysadm_r, sysadm_t)
')
optional_policy(`
dcc_run_cdcc(sysadm_t, sysadm_r)
dcc_run_client(sysadm_t, sysadm_r)
@ -159,10 +139,6 @@ optional_policy(`
dpkg_run(sysadm_t, sysadm_r)
')
optional_policy(`
evolution_role(sysadm_r, sysadm_t)
')
optional_policy(`
firstboot_run(sysadm_t, sysadm_r)
')
@ -171,22 +147,6 @@ optional_policy(`
fstools_run(sysadm_t, sysadm_r)
')
optional_policy(`
games_role(sysadm_r, sysadm_t)
')
optional_policy(`
gift_role(sysadm_r, sysadm_t)
')
optional_policy(`
gnome_role(sysadm_r, sysadm_t)
')
optional_policy(`
gpg_role(sysadm_r, sysadm_t)
')
optional_policy(`
hostname_run(sysadm_t, sysadm_r)
')
@ -205,14 +165,6 @@ optional_policy(`
iptables_run(sysadm_t, sysadm_r)
')
optional_policy(`
irc_role(sysadm_r, sysadm_t)
')
optional_policy(`
java_role(sysadm_r, sysadm_t)
')
optional_policy(`
kudzu_run(sysadm_t, sysadm_r)
')
@ -444,3 +396,54 @@ optional_policy(`
optional_policy(`
yam_run(sysadm_t, sysadm_r)
')
ifndef(`distro_redhat',`
optional_policy(`
auth_role(sysadm_r, sysadm_t)
')
optional_policy(`
bluetooth_role(sysadm_r, sysadm_t)
')
optional_policy(`
cdrecord_role(sysadm_r, sysadm_t)
')
optional_policy(`
cron_admin_role(sysadm_r, sysadm_t)
')
optional_policy(`
dbus_role_template(sysadm, sysadm_r, sysadm_t)
')
optional_policy(`
evolution_role(sysadm_r, sysadm_t)
')
optional_policy(`
games_role(sysadm_r, sysadm_t)
')
optional_policy(`
gift_role(sysadm_r, sysadm_t)
')
optional_policy(`
gnome_role(sysadm_r, sysadm_t)
')
optional_policy(`
gpg_role(sysadm_r, sysadm_t)
')
optional_policy(`
irc_role(sysadm_r, sysadm_t)
')
optional_policy(`
java_role(sysadm_r, sysadm_t)
')
')

260
policy/modules/roles/unprivuser.te
View File

@ -16,139 +16,141 @@ optional_policy(`
apache_role(user_r, user_t)
')
optional_policy(`
auth_role(user_r, user_t)
')
optional_policy(`
bluetooth_role(user_r, user_t)
')
optional_policy(`
cdrecord_role(user_r, user_t)
')
optional_policy(`
cron_role(user_r, user_t)
')
optional_policy(`
dbus_role_template(user, user_r, user_t)
')
optional_policy(`
evolution_role(user_r, user_t)
')
optional_policy(`
games_role(user_r, user_t)
')
optional_policy(`
gift_role(user_r, user_t)
')
optional_policy(`
gnome_role(user_r, user_t)
')
optional_policy(`
gpg_role(user_r, user_t)
')
optional_policy(`
irc_role(user_r, user_t)
')
optional_policy(`
java_role(user_r, user_t)
')
optional_policy(`
lockdev_role(user_r, user_t)
')
optional_policy(`
lpd_role(user_r, user_t)
')
optional_policy(`
mozilla_role(user_r, user_t)
')
optional_policy(`
mplayer_role(user_r, user_t)
')
optional_policy(`
mta_role(user_r, user_t)
')
optional_policy(`
oident_manage_user_content(user_t)
oident_relabel_user_content(user_t)
')
optional_policy(`
postgresql_role(user_r, user_t)
')
optional_policy(`
pyzor_role(user_r, user_t)
')
optional_policy(`
razor_role(user_r, user_t)
')
optional_policy(`
rssh_role(user_r, user_t)
')
optional_policy(`
screen_role_template(user, user_r, user_t)
')
optional_policy(`
spamassassin_role(user_r, user_t)
')
optional_policy(`
ssh_role_template(user, user_r, user_t)
')
optional_policy(`
su_role_template(user, user_r, user_t)
')
optional_policy(`
sudo_role_template(user, user_r, user_t)
')
optional_policy(`
thunderbird_role(user_r, user_t)
')
optional_policy(`
tvtime_role(user_r, user_t)
')
optional_policy(`
uml_role(user_r, user_t)
')
optional_policy(`
userhelper_role_template(user, user_r, user_t)
')
optional_policy(`
vmware_role(user_r, user_t)
')
optional_policy(`
wireshark_role(user_r, user_t)
')
optional_policy(`
xserver_role(user_r, user_t)
')
ifndef(`distro_redhat',`
optional_policy(`
auth_role(user_r, user_t)
')
optional_policy(`
bluetooth_role(user_r, user_t)
')
optional_policy(`
cdrecord_role(user_r, user_t)
')
optional_policy(`
cron_role(user_r, user_t)
')
optional_policy(`
dbus_role_template(user, user_r, user_t)
')
optional_policy(`
evolution_role(user_r, user_t)
')
optional_policy(`
games_role(user_r, user_t)
')
optional_policy(`
gift_role(user_r, user_t)
')
optional_policy(`
gnome_role(user_r, user_t)
')
optional_policy(`
gpg_role(user_r, user_t)
')
optional_policy(`
irc_role(user_r, user_t)
')
optional_policy(`
java_role(user_r, user_t)
')
optional_policy(`
lockdev_role(user_r, user_t)
')
optional_policy(`
lpd_role(user_r, user_t)
')
optional_policy(`
mozilla_role(user_r, user_t)
')
optional_policy(`
mplayer_role(user_r, user_t)
')
optional_policy(`
mta_role(user_r, user_t)
')
optional_policy(`
oident_manage_user_content(user_t)
oident_relabel_user_content(user_t)
')
optional_policy(`
postgresql_role(user_r, user_t)
')
optional_policy(`
pyzor_role(user_r, user_t)
')
optional_policy(`
razor_role(user_r, user_t)
')
optional_policy(`
rssh_role(user_r, user_t)
')
optional_policy(`
spamassassin_role(user_r, user_t)
')
optional_policy(`
ssh_role_template(user, user_r, user_t)
')
optional_policy(`
su_role_template(user, user_r, user_t)
')
optional_policy(`
sudo_role_template(user, user_r, user_t)
')
optional_policy(`
thunderbird_role(user_r, user_t)
')
optional_policy(`
tvtime_role(user_r, user_t)
')
optional_policy(`
uml_role(user_r, user_t)
')
optional_policy(`
userhelper_role_template(user, user_r, user_t)
')
optional_policy(`
vmware_role(user_r, user_t)
')
optional_policy(`
wireshark_role(user_r, user_t)
')
')