dbus obj class cleanup

refpolicy/policy/modules/services/bind.te

@@ -270,20 +270,26 @@ optional_policy(`nscd.te',`
 # Partially converted rules.  THESE ARE ONLY TEMPORARY
 #
 
+gen_require(`
+	class dbus send_msg;
+')
+
+allow named_t initrc_t:dbus send_msg;
+
 # cjp: this whole block was originally in networkmanager
 optional_policy(`networkmanager.te',`
 	gen_require(`
 		type NetworkManager_t;
 	')
 
-	optional_policy(`dbus.te',`
+#	optional_policy(`dbus.te',`
-		gen_require(`
+#		gen_require(`
-			class dbus send_msg;
+#			class dbus send_msg;
-		')
+#		')
 
 		allow NetworkManager_t named_t:dbus send_msg;
 		allow named_t NetworkManager_t:dbus send_msg;
-	')
+#	')
 
 	bind_domtrans(NetworkManager_t)
 

refpolicy/policy/modules/services/hal.te

@@ -178,26 +178,26 @@ optional_policy(`rhgb.te',`
 
 allow hald_t device_t:dir create_dir_perms;
 
-optional_policy(`updfstab.te',`
-allow updfstab_t hald_t:dbus send_msg;
-allow hald_t updfstab_t:dbus send_msg;
-')
-
 optional_policy(`hald.te',`
 allow udev_t hald_t:unix_dgram_socket sendto;
 ')
 
-allow hald_t initrc_t:dbus send_msg;
-allow initrc_t hald_t:dbus send_msg;
-
 # For /usr/libexec/hald-addon-acpi - writes to /var/run/acpid.socket
 ifdef(`apmd.te', `
 allow hald_t apmd_var_run_t:sock_file write;
 allow hald_t apmd_t:unix_stream_socket connectto;
 ')
+') dnl end TODO
 
 ifdef(`targeted_policy', `
 allow unconfined_t hald_t:dbus send_msg;
 allow hald_t unconfined_t:dbus send_msg;
 ')
-') dnl end TODO
+
+optional_policy(`updfstab.te',`
+	allow updfstab_t hald_t:dbus send_msg;
+	allow hald_t updfstab_t:dbus send_msg;
+')
+
+allow hald_t initrc_t:dbus send_msg;
+allow initrc_t hald_t:dbus send_msg;