From a01820155f4ad8c0049a18b179a24a2f92d37d6e Mon Sep 17 00:00:00 2001
From: Daniel Burgener <Daniel.Burgener@Microsoft.com>
Date: Sat, 2 May 2020 15:46:40 -0400
Subject: [PATCH] Remove out of date "hack" from stunnel.  The underlying
 problem needing a require was fixed back in 2011, so using
 corenet_tcp_bind_stunnel_port would be an option now, but stunnel_t already
 has corenet_tcp_bind_all_ports, so this access is redundant.

Signed-off-by: Daniel Burgener <Daniel.Burgener@Microsoft.com>
---
 policy/modules/services/stunnel.te | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/policy/modules/services/stunnel.te b/policy/modules/services/stunnel.te
index e9a07bc83..4c9dd2f5c 100644
--- a/policy/modules/services/stunnel.te
+++ b/policy/modules/services/stunnel.te
@@ -100,9 +100,3 @@ optional_policy(`
 	udev_read_db(stunnel_t)
 ')
 
-# hack since this port has no interfaces since it doesnt
-# have net_contexts
-gen_require(`
-	type stunnel_port_t;
-')
-allow stunnel_t stunnel_port_t:tcp_socket name_bind;