RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #166 from dburgener/remove-unused-requires

This commit is contained in:
Chris PeBenito 2020-01-25 13:34:34 -05:00
parent 1037d2ac8e 36c3a7903c
commit a6576234c8
26 changed files with 23 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
policy/modules/admin/cfengine.if
View File

@ -13,7 +13,6 @@
template(`cfengine_domain_template',` template(`cfengine_domain_template',`
gen_require(` gen_require(`
attribute cfengine_domain; attribute cfengine_domain;
type cfengine_log_t, cfengine_var_lib_t;
') ')
######################################## ########################################

4
policy/modules/admin/fakehwclock.if
View File

@ -67,8 +67,8 @@ interface(`fakehwclock_run',`
# #
interface(`fakehwclock_admin',` interface(`fakehwclock_admin',`
gen_require(` gen_require(`
type fakehwclock_t, fakehwclock_exec_t, fakehwclock_backup_t; type fakehwclock_t, fakehwclock_backup_t, fakehwclock_initrc_exec_t;
type fakehwclock_initrc_exec_t, fakehwclock_unit_t; type fakehwclock_unit_t;
') ')
admin_process_pattern($1, fakehwclock_t) admin_process_pattern($1, fakehwclock_t)

4
policy/modules/admin/kismet.if
View File

@ -17,8 +17,8 @@
# #
template(`kismet_role',` template(`kismet_role',`
gen_require(` gen_require(`
type kismet_exec_t, kismet_home_t, kismet_tmp_t; type kismet_home_t, kismet_tmp_t, kismet_tmpfs_t;
type kismet_tmpfs_t, kismet_t; type kismet_t;
') ')
kismet_run($1, $2) kismet_run($1, $2)

1
policy/modules/admin/tboot.if
View File

@ -37,7 +37,6 @@ interface(`tboot_domtrans_txtstat',`
# #
interface(`tboot_run_txtstat',` interface(`tboot_run_txtstat',`
gen_require(` gen_require(`
type txtstat_t;
attribute_role txtstat_roles; attribute_role txtstat_roles;
') ')

1
policy/modules/apps/chromium.if
View File

@ -21,7 +21,6 @@ interface(`chromium_role',`
type chromium_renderer_t; type chromium_renderer_t;
type chromium_sandbox_t; type chromium_sandbox_t;
type chromium_naclhelper_t; type chromium_naclhelper_t;
type chromium_exec_t;
class dbus send_msg; class dbus send_msg;
') ')

2
policy/modules/apps/evolution.if
View File

@ -117,7 +117,7 @@ interface(`evolution_home_filetrans',`
# #
interface(`evolution_read_home_files',` interface(`evolution_read_home_files',`
gen_require(` gen_require(`
type evolution_t, evolution_home_t; type evolution_home_t;
') ')
read_files_pattern($1, evolution_home_t, evolution_home_t) read_files_pattern($1, evolution_home_t, evolution_home_t)

2
policy/modules/apps/uml.if
View File

@ -20,7 +20,7 @@ interface(`uml_role',`
attribute_role uml_roles; attribute_role uml_roles;
type uml_t, uml_exec_t; type uml_t, uml_exec_t;
type uml_ro_t, uml_rw_t, uml_tmp_t; type uml_ro_t, uml_rw_t, uml_tmp_t;
type uml_devpts_t, uml_tmpfs_t; type uml_tmpfs_t;
') ')
roleattribute $1 uml_roles; roleattribute $1 uml_roles;

2
policy/modules/apps/userhelper.if
View File

@ -25,7 +25,7 @@ template(`userhelper_role_template',`
gen_require(` gen_require(`
attribute userhelper_type, consolehelper_type; attribute userhelper_type, consolehelper_type;
attribute_role userhelper_roles, consolehelper_roles; attribute_role userhelper_roles, consolehelper_roles;
type userhelper_exec_t, consolehelper_exec_t, userhelper_conf_t; type userhelper_exec_t, consolehelper_exec_t;
') ')
######################################## ########################################

10
policy/modules/kernel/corecommands.if
View File

@ -249,10 +249,6 @@ interface(`corecmd_dontaudit_write_bin_files',`
interface(`corecmd_read_bin_symlinks',` interface(`corecmd_read_bin_symlinks',`
refpolicywarn(`$0() has been deprecated, please use corecmd_search_bin() instead.') refpolicywarn(`$0() has been deprecated, please use corecmd_search_bin() instead.')
gen_require(`
type bin_t;
')
corecmd_search_bin($1) corecmd_search_bin($1)
') ')
@ -491,7 +487,7 @@ interface(`corecmd_bin_domtrans',`
# #
interface(`corecmd_check_exec_shell',` interface(`corecmd_check_exec_shell',`
gen_require(` gen_require(`
type bin_t, shell_exec_t; type shell_exec_t;
') ')
corecmd_list_bin($1) corecmd_list_bin($1)
@ -528,7 +524,7 @@ interface(`corecmd_check_exec_shell',`
# #
interface(`corecmd_exec_shell',` interface(`corecmd_exec_shell',`
gen_require(` gen_require(`
type bin_t, shell_exec_t; type shell_exec_t;
') ')
corecmd_list_bin($1) corecmd_list_bin($1)
@ -566,7 +562,7 @@ interface(`corecmd_exec_shell',`
# #
interface(`corecmd_shell_spec_domtrans',` interface(`corecmd_shell_spec_domtrans',`
gen_require(` gen_require(`
type bin_t, shell_exec_t; type shell_exec_t;
') ')
corecmd_list_bin($1) corecmd_list_bin($1)

8
policy/modules/kernel/devices.if
View File

@ -1967,7 +1967,7 @@ interface(`dev_setattr_dri_dev',`
# #
interface(`dev_ioctl_dri_dev',` interface(`dev_ioctl_dri_dev',`
gen_require(` gen_require(`
type device_t, dri_device_t; type dri_device_t;
') ')
allow $1 dri_device_t:chr_file ioctl; allow $1 dri_device_t:chr_file ioctl;
@ -2791,7 +2791,7 @@ interface(`dev_write_raw_memory',`
# #
interface(`dev_rx_raw_memory',` interface(`dev_rx_raw_memory',`
gen_require(` gen_require(`
type device_t, memory_device_t; type memory_device_t;
') ')
dev_read_raw_memory($1) dev_read_raw_memory($1)
@ -2810,7 +2810,7 @@ interface(`dev_rx_raw_memory',`
# #
interface(`dev_wx_raw_memory',` interface(`dev_wx_raw_memory',`
gen_require(` gen_require(`
type device_t, memory_device_t; type memory_device_t;
') ')
dev_write_raw_memory($1) dev_write_raw_memory($1)
@ -5002,7 +5002,7 @@ interface(`dev_rw_vmware',`
# #
interface(`dev_rwx_vmware',` interface(`dev_rwx_vmware',`
gen_require(` gen_require(`
type device_t, vmware_device_t; type vmware_device_t;
') ')
dev_rw_vmware($1) dev_rw_vmware($1)

1
policy/modules/kernel/files.if
View File

@ -407,7 +407,6 @@ interface(`files_poly_member_tmp',`
interface(`files_tmp_file',` interface(`files_tmp_file',`
gen_require(` gen_require(`
attribute tmpfile; attribute tmpfile;
type tmp_t;
') ')
files_type($1) files_type($1)

2
policy/modules/kernel/kernel.if
View File

@ -1347,7 +1347,7 @@ interface(`kernel_getattr_message_if',`
# #
interface(`kernel_dontaudit_getattr_message_if',` interface(`kernel_dontaudit_getattr_message_if',`
gen_require(` gen_require(`
type proc_kmsg_t, proc_t; type proc_kmsg_t;
') ')
dontaudit $1 proc_kmsg_t:file getattr; dontaudit $1 proc_kmsg_t:file getattr;

1
policy/modules/kernel/terminal.if
View File

@ -84,7 +84,6 @@ interface(`term_login_pty',`
interface(`term_tty',` interface(`term_tty',`
gen_require(` gen_require(`
attribute ttynode, serial_device; attribute ttynode, serial_device;
type tty_device_t;
') ')
typeattribute $1 ttynode, serial_device; typeattribute $1 ttynode, serial_device;

4
policy/modules/services/apache.if
View File

@ -1088,7 +1088,7 @@ interface(`apache_domtrans_all_scripts',`
# #
interface(`apache_run_all_scripts',` interface(`apache_run_all_scripts',`
gen_require(` gen_require(`
attribute httpd_exec_scripts, httpd_script_domains; attribute httpd_script_domains;
') ')
role $2 types httpd_script_domains; role $2 types httpd_script_domains;
@ -1310,7 +1310,7 @@ interface(`apache_delete_lib_files',`
# #
interface(`apache_cgi_domain',` interface(`apache_cgi_domain',`
gen_require(` gen_require(`
type httpd_t, httpd_sys_script_exec_t; type httpd_t;
') ')
domtrans_pattern(httpd_t, $2, $1) domtrans_pattern(httpd_t, $2, $1)

2
policy/modules/services/openct.if
View File

@ -30,7 +30,7 @@ interface(`openct_signull',`
# #
interface(`openct_exec',` interface(`openct_exec',`
gen_require(` gen_require(`
type openct_t, openct_exec_t; type openct_exec_t;
') ')
corecmd_search_bin($1) corecmd_search_bin($1)

1
policy/modules/services/postgresql.if
View File

@ -563,7 +563,6 @@ interface(`postgresql_unconfined',`
interface(`postgresql_admin',` interface(`postgresql_admin',`
gen_require(` gen_require(`
attribute sepgsql_admin_type; attribute sepgsql_admin_type;
attribute sepgsql_client_type;
type postgresql_t, postgresql_runtime_t; type postgresql_t, postgresql_runtime_t;
type postgresql_tmp_t, postgresql_db_t; type postgresql_tmp_t, postgresql_db_t;

3
policy/modules/services/ssh.if
View File

@ -301,8 +301,7 @@ template(`ssh_role_template',`
gen_require(` gen_require(`
attribute ssh_server, ssh_agent_type; attribute ssh_server, ssh_agent_type;
type ssh_t, ssh_exec_t, ssh_tmpfs_t, ssh_home_t; type ssh_t, ssh_exec_t, ssh_home_t, ssh_agent_exec_t;
type ssh_agent_exec_t, ssh_keysign_t, ssh_tmpfs_t;
type ssh_agent_tmp_t; type ssh_agent_tmp_t;
') ')

2
policy/modules/services/virt.if
View File

@ -1016,7 +1016,6 @@ interface(`virt_search_images',`
# #
interface(`virt_read_images',` interface(`virt_read_images',`
gen_require(` gen_require(`
type virt_var_lib_t;
attribute virt_image_type; attribute virt_image_type;
') ')
@ -1096,7 +1095,6 @@ interface(`virt_manage_virt_cache',`
# #
interface(`virt_manage_images',` interface(`virt_manage_images',`
gen_require(` gen_require(`
type virt_var_lib_t;
attribute virt_image_type; attribute virt_image_type;
') ')

1
policy/modules/services/xserver.if
View File

@ -337,7 +337,6 @@ interface(`xserver_non_drawing_client',`
template(`xserver_common_x_domain_template',` template(`xserver_common_x_domain_template',`
gen_require(` gen_require(`
type root_xdrawable_t; type root_xdrawable_t;
type xproperty_t, $1_xproperty_t;
type xevent_t, client_xevent_t; type xevent_t, client_xevent_t;
type input_xevent_t, $1_input_xevent_t; type input_xevent_t, $1_input_xevent_t;

5
policy/modules/system/init.if
View File

@ -3284,11 +3284,6 @@ interface(`init_reload_all_units',`
## </param> ## </param>
# #
interface(`init_admin',` interface(`init_admin',`
gen_require(`
type initrc_exec_t;
class service status;
')
dev_manage_null_service($1) dev_manage_null_service($1)
init_disable($1) init_disable($1)
init_enable($1) init_enable($1)

1
policy/modules/system/iptables.if
View File

@ -158,7 +158,6 @@ interface(`iptables_etc_filetrans_config',`
interface(`iptables_manage_config',` interface(`iptables_manage_config',`
gen_require(` gen_require(`
type iptables_conf_t; type iptables_conf_t;
type etc_t;
') ')
files_search_etc($1) files_search_etc($1)

2
policy/modules/system/logging.if
View File

@ -1290,7 +1290,7 @@ interface(`logging_admin_syslog',`
type syslogd_t, klogd_t, syslog_conf_t; type syslogd_t, klogd_t, syslog_conf_t;
type syslogd_tmp_t, syslogd_var_lib_t; type syslogd_tmp_t, syslogd_var_lib_t;
type syslogd_runtime_t, klogd_runtime_t; type syslogd_runtime_t, klogd_runtime_t;
type klogd_tmp_t, var_log_t; type klogd_tmp_t;
type syslogd_initrc_exec_t, syslogd_unit_t; type syslogd_initrc_exec_t, syslogd_unit_t;
') ')

1
policy/modules/system/miscfiles.if
View File

@ -841,7 +841,6 @@ interface(`miscfiles_read_tetex_data',`
# #
interface(`miscfiles_exec_tetex_data',` interface(`miscfiles_exec_tetex_data',`
gen_require(` gen_require(`
type fonts_t;
type tetex_data_t; type tetex_data_t;
') ')

2
policy/modules/system/selinuxutil.if
View File

@ -211,7 +211,7 @@ interface(`seutil_run_newrole',`
# #
interface(`seutil_exec_newrole',` interface(`seutil_exec_newrole',`
gen_require(` gen_require(`
type newrole_t, newrole_exec_t; type newrole_exec_t;
') ')
files_search_usr($1) files_search_usr($1)

9
policy/modules/system/sysnetwork.if
View File

@ -727,9 +727,6 @@ interface(`sysnet_dhcp_state_filetrans',`
## <rolecap/> ## <rolecap/>
# #
interface(`sysnet_dns_name_resolve',` interface(`sysnet_dns_name_resolve',`
gen_require(`
type net_conf_t;
')
allow $1 self:tcp_socket create_socket_perms; allow $1 self:tcp_socket create_socket_perms;
allow $1 self:udp_socket create_socket_perms; allow $1 self:udp_socket create_socket_perms;
@ -781,9 +778,6 @@ interface(`sysnet_dns_name_resolve',`
## </param> ## </param>
# #
interface(`sysnet_use_ldap',` interface(`sysnet_use_ldap',`
gen_require(`
type net_conf_t;
')
allow $1 self:tcp_socket create_socket_perms; allow $1 self:tcp_socket create_socket_perms;
@ -812,9 +806,6 @@ interface(`sysnet_use_ldap',`
## </param> ## </param>
# #
interface(`sysnet_use_portmap',` interface(`sysnet_use_portmap',`
gen_require(`
type net_conf_t;
')
allow $1 self:tcp_socket create_socket_perms; allow $1 self:tcp_socket create_socket_perms;
allow $1 self:udp_socket create_socket_perms; allow $1 self:udp_socket create_socket_perms;

4
policy/modules/system/userdomain.if
View File

@ -2312,7 +2312,7 @@ interface(`userdom_manage_user_home_content_files',`
# #
interface(`userdom_dontaudit_manage_user_home_content_dirs',` interface(`userdom_dontaudit_manage_user_home_content_dirs',`
gen_require(` gen_require(`
type user_home_dir_t, user_home_t; type user_home_t;
') ')
dontaudit $1 user_home_t:dir manage_dir_perms; dontaudit $1 user_home_t:dir manage_dir_perms;
@ -3577,7 +3577,7 @@ interface(`userdom_pid_filetrans_user_runtime_root',`
# #
interface(`userdom_user_runtime_filetrans',` interface(`userdom_user_runtime_filetrans',`
gen_require(` gen_require(`
type user_runtime_root_t, user_runtime_t; type user_runtime_t;
') ')
filetrans_pattern($1, user_runtime_t, $2, $3, $4) filetrans_pattern($1, user_runtime_t, $2, $3, $4)