From b281bf6ed9da9aee47d7c6ec91053c4f62cf9d06 Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Thu, 27 Oct 2005 15:06:15 +0000
Subject: [PATCH] add some missing transitions from unconfined

---
 refpolicy/policy/modules/admin/firstboot.if   |  7 ------
 refpolicy/policy/modules/system/libraries.if  |  3 ---
 refpolicy/policy/modules/system/unconfined.te | 23 +++++++++++++++++--
 3 files changed, 21 insertions(+), 12 deletions(-)

diff --git a/refpolicy/policy/modules/admin/firstboot.if b/refpolicy/policy/modules/admin/firstboot.if
index 868929a7b..fafc67d8c 100644
--- a/refpolicy/policy/modules/admin/firstboot.if
+++ b/refpolicy/policy/modules/admin/firstboot.if
@@ -14,9 +14,6 @@
 interface(`firstboot_domtrans',`
 	gen_require(`
 		type firstboot_t, firstboot_exec_t;
-		class process sigchld;
-		class fd use;
-		class fifo_file rw_file_perms;
 	')
 
 	domain_auto_trans($1,firstboot_exec_t,firstboot_t)
@@ -45,7 +42,6 @@ interface(`firstboot_domtrans',`
 interface(`firstboot_run',`
 	gen_require(`
 		type firstboot_t;
-		class chr_file rw_term_perms;
 	')
 
 	firstboot_domtrans($1)
@@ -64,7 +60,6 @@ interface(`firstboot_run',`
 interface(`firstboot_use_fd',`
 	gen_require(`
 		type firstboot_t;
-		class fd use;
 	')
 
 	allow $1 firstboot_t:fd use;
@@ -82,7 +77,6 @@ interface(`firstboot_use_fd',`
 interface(`firstboot_dontaudit_use_fd',`
 	gen_require(`
 		type firstboot_t;
-		class fd use;
 	')
 
 	dontaudit $1 firstboot_t:fd use;
@@ -99,7 +93,6 @@ interface(`firstboot_dontaudit_use_fd',`
 interface(`firstboot_write_pipe',`
 	gen_require(`
 		type firstboot_t;
-		class fifo_file write;
 	')
 
 	allow $1 firstboot_t:fifo_file write;
diff --git a/refpolicy/policy/modules/system/libraries.if b/refpolicy/policy/modules/system/libraries.if
index 9b1da6a09..28911f033 100644
--- a/refpolicy/policy/modules/system/libraries.if
+++ b/refpolicy/policy/modules/system/libraries.if
@@ -11,9 +11,6 @@
 interface(`libs_domtrans_ldconfig',`
 	gen_require(`
 		type ldconfig_t, ldconfig_exec_t;
-		class process sigchld;
-		class fd use;
-		class fifo_file rw_file_perms;
 	')
 
 	corecmd_search_sbin($1)
diff --git a/refpolicy/policy/modules/system/unconfined.te b/refpolicy/policy/modules/system/unconfined.te
index c9a5d3874..b7815ee0e 100644
--- a/refpolicy/policy/modules/system/unconfined.te
+++ b/refpolicy/policy/modules/system/unconfined.te
@@ -33,11 +33,25 @@ ifdef(`targeted_policy',`
 
 	init_domtrans_script(unconfined_t)
 
+	libs_domtrans_ldconfig(unconfined_t)
+
+	logging_domtrans_auditctl(unconfined_t)
+
+	seutil_domtrans_restorecon(unconfined_t)
+
 	userdom_unconfined(unconfined_t)
 	userdom_priveleged_home_dir_manager(unconfined_t)
 
-	optional_policy(`logging.te',`
-		logging_domtrans_auditctl(unconfined_t)
+	optional_policy(`amanda.te',`
+		amanda_domtrans_recover(unconfined_t)
+	')
+
+	optional_policy(`dmidecode.te',`
+		dmidecode_domtrans(unconfined_t)
+	')
+
+	optional_policy(`firstboot.te',`
+		firstboot_domtrans(unconfined_t)
 	')
 
 	optional_policy(`lpd.te',`
@@ -50,6 +64,10 @@ ifdef(`targeted_policy',`
 		modutils_domtrans_update_mods(unconfined_t)
 	')
 
+	optional_policy(`portmap.te',`
+		portmap_domtrans_helper(unconfined_t)
+	')
+
 	optional_policy(`postfix.te',`
 		postfix_domtrans_map(unconfined_t)
 	')
@@ -60,6 +78,7 @@ ifdef(`targeted_policy',`
 
 	optional_policy(`samba.te',`
 		samba_domtrans_net(unconfined_t)
+		samba_domtrans_winbind_helper(unconfined_t)
 	')
 
 	optional_policy(`su.te',`