add some missing transitions from unconfined

2005-10-27 15:06:15 +00:00 · 2005-10-27 15:06:15 +00:00 · b281bf6ed9
parent a525f293c3
commit b281bf6ed9
3 changed files with 21 additions and 12 deletions
--- a/refpolicy/policy/modules/admin/firstboot.if
+++ b/refpolicy/policy/modules/admin/firstboot.if
@ -14,9 +14,6 @@
 interface(`firstboot_domtrans',`
 	gen_require(`
 		type firstboot_t, firstboot_exec_t;
-		class process sigchld;
-		class fd use;
-		class fifo_file rw_file_perms;
 	')

 	domain_auto_trans($1,firstboot_exec_t,firstboot_t)
@ -45,7 +42,6 @@ interface(`firstboot_domtrans',`
 interface(`firstboot_run',`
 	gen_require(`
 		type firstboot_t;
-		class chr_file rw_term_perms;
 	')

 	firstboot_domtrans($1)
@ -64,7 +60,6 @@ interface(`firstboot_run',`
 interface(`firstboot_use_fd',`
 	gen_require(`
 		type firstboot_t;
-		class fd use;
 	')

 	allow $1 firstboot_t:fd use;
@ -82,7 +77,6 @@ interface(`firstboot_use_fd',`
 interface(`firstboot_dontaudit_use_fd',`
 	gen_require(`
 		type firstboot_t;
-		class fd use;
 	')

 	dontaudit $1 firstboot_t:fd use;
@ -99,7 +93,6 @@ interface(`firstboot_dontaudit_use_fd',`
 interface(`firstboot_write_pipe',`
 	gen_require(`
 		type firstboot_t;
-		class fifo_file write;
 	')

 	allow $1 firstboot_t:fifo_file write;
--- a/refpolicy/policy/modules/system/libraries.if
+++ b/refpolicy/policy/modules/system/libraries.if
@ -11,9 +11,6 @@
 interface(`libs_domtrans_ldconfig',`
 	gen_require(`
 		type ldconfig_t, ldconfig_exec_t;
-		class process sigchld;
-		class fd use;
-		class fifo_file rw_file_perms;
 	')

 	corecmd_search_sbin($1)
--- a/refpolicy/policy/modules/system/unconfined.te
+++ b/refpolicy/policy/modules/system/unconfined.te
@ -33,11 +33,25 @@ ifdef(`targeted_policy',`

 	init_domtrans_script(unconfined_t)

+	libs_domtrans_ldconfig(unconfined_t)
+
+	logging_domtrans_auditctl(unconfined_t)
+
+	seutil_domtrans_restorecon(unconfined_t)
+
 	userdom_unconfined(unconfined_t)
 	userdom_priveleged_home_dir_manager(unconfined_t)

-	optional_policy(`logging.te',`
-		logging_domtrans_auditctl(unconfined_t)
+	optional_policy(`amanda.te',`
+		amanda_domtrans_recover(unconfined_t)
+	')
+
+	optional_policy(`dmidecode.te',`
+		dmidecode_domtrans(unconfined_t)
+	')
+
+	optional_policy(`firstboot.te',`
+		firstboot_domtrans(unconfined_t)
 	')

 	optional_policy(`lpd.te',`
@ -50,6 +64,10 @@ ifdef(`targeted_policy',`
 		modutils_domtrans_update_mods(unconfined_t)
 	')

+	optional_policy(`portmap.te',`
+		portmap_domtrans_helper(unconfined_t)
+	')
+
 	optional_policy(`postfix.te',`
 		postfix_domtrans_map(unconfined_t)
 	')
@ -60,6 +78,7 @@ ifdef(`targeted_policy',`

 	optional_policy(`samba.te',`
 		samba_domtrans_net(unconfined_t)
+		samba_domtrans_winbind_helper(unconfined_t)
 	')

 	optional_policy(`su.te',`