Patch to start deprecating usercanread attribute from Ryan Bradetich.

Changelog

@@ -1,3 +1,4 @@
+- Patch to start deprecating usercanread attribute from Ryan Bradetich.
 - Add dccp_socket object class which was added in kernel 2.6.20.
 - Patch for prelink relabefrom it's temp files from Dan Walsh.
 - Patch for capability fix for auditd and networking fix for syslogd from

policy/modules/kernel/files.if

@@ -110,14 +110,7 @@ interface(`files_pid_file',`
 ## </param>
 #
 interface(`files_config_file',`
-	gen_require(`
-		attribute usercanread;
-	')
-
 	files_type($1)
-
-	# this is a hack and should be removed.
-	typeattribute $1 usercanread;
 ')
 
 ########################################

policy/modules/kernel/files.te

@@ -1,5 +1,5 @@
 
-policy_module(files,1.4.1)
+policy_module(files,1.4.2)
 
 ########################################
 #
@@ -30,7 +30,9 @@ attribute security_file_type;
 attribute tmpfile;
 attribute tmpfsfile;
 
-# this is a hack and should be changed
+# this attribute is not currently used and will be removed in the future.
+# unfortunately, this attribute can not be removed yet because it may cause
+# some policies to fail to link if it is still required.
 attribute usercanread;
 
 #