From 329138beba00f07c61ee5f392bf58f0dfe968e6d Mon Sep 17 00:00:00 2001
From: Dominick Grift <domg472@gmail.com>
Date: Wed, 22 Sep 2010 17:32:39 +0200
Subject: [PATCH] Move oident manage and relabel home content interfaces to
 common user template.

Signed-off-by: Dominick Grift <domg472@gmail.com>
---
 policy/modules/roles/staff.te       | 5 -----
 policy/modules/roles/sysadm.te      | 5 -----
 policy/modules/roles/unprivuser.te  | 5 -----
 policy/modules/system/userdomain.if | 5 +++++
 4 files changed, 5 insertions(+), 15 deletions(-)

diff --git a/policy/modules/roles/staff.te b/policy/modules/roles/staff.te
index 185400290..089acb7d2 100644
--- a/policy/modules/roles/staff.te
+++ b/policy/modules/roles/staff.te
@@ -26,11 +26,6 @@ optional_policy(`
 	dbadm_role_change(staff_r)
 ')
 
-optional_policy(`
-	oident_manage_user_content(staff_t)
-	oident_relabel_user_content(staff_t)
-')
-
 optional_policy(`
 	postgresql_role(staff_r, staff_t)
 ')
diff --git a/policy/modules/roles/sysadm.te b/policy/modules/roles/sysadm.te
index 2a19751f2..88ecccfc1 100644
--- a/policy/modules/roles/sysadm.te
+++ b/policy/modules/roles/sysadm.te
@@ -235,11 +235,6 @@ optional_policy(`
 	oav_run_update(sysadm_t, sysadm_r)
 ')
 
-optional_policy(`
-	oident_manage_user_content(sysadm_t)
-	oident_relabel_user_content(sysadm_t)
-')
-
 optional_policy(`
 	pcmcia_run_cardctl(sysadm_t, sysadm_r)
 ')
diff --git a/policy/modules/roles/unprivuser.te b/policy/modules/roles/unprivuser.te
index 9b55b0047..738c59be3 100644
--- a/policy/modules/roles/unprivuser.te
+++ b/policy/modules/roles/unprivuser.te
@@ -16,11 +16,6 @@ optional_policy(`
 	apache_role(user_r, user_t)
 ')
 
-optional_policy(`
-	oident_manage_user_content(user_t)
-	oident_relabel_user_content(user_t)
-')
-
 optional_policy(`
 	screen_role_template(user, user_r, user_t)
 ')
diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index 2aa8928ed..b575eddf1 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -641,6 +641,11 @@ template(`userdom_common_user_template',`
 		')
 	')
 
+	optional_policy(`
+		oident_manage_user_content($1_t)
+		oident_relabel_user_content($1_t)
+	')
+
 	optional_policy(`
 		# to allow monitoring of pcmcia status
 		pcmcia_read_pid($1_t)