Change behavior of init_run_daemon()

Callers on init_run_daemon() role and domain transition on all
init_script_file_type to system_r and initrc_t respectively.

The old behavior of role and domain transitioning on init daemon entry
files was causing problems with programs that can be run both by system
and session.

Signed-off-by: Dominick Grift <dominick.grift@gmail.com>

policy/modules/system/init.if

@@ -193,7 +193,6 @@ interface(`init_ranged_domain',`
 #
 interface(`init_daemon_domain',`
 	gen_require(`
-		attribute direct_run_init, direct_init, direct_init_entry;
 		type initrc_t;
 		role system_r;
 		attribute daemon;
@@ -218,12 +217,6 @@ interface(`init_daemon_domain',`
 	init_use_script_ptys($1)
 
 	ifdef(`direct_sysadm_daemon',`
-		domtrans_pattern(direct_run_init, $2, $1)
-		allow direct_run_init $1:process { noatsecure siginh rlimitinh };
-
-		typeattribute $1 direct_init;
-		typeattribute $2 direct_init_entry;
-
 		userdom_dontaudit_use_user_terminals($1)
 	')
 
@@ -984,14 +977,14 @@ interface(`init_all_labeled_script_domtrans',`
 #
 interface(`init_run_daemon',`
 	gen_require(`
-		attribute direct_run_init, direct_init, direct_init_entry;
+                attribute init_script_file_type;
 		role system_r;
 	')
 
-	typeattribute $1 direct_run_init;
-
 	allow $2 system_r;
-	role_transition $2 direct_init_entry system_r;
+
+        init_all_labeled_script_domtrans($1)
+        role_transition $2 init_script_file_type system_r;
 ')
 
 ########################################

policy/modules/system/init.te

@@ -16,12 +16,6 @@ gen_require(`
 ## </desc>
 gen_tunable(init_upstart, false)
 
-# used for direct running of init scripts
-# by admin domains
-attribute direct_run_init;
-attribute direct_init;
-attribute direct_init_entry;
-
 attribute init_script_domain_type;
 attribute init_script_file_type;
 attribute init_run_all_scripts_domain;