Merge pull request #166 from dburgener/remove-unused-requires
This commit is contained in:
Chris PeBenito
commit
a6576234c8
@ -13,7 +13,6 @@
|
||||
template(`cfengine_domain_template',`
|
||||
gen_require(`
|
||||
attribute cfengine_domain;
|
||||
type cfengine_log_t, cfengine_var_lib_t;
|
||||
')
|
||||
|
||||
########################################
|
||||
|
||||
@ -67,8 +67,8 @@ interface(`fakehwclock_run',`
|
||||
#
|
||||
interface(`fakehwclock_admin',`
|
||||
gen_require(`
|
||||
type fakehwclock_t, fakehwclock_exec_t, fakehwclock_backup_t;
|
||||
type fakehwclock_initrc_exec_t, fakehwclock_unit_t;
|
||||
type fakehwclock_t, fakehwclock_backup_t, fakehwclock_initrc_exec_t;
|
||||
type fakehwclock_unit_t;
|
||||
')
|
||||
|
||||
admin_process_pattern($1, fakehwclock_t)
|
||||
|
||||
@ -17,8 +17,8 @@
|
||||
#
|
||||
template(`kismet_role',`
|
||||
gen_require(`
|
||||
type kismet_exec_t, kismet_home_t, kismet_tmp_t;
|
||||
type kismet_tmpfs_t, kismet_t;
|
||||
type kismet_home_t, kismet_tmp_t, kismet_tmpfs_t;
|
||||
type kismet_t;
|
||||
')
|
||||
|
||||
kismet_run($1, $2)
|
||||
|
||||
@ -37,7 +37,6 @@ interface(`tboot_domtrans_txtstat',`
|
||||
#
|
||||
interface(`tboot_run_txtstat',`
|
||||
gen_require(`
|
||||
type txtstat_t;
|
||||
attribute_role txtstat_roles;
|
||||
')
|
||||
|
||||
|
||||
@ -21,7 +21,6 @@ interface(`chromium_role',`
|
||||
type chromium_renderer_t;
|
||||
type chromium_sandbox_t;
|
||||
type chromium_naclhelper_t;
|
||||
type chromium_exec_t;
|
||||
class dbus send_msg;
|
||||
')
|
||||
|
||||
|
||||
@ -117,7 +117,7 @@ interface(`evolution_home_filetrans',`
|
||||
#
|
||||
interface(`evolution_read_home_files',`
|
||||
gen_require(`
|
||||
type evolution_t, evolution_home_t;
|
||||
type evolution_home_t;
|
||||
')
|
||||
|
||||
read_files_pattern($1, evolution_home_t, evolution_home_t)
|
||||
|
||||
@ -20,7 +20,7 @@ interface(`uml_role',`
|
||||
attribute_role uml_roles;
|
||||
type uml_t, uml_exec_t;
|
||||
type uml_ro_t, uml_rw_t, uml_tmp_t;
|
||||
type uml_devpts_t, uml_tmpfs_t;
|
||||
type uml_tmpfs_t;
|
||||
')
|
||||
|
||||
roleattribute $1 uml_roles;
|
||||
|
||||
@ -25,7 +25,7 @@ template(`userhelper_role_template',`
|
||||
gen_require(`
|
||||
attribute userhelper_type, consolehelper_type;
|
||||
attribute_role userhelper_roles, consolehelper_roles;
|
||||
type userhelper_exec_t, consolehelper_exec_t, userhelper_conf_t;
|
||||
type userhelper_exec_t, consolehelper_exec_t;
|
||||
')
|
||||
|
||||
########################################
|
||||
|
||||
@ -249,10 +249,6 @@ interface(`corecmd_dontaudit_write_bin_files',`
|
||||
interface(`corecmd_read_bin_symlinks',`
|
||||
refpolicywarn(`$0() has been deprecated, please use corecmd_search_bin() instead.')
|
||||
|
||||
gen_require(`
|
||||
type bin_t;
|
||||
')
|
||||
|
||||
corecmd_search_bin($1)
|
||||
')
|
||||
|
||||
@ -491,7 +487,7 @@ interface(`corecmd_bin_domtrans',`
|
||||
#
|
||||
interface(`corecmd_check_exec_shell',`
|
||||
gen_require(`
|
||||
type bin_t, shell_exec_t;
|
||||
type shell_exec_t;
|
||||
')
|
||||
|
||||
corecmd_list_bin($1)
|
||||
@ -528,7 +524,7 @@ interface(`corecmd_check_exec_shell',`
|
||||
#
|
||||
interface(`corecmd_exec_shell',`
|
||||
gen_require(`
|
||||
type bin_t, shell_exec_t;
|
||||
type shell_exec_t;
|
||||
')
|
||||
|
||||
corecmd_list_bin($1)
|
||||
@ -566,7 +562,7 @@ interface(`corecmd_exec_shell',`
|
||||
#
|
||||
interface(`corecmd_shell_spec_domtrans',`
|
||||
gen_require(`
|
||||
type bin_t, shell_exec_t;
|
||||
type shell_exec_t;
|
||||
')
|
||||
|
||||
corecmd_list_bin($1)
|
||||
|
||||
@ -1967,7 +1967,7 @@ interface(`dev_setattr_dri_dev',`
|
||||
#
|
||||
interface(`dev_ioctl_dri_dev',`
|
||||
gen_require(`
|
||||
type device_t, dri_device_t;
|
||||
type dri_device_t;
|
||||
')
|
||||
|
||||
allow $1 dri_device_t:chr_file ioctl;
|
||||
@ -2791,7 +2791,7 @@ interface(`dev_write_raw_memory',`
|
||||
#
|
||||
interface(`dev_rx_raw_memory',`
|
||||
gen_require(`
|
||||
type device_t, memory_device_t;
|
||||
type memory_device_t;
|
||||
')
|
||||
|
||||
dev_read_raw_memory($1)
|
||||
@ -2810,7 +2810,7 @@ interface(`dev_rx_raw_memory',`
|
||||
#
|
||||
interface(`dev_wx_raw_memory',`
|
||||
gen_require(`
|
||||
type device_t, memory_device_t;
|
||||
type memory_device_t;
|
||||
')
|
||||
|
||||
dev_write_raw_memory($1)
|
||||
@ -5002,7 +5002,7 @@ interface(`dev_rw_vmware',`
|
||||
#
|
||||
interface(`dev_rwx_vmware',`
|
||||
gen_require(`
|
||||
type device_t, vmware_device_t;
|
||||
type vmware_device_t;
|
||||
')
|
||||
|
||||
dev_rw_vmware($1)
|
||||
|
||||
@ -407,7 +407,6 @@ interface(`files_poly_member_tmp',`
|
||||
interface(`files_tmp_file',`
|
||||
gen_require(`
|
||||
attribute tmpfile;
|
||||
type tmp_t;
|
||||
')
|
||||
|
||||
files_type($1)
|
||||
|
||||
@ -1347,7 +1347,7 @@ interface(`kernel_getattr_message_if',`
|
||||
#
|
||||
interface(`kernel_dontaudit_getattr_message_if',`
|
||||
gen_require(`
|
||||
type proc_kmsg_t, proc_t;
|
||||
type proc_kmsg_t;
|
||||
')
|
||||
|
||||
dontaudit $1 proc_kmsg_t:file getattr;
|
||||
|
||||
@ -84,7 +84,6 @@ interface(`term_login_pty',`
|
||||
interface(`term_tty',`
|
||||
gen_require(`
|
||||
attribute ttynode, serial_device;
|
||||
type tty_device_t;
|
||||
')
|
||||
|
||||
typeattribute $1 ttynode, serial_device;
|
||||
|
||||
@ -1088,7 +1088,7 @@ interface(`apache_domtrans_all_scripts',`
|
||||
#
|
||||
interface(`apache_run_all_scripts',`
|
||||
gen_require(`
|
||||
attribute httpd_exec_scripts, httpd_script_domains;
|
||||
attribute httpd_script_domains;
|
||||
')
|
||||
|
||||
role $2 types httpd_script_domains;
|
||||
@ -1310,7 +1310,7 @@ interface(`apache_delete_lib_files',`
|
||||
#
|
||||
interface(`apache_cgi_domain',`
|
||||
gen_require(`
|
||||
type httpd_t, httpd_sys_script_exec_t;
|
||||
type httpd_t;
|
||||
')
|
||||
|
||||
domtrans_pattern(httpd_t, $2, $1)
|
||||
|
||||
@ -30,7 +30,7 @@ interface(`openct_signull',`
|
||||
#
|
||||
interface(`openct_exec',`
|
||||
gen_require(`
|
||||
type openct_t, openct_exec_t;
|
||||
type openct_exec_t;
|
||||
')
|
||||
|
||||
corecmd_search_bin($1)
|
||||
|
||||
@ -563,7 +563,6 @@ interface(`postgresql_unconfined',`
|
||||
interface(`postgresql_admin',`
|
||||
gen_require(`
|
||||
attribute sepgsql_admin_type;
|
||||
attribute sepgsql_client_type;
|
||||
|
||||
type postgresql_t, postgresql_runtime_t;
|
||||
type postgresql_tmp_t, postgresql_db_t;
|
||||
|
||||
@ -301,8 +301,7 @@ template(`ssh_role_template',`
|
||||
gen_require(`
|
||||
attribute ssh_server, ssh_agent_type;
|
||||
|
||||
type ssh_t, ssh_exec_t, ssh_tmpfs_t, ssh_home_t;
|
||||
type ssh_agent_exec_t, ssh_keysign_t, ssh_tmpfs_t;
|
||||
type ssh_t, ssh_exec_t, ssh_home_t, ssh_agent_exec_t;
|
||||
type ssh_agent_tmp_t;
|
||||
')
|
||||
|
||||
|
||||
@ -1016,7 +1016,6 @@ interface(`virt_search_images',`
|
||||
#
|
||||
interface(`virt_read_images',`
|
||||
gen_require(`
|
||||
type virt_var_lib_t;
|
||||
attribute virt_image_type;
|
||||
')
|
||||
|
||||
@ -1096,7 +1095,6 @@ interface(`virt_manage_virt_cache',`
|
||||
#
|
||||
interface(`virt_manage_images',`
|
||||
gen_require(`
|
||||
type virt_var_lib_t;
|
||||
attribute virt_image_type;
|
||||
')
|
||||
|
||||
|
||||
@ -337,7 +337,6 @@ interface(`xserver_non_drawing_client',`
|
||||
template(`xserver_common_x_domain_template',`
|
||||
gen_require(`
|
||||
type root_xdrawable_t;
|
||||
type xproperty_t, $1_xproperty_t;
|
||||
type xevent_t, client_xevent_t;
|
||||
type input_xevent_t, $1_input_xevent_t;
|
||||
|
||||
|
||||
@ -3284,11 +3284,6 @@ interface(`init_reload_all_units',`
|
||||
## </param>
|
||||
#
|
||||
interface(`init_admin',`
|
||||
gen_require(`
|
||||
type initrc_exec_t;
|
||||
class service status;
|
||||
')
|
||||
|
||||
dev_manage_null_service($1)
|
||||
init_disable($1)
|
||||
init_enable($1)
|
||||
|
||||
@ -158,7 +158,6 @@ interface(`iptables_etc_filetrans_config',`
|
||||
interface(`iptables_manage_config',`
|
||||
gen_require(`
|
||||
type iptables_conf_t;
|
||||
type etc_t;
|
||||
')
|
||||
|
||||
files_search_etc($1)
|
||||
|
||||
@ -1290,7 +1290,7 @@ interface(`logging_admin_syslog',`
|
||||
type syslogd_t, klogd_t, syslog_conf_t;
|
||||
type syslogd_tmp_t, syslogd_var_lib_t;
|
||||
type syslogd_runtime_t, klogd_runtime_t;
|
||||
type klogd_tmp_t, var_log_t;
|
||||
type klogd_tmp_t;
|
||||
type syslogd_initrc_exec_t, syslogd_unit_t;
|
||||
')
|
||||
|
||||
|
||||
@ -841,7 +841,6 @@ interface(`miscfiles_read_tetex_data',`
|
||||
#
|
||||
interface(`miscfiles_exec_tetex_data',`
|
||||
gen_require(`
|
||||
type fonts_t;
|
||||
type tetex_data_t;
|
||||
')
|
||||
|
||||
|
||||
@ -211,7 +211,7 @@ interface(`seutil_run_newrole',`
|
||||
#
|
||||
interface(`seutil_exec_newrole',`
|
||||
gen_require(`
|
||||
type newrole_t, newrole_exec_t;
|
||||
type newrole_exec_t;
|
||||
')
|
||||
|
||||
files_search_usr($1)
|
||||
|
||||
@ -727,9 +727,6 @@ interface(`sysnet_dhcp_state_filetrans',`
|
||||
## <rolecap/>
|
||||
#
|
||||
interface(`sysnet_dns_name_resolve',`
|
||||
gen_require(`
|
||||
type net_conf_t;
|
||||
')
|
||||
|
||||
allow $1 self:tcp_socket create_socket_perms;
|
||||
allow $1 self:udp_socket create_socket_perms;
|
||||
@ -781,9 +778,6 @@ interface(`sysnet_dns_name_resolve',`
|
||||
## </param>
|
||||
#
|
||||
interface(`sysnet_use_ldap',`
|
||||
gen_require(`
|
||||
type net_conf_t;
|
||||
')
|
||||
|
||||
allow $1 self:tcp_socket create_socket_perms;
|
||||
|
||||
@ -812,9 +806,6 @@ interface(`sysnet_use_ldap',`
|
||||
## </param>
|
||||
#
|
||||
interface(`sysnet_use_portmap',`
|
||||
gen_require(`
|
||||
type net_conf_t;
|
||||
')
|
||||
|
||||
allow $1 self:tcp_socket create_socket_perms;
|
||||
allow $1 self:udp_socket create_socket_perms;
|
||||
|
||||
@ -2312,7 +2312,7 @@ interface(`userdom_manage_user_home_content_files',`
|
||||
#
|
||||
interface(`userdom_dontaudit_manage_user_home_content_dirs',`
|
||||
gen_require(`
|
||||
type user_home_dir_t, user_home_t;
|
||||
type user_home_t;
|
||||
')
|
||||
|
||||
dontaudit $1 user_home_t:dir manage_dir_perms;
|
||||
@ -3577,7 +3577,7 @@ interface(`userdom_pid_filetrans_user_runtime_root',`
|
||||
#
|
||||
interface(`userdom_user_runtime_filetrans',`
|
||||
gen_require(`
|
||||
type user_runtime_root_t, user_runtime_t;
|
||||
type user_runtime_t;
|
||||
')
|
||||
|
||||
filetrans_pattern($1, user_runtime_t, $2, $3, $4)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user