* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/xdg/, policy/modules/contrib/, ...
@ 2012-11-01 20:24 Sven Vermeulen
0 siblings, 0 replies; only message in thread
From: Sven Vermeulen @ 2012-11-01 20:24 UTC (permalink / raw
To: gentoo-commits
commit: 6bb07e2ca4908674c7d262a5d6f558922a45f3b4
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Thu Nov 1 20:21:48 2012 +0000
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Thu Nov 1 20:21:48 2012 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=6bb07e2c
Remove tryouts for auto-generation of interfaces, will use segenif now
---
policy/modules/contrib/chromium.autogen | 9 -----
.../chromium/chromium_domtrans.autogen.iface | 19 ----------
policy/modules/contrib/chromium/chromium_role.part | 34 ------------------
.../contrib/chromium/chromium_run.autogen.iface | 23 ------------
.../contrib/chromium/chromium_rw_tmp_pipes.part | 17 ---------
.../contrib/chromium/chromium_tmp_filetrans.part | 29 ---------------
policy/modules/contrib/flash.autogen | 4 --
.../modules/contrib/flash/flash_manage_home.part | 18 ---------
.../modules/contrib/flash/flash_relabel_home.part | 18 ---------
policy/modules/contrib/xdg.autogen | 4 --
.../contrib/xdg/xdg_cache_home_content.part | 20 -----------
.../contrib/xdg/xdg_cache_home_filetrans.part | 37 --------------------
.../contrib/xdg/xdg_config_home_content.part | 20 -----------
.../contrib/xdg/xdg_config_home_filetrans.part | 37 --------------------
.../modules/contrib/xdg/xdg_data_home_content.part | 20 -----------
.../contrib/xdg/xdg_data_home_filetrans.part | 37 --------------------
.../contrib/xdg/xdg_manage_all_cache_home.part | 24 -------------
.../contrib/xdg/xdg_manage_all_config_home.part | 24 -------------
.../contrib/xdg/xdg_manage_all_data_home.part | 24 -------------
.../contrib/xdg/xdg_manage_all_runtime_home.part | 24 -------------
.../contrib/xdg/xdg_manage_downloads_home.part | 18 ---------
.../contrib/xdg/xdg_manage_generic_cache_home.part | 24 -------------
.../xdg/xdg_manage_generic_config_home.part | 24 -------------
.../contrib/xdg/xdg_manage_generic_data_home.part | 24 -------------
.../xdg/xdg_manage_generic_runtime_home.part | 24 -------------
.../contrib/xdg/xdg_manage_videos_home.part | 18 ---------
.../contrib/xdg/xdg_read_all_cache_home_files.part | 20 -----------
.../xdg/xdg_read_all_config_home_files.part | 20 -----------
.../contrib/xdg/xdg_read_all_data_home_files.part | 20 -----------
.../xdg/xdg_read_all_runtime_home_files.part | 20 -----------
.../xdg/xdg_read_generic_cache_home_files.part | 21 -----------
.../xdg/xdg_read_generic_config_home_files.part | 21 -----------
.../xdg/xdg_read_generic_data_home_files.part | 21 -----------
.../xdg/xdg_read_generic_runtime_home_files.part | 21 -----------
.../contrib/xdg/xdg_relabel_all_cache_home.part | 24 -------------
.../contrib/xdg/xdg_relabel_all_config_home.part | 24 -------------
.../contrib/xdg/xdg_relabel_all_data_home.part | 24 -------------
.../contrib/xdg/xdg_relabel_all_runtime_home.part | 24 -------------
.../xdg/xdg_relabel_generic_cache_home.part | 24 -------------
.../xdg/xdg_relabel_generic_config_home.part | 24 -------------
.../contrib/xdg/xdg_relabel_generic_data_home.part | 24 -------------
.../xdg/xdg_relabel_generic_runtime_home.part | 24 -------------
.../contrib/xdg/xdg_runtime_home_content.part | 20 -----------
.../contrib/xdg/xdg_runtime_home_filetrans.part | 37 --------------------
44 files changed, 0 insertions(+), 987 deletions(-)
diff --git a/policy/modules/contrib/chromium.autogen b/policy/modules/contrib/chromium.autogen
deleted file mode 100644
index aeac21e..0000000
--- a/policy/modules/contrib/chromium.autogen
+++ /dev/null
@@ -1,9 +0,0 @@
-MODULE=chromium
-SUBDOMAINS=
-DESCRIPTION=Chromium browser
-
-chromium.DOMAIN=chromium_t
-chromium.EXEC=chromium_exec_t
-
-chromium.GENTYPES=
-chromium.METHODS=domtrans
diff --git a/policy/modules/contrib/chromium/chromium_domtrans.autogen.iface b/policy/modules/contrib/chromium/chromium_domtrans.autogen.iface
deleted file mode 100644
index 8652e30..0000000
--- a/policy/modules/contrib/chromium/chromium_domtrans.autogen.iface
+++ /dev/null
@@ -1,19 +0,0 @@
-#######################################
-## <summary>
-## Execute a domain transition to the chromium domain (chromium_t)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access
-## </summary>
-## </param>
-#
-interface(`chromium_domtrans',`
- gen_require(`
- type chromium_t;
- type chromium_exec_t;
- ')
-
- corecmd_search_bin($1)
- domtrans_pattern($1, chromium_exec_t, chromium_t)
-')
diff --git a/policy/modules/contrib/chromium/chromium_role.part b/policy/modules/contrib/chromium/chromium_role.part
deleted file mode 100644
index ecb4783..0000000
--- a/policy/modules/contrib/chromium/chromium_role.part
+++ /dev/null
@@ -1,34 +0,0 @@
-#######################################
-## <summary>
-## Role access for chromium
-## </summary>
-## <param name="role">
-## <summary>
-## Role allowed access
-## </summary>
-## </param>
-## <param name="domain">
-## <summary>
-## User domain for the role
-## </summary>
-## </param>
-#
-interface(`chromium_role',`
- gen_require(`
- type chromium_t;
- type chromium_renderer_t;
- type chromium_exec_t;
- ')
-
- role $1 types chromium_t;
- role $1 types chromium_renderer_t;
-
- # Transition from the user domain to the derived domain
- chromium_domtrans($2)
-
- # Allow ps to show chromium processes and allow the user to signal it
- ps_process_pattern($2, chromium_t)
- ps_process_pattern($2, chromium_renderer_t)
- allow $2 chromium_t:process signal_perms;
- allow $2 chromium_renderer_t:process signal_perms;
-')
diff --git a/policy/modules/contrib/chromium/chromium_run.autogen.iface b/policy/modules/contrib/chromium/chromium_run.autogen.iface
deleted file mode 100644
index c737b3f..0000000
--- a/policy/modules/contrib/chromium/chromium_run.autogen.iface
+++ /dev/null
@@ -1,23 +0,0 @@
-#######################################
-## <summary>
-## Execute chromium in the chromium domain and allow the specified role to access the chromium domain
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access
-## </summary>
-## </param>
-## <param name="role">
-## <summary>
-## Role allowed access
-## </summary>
-## </param>
-#
-interface(`chromium_run',`
- gen_require(`
- type chromium_t;
- ')
-
- chromium_domtrans($1)
- role $2 types chromium_t;
-')
diff --git a/policy/modules/contrib/chromium/chromium_rw_tmp_pipes.part b/policy/modules/contrib/chromium/chromium_rw_tmp_pipes.part
deleted file mode 100644
index 9d35d25..0000000
--- a/policy/modules/contrib/chromium/chromium_rw_tmp_pipes.part
+++ /dev/null
@@ -1,17 +0,0 @@
-#######################################
-## <summary>
-## Read-write access to Chromiums' temporary fifo files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access
-## </summary>
-## </param>
-#
-interface(`chromium_rw_tmp_pipes',`
- gen_require(`
- type chromium_tmp_t;
- ')
-
- rw_fifo_files_pattern($1, chromium_tmp_t, chromium_tmp_t)
-')
diff --git a/policy/modules/contrib/chromium/chromium_tmp_filetrans.part b/policy/modules/contrib/chromium/chromium_tmp_filetrans.part
deleted file mode 100644
index 88081cf..0000000
--- a/policy/modules/contrib/chromium/chromium_tmp_filetrans.part
+++ /dev/null
@@ -1,29 +0,0 @@
-##############################################
-## <summary>
-## Automatically use the specified type for resources created in chromium's
-## temporary locations
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain that creates the resource(s)
-## </summary>
-## </param>
-## <param name="class">
-## <summary>
-## Type of the resource created
-## </summary>
-## </param>
-## <param name="filename" optional="true">
-## <summary>
-## The name of the resource being created
-## </summary>
-## </param>
-#
-interface(`chromium_tmp_filetrans',`
- gen_require(`
- type chromium_tmp_t;
- ')
-
- search_dirs_pattern($1, chromium_tmp_t, chromium_tmp_t)
- filetrans_pattern($1, chromium_tmp_t, $2, $3, $4)
-')
diff --git a/policy/modules/contrib/flash.autogen b/policy/modules/contrib/flash.autogen
deleted file mode 100644
index 5e64153..0000000
--- a/policy/modules/contrib/flash.autogen
+++ /dev/null
@@ -1,4 +0,0 @@
-MODULE=flash
-SUBDOMAINS=
-DESCRIPTION=Flash player
-
diff --git a/policy/modules/contrib/flash/flash_manage_home.part b/policy/modules/contrib/flash/flash_manage_home.part
deleted file mode 100644
index d190e0f..0000000
--- a/policy/modules/contrib/flash/flash_manage_home.part
+++ /dev/null
@@ -1,18 +0,0 @@
-#####################################
-## <summary>
-## Manage the Flash player home files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access
-## </summary>
-## </param>
-#
-interface(`flash_manage_home',`
- gen_require(`
- type flash_home_t;
- ')
-
- manage_files_pattern($1, flash_home_t, flash_home_t)
- manage_dirs_pattern($1, flash_home_t, flash_home_t)
-')
diff --git a/policy/modules/contrib/flash/flash_relabel_home.part b/policy/modules/contrib/flash/flash_relabel_home.part
deleted file mode 100644
index 1704fc1..0000000
--- a/policy/modules/contrib/flash/flash_relabel_home.part
+++ /dev/null
@@ -1,18 +0,0 @@
-####################################
-## <summary>
-## Relabel the flash home resources
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access
-## </summary>
-## </param>
-#
-interface(`flash_relabel_home',`
- gen_require(`
- type flash_home_t;
- ')
-
- relabel_files_pattern($1, flash_home_t, flash_home_t)
- relabel_dirs_pattern($1, flash_home_t, flash_home_t)
-')
diff --git a/policy/modules/contrib/xdg.autogen b/policy/modules/contrib/xdg.autogen
deleted file mode 100644
index 073e71c..0000000
--- a/policy/modules/contrib/xdg.autogen
+++ /dev/null
@@ -1,4 +0,0 @@
-MODULE=xdg
-SUBDOMAINS=
-DESCRIPTION=XDG Desktop Standard locations
-
diff --git a/policy/modules/contrib/xdg/xdg_cache_home_content.part b/policy/modules/contrib/xdg/xdg_cache_home_content.part
deleted file mode 100644
index b7d8996..0000000
--- a/policy/modules/contrib/xdg/xdg_cache_home_content.part
+++ /dev/null
@@ -1,20 +0,0 @@
-
-########################################
-## <summary>
-## Mark the selected type as an xdg_cache_home_type
-## </summary>
-## <param name="type">
-## <summary>
-## Type to give the xdg_cache_home_type attribute to
-## </summary>
-## </param>
-#
-interface(`xdg_cache_home_content',`
- gen_require(`
- attribute xdg_cache_home_type;
- ')
-
- typeattribute $1 xdg_cache_home_type;
-
- userdom_user_home_content($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_cache_home_filetrans.part b/policy/modules/contrib/xdg/xdg_cache_home_filetrans.part
deleted file mode 100644
index 752431f..0000000
--- a/policy/modules/contrib/xdg/xdg_cache_home_filetrans.part
+++ /dev/null
@@ -1,37 +0,0 @@
-
-########################################
-## <summary>
-## Create objects in an xdg_cache_home directory
-## with an automatic type transition to
-## a specified private type.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="private_type">
-## <summary>
-## The type of the object to create.
-## </summary>
-## </param>
-## <param name="object_class">
-## <summary>
-## The class of the object to be created.
-## </summary>
-## </param>
-## <param name="filename" optional="true">
-## <summary>
-## Name of the file or directory created
-## </summary>
-## </param>
-#
-interface(`xdg_cache_home_filetrans',`
- gen_require(`
- type xdg_cache_home_t;
- ')
-
- userdom_search_user_home_dirs($1)
-
- filetrans_pattern($1, xdg_cache_home_t, $2, $3, $4)
-')
diff --git a/policy/modules/contrib/xdg/xdg_config_home_content.part b/policy/modules/contrib/xdg/xdg_config_home_content.part
deleted file mode 100644
index 83664e5..0000000
--- a/policy/modules/contrib/xdg/xdg_config_home_content.part
+++ /dev/null
@@ -1,20 +0,0 @@
-
-########################################
-## <summary>
-## Mark the selected type as an xdg_config_home_type
-## </summary>
-## <param name="type">
-## <summary>
-## Type to give the xdg_config_home_type attribute to
-## </summary>
-## </param>
-#
-interface(`xdg_config_home_content',`
- gen_require(`
- attribute xdg_config_home_type;
- ')
-
- typeattribute $1 xdg_config_home_type;
-
- userdom_user_home_content($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_config_home_filetrans.part b/policy/modules/contrib/xdg/xdg_config_home_filetrans.part
deleted file mode 100644
index 91da7b8..0000000
--- a/policy/modules/contrib/xdg/xdg_config_home_filetrans.part
+++ /dev/null
@@ -1,37 +0,0 @@
-
-########################################
-## <summary>
-## Create objects in an xdg_config_home directory
-## with an automatic type transition to
-## a specified private type.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="private_type">
-## <summary>
-## The type of the object to create.
-## </summary>
-## </param>
-## <param name="object_class">
-## <summary>
-## The class of the object to be created.
-## </summary>
-## </param>
-## <param name="filename" optional="true">
-## <summary>
-## Name of the file or directory created
-## </summary>
-## </param>
-#
-interface(`xdg_config_home_filetrans',`
- gen_require(`
- type xdg_config_home_t;
- ')
-
- userdom_search_user_home_dirs($1)
-
- filetrans_pattern($1, xdg_config_home_t, $2, $3, $4)
-')
diff --git a/policy/modules/contrib/xdg/xdg_data_home_content.part b/policy/modules/contrib/xdg/xdg_data_home_content.part
deleted file mode 100644
index a9f13e7..0000000
--- a/policy/modules/contrib/xdg/xdg_data_home_content.part
+++ /dev/null
@@ -1,20 +0,0 @@
-
-########################################
-## <summary>
-## Mark the selected type as an xdg_data_home_type
-## </summary>
-## <param name="type">
-## <summary>
-## Type to give the xdg_data_home_type attribute to
-## </summary>
-## </param>
-#
-interface(`xdg_data_home_content',`
- gen_require(`
- attribute xdg_data_home_type;
- ')
-
- typeattribute $1 xdg_data_home_type;
-
- userdom_user_home_content($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_data_home_filetrans.part b/policy/modules/contrib/xdg/xdg_data_home_filetrans.part
deleted file mode 100644
index 39d9e82..0000000
--- a/policy/modules/contrib/xdg/xdg_data_home_filetrans.part
+++ /dev/null
@@ -1,37 +0,0 @@
-
-########################################
-## <summary>
-## Create objects in an xdg_data_home directory
-## with an automatic type transition to
-## a specified private type.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="private_type">
-## <summary>
-## The type of the object to create.
-## </summary>
-## </param>
-## <param name="object_class">
-## <summary>
-## The class of the object to be created.
-## </summary>
-## </param>
-## <param name="filename" optional="true">
-## <summary>
-## Optional name of the file or directory created
-## </summary>
-## </param>
-#
-interface(`xdg_data_home_filetrans',`
- gen_require(`
- type xdg_data_home_t;
- ')
-
- userdom_search_user_home_dirs($1)
-
- filetrans_pattern($1, xdg_data_home_t, $2, $3, $4)
-')
diff --git a/policy/modules/contrib/xdg/xdg_manage_all_cache_home.part b/policy/modules/contrib/xdg/xdg_manage_all_cache_home.part
deleted file mode 100644
index 388a80d..0000000
--- a/policy/modules/contrib/xdg/xdg_manage_all_cache_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Manage all the xdg cache home files regardless of their specific type
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_manage_all_cache_home',`
- gen_require(`
- attribute xdg_cache_home_type;
- ')
-
- manage_dirs_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
- manage_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
- manage_lnk_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
- manage_fifo_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
- manage_sock_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_manage_all_config_home.part b/policy/modules/contrib/xdg/xdg_manage_all_config_home.part
deleted file mode 100644
index 6504beb..0000000
--- a/policy/modules/contrib/xdg/xdg_manage_all_config_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Manage all the xdg config home files regardless of their specific type
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_manage_all_config_home',`
- gen_require(`
- attribute xdg_config_home_type;
- ')
-
- manage_dirs_pattern($1, xdg_config_home_type, xdg_config_home_type)
- manage_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
- manage_lnk_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
- manage_fifo_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
- manage_sock_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_manage_all_data_home.part b/policy/modules/contrib/xdg/xdg_manage_all_data_home.part
deleted file mode 100644
index fa2fded..0000000
--- a/policy/modules/contrib/xdg/xdg_manage_all_data_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Manage all the xdg data home files, regardless of their specific type
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_manage_all_data_home',`
- gen_require(`
- attribute xdg_data_home_type;
- ')
-
- manage_dirs_pattern($1, xdg_data_home_type, xdg_data_home_type)
- manage_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
- manage_lnk_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
- manage_fifo_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
- manage_sock_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_manage_all_runtime_home.part b/policy/modules/contrib/xdg/xdg_manage_all_runtime_home.part
deleted file mode 100644
index 39cc849..0000000
--- a/policy/modules/contrib/xdg/xdg_manage_all_runtime_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Manage all the xdg runtime home files, regardless of their specific type
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_manage_all_runtime_home',`
- gen_require(`
- attribute xdg_runtime_home_type;
- ')
-
- manage_dirs_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
- manage_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
- manage_lnk_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
- manage_fifo_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
- manage_sock_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
-
- files_search_pids($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_manage_downloads_home.part b/policy/modules/contrib/xdg/xdg_manage_downloads_home.part
deleted file mode 100644
index 126e115..0000000
--- a/policy/modules/contrib/xdg/xdg_manage_downloads_home.part
+++ /dev/null
@@ -1,18 +0,0 @@
-#########################################
-## <summary>
-## Manage downloaded content
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access
-## </summary>
-## </param>
-#
-interface(`xdg_manage_downloads_home',`
- gen_require(`
- type xdg_downloads_home_t;
- ')
-
- manage_dirs_pattern($1, xdg_downloads_home_t, xdg_downloads_home_t)
- manage_files_pattern($1, xdg_downloads_home_t, xdg_downloads_home_t)
-')
diff --git a/policy/modules/contrib/xdg/xdg_manage_generic_cache_home.part b/policy/modules/contrib/xdg/xdg_manage_generic_cache_home.part
deleted file mode 100644
index 0e3268b..0000000
--- a/policy/modules/contrib/xdg/xdg_manage_generic_cache_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Manage the xdg cache home files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_manage_generic_cache_home',`
- gen_require(`
- type xdg_cache_home_t;
- ')
-
- manage_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
- manage_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
- manage_lnk_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
- manage_fifo_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
- manage_sock_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_manage_generic_config_home.part b/policy/modules/contrib/xdg/xdg_manage_generic_config_home.part
deleted file mode 100644
index 6dce9df..0000000
--- a/policy/modules/contrib/xdg/xdg_manage_generic_config_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Manage the xdg config home files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_manage_generic_config_home',`
- gen_require(`
- type xdg_config_home_t;
- ')
-
- manage_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t)
- manage_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
- manage_lnk_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
- manage_fifo_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
- manage_sock_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_manage_generic_data_home.part b/policy/modules/contrib/xdg/xdg_manage_generic_data_home.part
deleted file mode 100644
index 5aa01d8..0000000
--- a/policy/modules/contrib/xdg/xdg_manage_generic_data_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Manage the xdg data home files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_manage_generic_data_home',`
- gen_require(`
- type xdg_data_home_t;
- ')
-
- manage_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t)
- manage_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
- manage_lnk_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
- manage_fifo_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
- manage_sock_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_manage_generic_runtime_home.part b/policy/modules/contrib/xdg/xdg_manage_generic_runtime_home.part
deleted file mode 100644
index 85c1554..0000000
--- a/policy/modules/contrib/xdg/xdg_manage_generic_runtime_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Manage the xdg runtime home files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_manage_generic_runtime_home',`
- gen_require(`
- type xdg_runtime_home_t;
- ')
-
- manage_dirs_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
- manage_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
- manage_lnk_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
- manage_fifo_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
- manage_sock_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
-
- files_search_pids($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_manage_videos_home.part b/policy/modules/contrib/xdg/xdg_manage_videos_home.part
deleted file mode 100644
index 5118d5d..0000000
--- a/policy/modules/contrib/xdg/xdg_manage_videos_home.part
+++ /dev/null
@@ -1,18 +0,0 @@
-#########################################
-## <summary>
-## Manage video content
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access
-## </summary>
-## </param>
-#
-interface(`xdg_manage_videos_home',`
- gen_require(`
- type xdg_videos_home_t;
- ')
-
- manage_dirs_pattern($1, xdg_videos_home_t, xdg_videos_home_t)
- manage_files_pattern($1, xdg_videos_home_t, xdg_videos_home_t)
-')
diff --git a/policy/modules/contrib/xdg/xdg_read_all_cache_home_files.part b/policy/modules/contrib/xdg/xdg_read_all_cache_home_files.part
deleted file mode 100644
index a9c6523..0000000
--- a/policy/modules/contrib/xdg/xdg_read_all_cache_home_files.part
+++ /dev/null
@@ -1,20 +0,0 @@
-
-########################################
-## <summary>
-## Read all xdg_cache_home_type files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_read_all_cache_home_files',`
- gen_require(`
- attribute xdg_cache_home_type;
- ')
-
- read_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_read_all_config_home_files.part b/policy/modules/contrib/xdg/xdg_read_all_config_home_files.part
deleted file mode 100644
index ae678b6..0000000
--- a/policy/modules/contrib/xdg/xdg_read_all_config_home_files.part
+++ /dev/null
@@ -1,20 +0,0 @@
-
-########################################
-## <summary>
-## Read all xdg_config_home_type files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_read_all_config_home_files',`
- gen_require(`
- attribute xdg_config_home_type;
- ')
-
- read_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_read_all_data_home_files.part b/policy/modules/contrib/xdg/xdg_read_all_data_home_files.part
deleted file mode 100644
index 3cfaf56..0000000
--- a/policy/modules/contrib/xdg/xdg_read_all_data_home_files.part
+++ /dev/null
@@ -1,20 +0,0 @@
-
-########################################
-## <summary>
-## Read all xdg_data_home_type files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_read_all_data_home_files',`
- gen_require(`
- attribute xdg_data_home_type;
- ')
-
- read_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_read_all_runtime_home_files.part b/policy/modules/contrib/xdg/xdg_read_all_runtime_home_files.part
deleted file mode 100644
index 14802cd..0000000
--- a/policy/modules/contrib/xdg/xdg_read_all_runtime_home_files.part
+++ /dev/null
@@ -1,20 +0,0 @@
-
-########################################
-## <summary>
-## Read all xdg_runtime_home_type files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_read_all_runtime_home_files',`
- gen_require(`
- attribute xdg_runtime_home_type;
- ')
-
- read_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
-
- files_search_pids($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_read_generic_cache_home_files.part b/policy/modules/contrib/xdg/xdg_read_generic_cache_home_files.part
deleted file mode 100644
index 74c76d8..0000000
--- a/policy/modules/contrib/xdg/xdg_read_generic_cache_home_files.part
+++ /dev/null
@@ -1,21 +0,0 @@
-
-########################################
-## <summary>
-## Read the xdg cache home files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_read_generic_cache_home_files',`
- gen_require(`
- type xdg_cache_home_t;
- ')
-
- read_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
- list_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_read_generic_config_home_files.part b/policy/modules/contrib/xdg/xdg_read_generic_config_home_files.part
deleted file mode 100644
index 1087a5f..0000000
--- a/policy/modules/contrib/xdg/xdg_read_generic_config_home_files.part
+++ /dev/null
@@ -1,21 +0,0 @@
-
-########################################
-## <summary>
-## Read the xdg config home files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_read_generic_config_home_files',`
- gen_require(`
- type xdg_config_home_t;
- ')
-
- read_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
- list_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_read_generic_data_home_files.part b/policy/modules/contrib/xdg/xdg_read_generic_data_home_files.part
deleted file mode 100644
index 82870a1..0000000
--- a/policy/modules/contrib/xdg/xdg_read_generic_data_home_files.part
+++ /dev/null
@@ -1,21 +0,0 @@
-
-########################################
-## <summary>
-## Read the xdg data home files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_read_generic_data_home_files',`
- gen_require(`
- type xdg_data_home_t;
- ')
-
- read_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
- list_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_read_generic_runtime_home_files.part b/policy/modules/contrib/xdg/xdg_read_generic_runtime_home_files.part
deleted file mode 100644
index 6c21442..0000000
--- a/policy/modules/contrib/xdg/xdg_read_generic_runtime_home_files.part
+++ /dev/null
@@ -1,21 +0,0 @@
-
-########################################
-## <summary>
-## Read the xdg runtime home files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_read_generic_runtime_home_files',`
- gen_require(`
- type xdg_runtime_home_t;
- ')
-
- read_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
- list_dirs_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
-
- files_search_pids($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_relabel_all_cache_home.part b/policy/modules/contrib/xdg/xdg_relabel_all_cache_home.part
deleted file mode 100644
index 2da6084..0000000
--- a/policy/modules/contrib/xdg/xdg_relabel_all_cache_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Allow relabeling the xdg cache home files, regardless of their specific type
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_relabel_all_cache_home',`
- gen_require(`
- attribute xdg_cache_home_type;
- ')
-
- relabel_dirs_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
- relabel_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
- relabel_lnk_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
- relabel_fifo_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
- relabel_sock_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_relabel_all_config_home.part b/policy/modules/contrib/xdg/xdg_relabel_all_config_home.part
deleted file mode 100644
index f80e513..0000000
--- a/policy/modules/contrib/xdg/xdg_relabel_all_config_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Allow relabeling the xdg config home files, regardless of their specific type
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_relabel_all_config_home',`
- gen_require(`
- attribute xdg_config_home_type;
- ')
-
- relabel_dirs_pattern($1, xdg_config_home_type, xdg_config_home_type)
- relabel_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
- relabel_lnk_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
- relabel_fifo_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
- relabel_sock_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_relabel_all_data_home.part b/policy/modules/contrib/xdg/xdg_relabel_all_data_home.part
deleted file mode 100644
index d8fa50b..0000000
--- a/policy/modules/contrib/xdg/xdg_relabel_all_data_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Allow relabeling the xdg data home files, regardless of their type
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_relabel_all_data_home',`
- gen_require(`
- attribute xdg_data_home_type;
- ')
-
- relabel_dirs_pattern($1, xdg_data_home_type, xdg_data_home_type)
- relabel_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
- relabel_lnk_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
- relabel_fifo_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
- relabel_sock_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_relabel_all_runtime_home.part b/policy/modules/contrib/xdg/xdg_relabel_all_runtime_home.part
deleted file mode 100644
index b57fbd6..0000000
--- a/policy/modules/contrib/xdg/xdg_relabel_all_runtime_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Allow relabeling the xdg runtime home files, regardless of the specific type
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_relabel_all_runtime_home',`
- gen_require(`
- attribute xdg_runtime_home_type;
- ')
-
- relabel_dirs_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
- relabel_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
- relabel_lnk_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
- relabel_fifo_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
- relabel_sock_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
-
- files_search_pids($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_relabel_generic_cache_home.part b/policy/modules/contrib/xdg/xdg_relabel_generic_cache_home.part
deleted file mode 100644
index 34556f3..0000000
--- a/policy/modules/contrib/xdg/xdg_relabel_generic_cache_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Allow relabeling the xdg cache home files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_relabel_generic_cache_home',`
- gen_require(`
- type xdg_cache_home_t;
- ')
-
- relabel_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
- relabel_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
- relabel_lnk_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
- relabel_fifo_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
- relabel_sock_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_relabel_generic_config_home.part b/policy/modules/contrib/xdg/xdg_relabel_generic_config_home.part
deleted file mode 100644
index dcf73ab..0000000
--- a/policy/modules/contrib/xdg/xdg_relabel_generic_config_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Allow relabeling the xdg config home files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_relabel_generic_config_home',`
- gen_require(`
- type xdg_config_home_t;
- ')
-
- relabel_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t)
- relabel_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
- relabel_lnk_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
- relabel_fifo_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
- relabel_sock_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_relabel_generic_data_home.part b/policy/modules/contrib/xdg/xdg_relabel_generic_data_home.part
deleted file mode 100644
index 2d8c293..0000000
--- a/policy/modules/contrib/xdg/xdg_relabel_generic_data_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Allow relabeling the xdg data home files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_relabel_generic_data_home',`
- gen_require(`
- type xdg_data_home_t;
- ')
-
- relabel_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t)
- relabel_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
- relabel_lnk_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
- relabel_fifo_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
- relabel_sock_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
-
- userdom_search_user_home_dirs($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_relabel_generic_runtime_home.part b/policy/modules/contrib/xdg/xdg_relabel_generic_runtime_home.part
deleted file mode 100644
index 80bcc3b..0000000
--- a/policy/modules/contrib/xdg/xdg_relabel_generic_runtime_home.part
+++ /dev/null
@@ -1,24 +0,0 @@
-
-########################################
-## <summary>
-## Allow relabeling the xdg runtime home files
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xdg_relabel_generic_runtime_home',`
- gen_require(`
- type xdg_runtime_home_t;
- ')
-
- relabel_dirs_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
- relabel_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
- relabel_lnk_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
- relabel_fifo_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
- relabel_sock_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
-
- files_search_pids($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_runtime_home_content.part b/policy/modules/contrib/xdg/xdg_runtime_home_content.part
deleted file mode 100644
index 2497920..0000000
--- a/policy/modules/contrib/xdg/xdg_runtime_home_content.part
+++ /dev/null
@@ -1,20 +0,0 @@
-
-########################################
-## <summary>
-## Mark the selected type as an xdg_runtime_home_type
-## </summary>
-## <param name="type">
-## <summary>
-## Type to give the xdg_runtime_home_type attribute to
-## </summary>
-## </param>
-#
-interface(`xdg_runtime_home_content',`
- gen_require(`
- attribute xdg_runtime_home_type;
- ')
-
- typeattribute $1 xdg_runtime_home_type;
-
- userdom_user_home_content($1)
-')
diff --git a/policy/modules/contrib/xdg/xdg_runtime_home_filetrans.part b/policy/modules/contrib/xdg/xdg_runtime_home_filetrans.part
deleted file mode 100644
index 60d979b..0000000
--- a/policy/modules/contrib/xdg/xdg_runtime_home_filetrans.part
+++ /dev/null
@@ -1,37 +0,0 @@
-
-########################################
-## <summary>
-## Create objects in an xdg_runtime_home directory
-## with an automatic type transition to
-## a specified private type.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="private_type">
-## <summary>
-## The type of the object to create.
-## </summary>
-## </param>
-## <param name="object_class">
-## <summary>
-## The class of the object to be created.
-## </summary>
-## </param>
-## <param name="filename" optional="true">
-## <summary>
-## Name of the file or directory created
-## </summary>
-## </param>
-#
-interface(`xdg_runtime_home_filetrans',`
- gen_require(`
- type xdg_runtime_home_t;
- ')
-
- files_search_pids($1)
-
- filetrans_pattern($1, xdg_runtime_home_t, $2, $3)
-')
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2012-11-01 20:24 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-11-01 20:24 [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/xdg/, policy/modules/contrib/, Sven Vermeulen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox