From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-750367-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 39481138ACE
	for <garchives@archives.gentoo.org>; Tue, 25 Nov 2014 19:49:26 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id AD0EAE0853;
	Tue, 25 Nov 2014 19:49:24 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 0BAF9E0853
	for <gentoo-commits@lists.gentoo.org>; Tue, 25 Nov 2014 19:49:23 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id ABB6834057C
	for <gentoo-commits@lists.gentoo.org>; Tue, 25 Nov 2014 19:49:22 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 5157CAE69
	for <gentoo-commits@lists.gentoo.org>; Tue, 25 Nov 2014 19:49:21 +0000 (UTC)
From: "Jason Zaman" <gentoo@perfinion.com>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Jason Zaman" <gentoo@perfinion.com>
Message-ID: <1416944940.dae6a062355a4499dbbc782cfa5500973d211d43.perfinion@gentoo>
Subject: [gentoo-commits] proj/hardened-refpolicy:adminroles commit in: policy/modules/roles/
X-VCS-Repository: proj/hardened-refpolicy
X-VCS-Files: policy/modules/roles/sysadm.te
X-VCS-Directories: policy/modules/roles/
X-VCS-Committer: perfinion
X-VCS-Committer-Name: Jason Zaman
X-VCS-Revision: dae6a062355a4499dbbc782cfa5500973d211d43
X-VCS-Branch: adminroles
Date: Tue, 25 Nov 2014 19:49:21 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: 67cb1170-962b-475e-83a1-5d4394ade319
X-Archives-Hash: 156eb5b793cb6af49b8d1caa7498e28a

commit:     dae6a062355a4499dbbc782cfa5500973d211d43
Author:     Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Tue Nov 25 04:53:23 2014 +0000
Commit:     Jason Zaman <gentoo <AT> perfinion <DOT> com>
CommitDate: Tue Nov 25 19:49:00 2014 +0000
URL:        http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=dae6a062

Add all foo_admin interfaces to sysadm.te

---
 policy/modules/roles/sysadm.te | 871 ++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 853 insertions(+), 18 deletions(-)

diff --git a/policy/modules/roles/sysadm.te b/policy/modules/roles/sysadm.te
index 7e497b0..f926281 100644
--- a/policy/modules/roles/sysadm.te
+++ b/policy/modules/roles/sysadm.te
@@ -485,47 +485,569 @@ ifdef(`distro_gentoo',`
 	dev_read_cpuid(sysadm_t)
 
 	optional_policy(`
+		dracut_run(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		fail2ban_run_client(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		gorg_role(sysadm_r, sysadm_t)
+	')
+
+	optional_policy(`
+		mutt_role(sysadm_r, sysadm_t)
+	')
+
+	optional_policy(`
+		networkmanager_run_wpa_cli(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		qemu_read_state(sysadm_t)
+		qemu_signal(sysadm_t)
+		qemu_kill(sysadm_t)
+		qemu_setsched(sysadm_t)
+		qemu_run(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		# Support audit2allow, sepolgen and so on
+		selinux_read_policy(sysadm_t)
+	')
+
+	optional_policy(`
+		vde_role(sysadm_r, sysadm_t)
+	')
+
+	#########################################
+	#
+	# Local sysadm_t admin interfaces
+	#
+
+	optional_policy(`
+		abrt_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		accountsd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		acct_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		afs_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		aiccu_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		aide_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		aisexecd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		amavis_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		amtu_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		apache_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		apcupsd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		apm_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		arpwatch_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
 		asterisk_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
-		bind_admin(sysadm_t, sysadm_r)
+		automount_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		avahi_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		bacula_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		bacula_domtrans_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		bcfg2_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		bind_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		bird_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		bitlbee_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		bluetooth_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		boinc_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		bugzilla_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		cachefilesd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		calamaris_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		callweaver_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		canna_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		ccs_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		certmaster_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		certmonger_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		cfengine_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		cgroup_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		chronyd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		cipe_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		clamav_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		cmirrord_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		cobbler_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		collectd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		condor_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		corosync_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		couchdb_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		ctdb_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		cups_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		cvs_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		cyphesis_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		cyrus_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		dante_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		ddclient_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		denyhosts_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		devicekit_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		dhcpd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		dictd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		dirmngr_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		distcc_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		dkim_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		dnsmasq_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		dnssectrigger_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		dovecot_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		drbd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		dspam_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		entropyd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		exim_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		fail2ban_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		fcoe_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		fetchmail_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		firewalld_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		ftp_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		gatekeeper_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		gdomap_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		glance_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		glusterfs_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		gpm_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		gpsd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		hadoop_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		hddtemp_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		howl_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		hypervkvp_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		i18n_input_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		icecast_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		ifplugd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		inn_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		iodine_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		ircd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		irqbalance_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		iscsi_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		isnsd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		jabber_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		kdump_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		kerberos_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		kerneloops_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		keystone_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		kismet_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		ksmtuned_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		kudzu_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		l2tp_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		ldap_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		lightsquid_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		likewise_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		lircd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		lldpad_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		logsentry_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		lsmd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		mandb_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		mcelog_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		memcached_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		minidlna_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		minissdpd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		mongodb_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		monop_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		mpd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		mrtg_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		mscan_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		munin_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		mysql_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		nagios_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		nessus_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		networkmanager_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		nginx_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		nis_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		nscd_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
-		dnsmasq_admin(sysadm_t, sysadm_r)
+		nsd_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
-		dovecot_admin(sysadm_t, sysadm_r)
+		nslcd_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
-		dracut_run(sysadm_t, sysadm_r)
+		ntop_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
-		fail2ban_run_client(sysadm_t, sysadm_r)
+		ntp_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
-		gorg_role(sysadm_r, sysadm_t)
+		numad_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
-		mutt_role(sysadm_r, sysadm_t)
+		nut_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
-		networkmanager_run_wpa_cli(sysadm_t, sysadm_r)
+		oident_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
-		nginx_admin(sysadm_t, sysadm_r)
+		openct_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
-		ntp_admin(sysadm_t, sysadm_r)
+		openhpi_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
@@ -533,24 +1055,164 @@ ifdef(`distro_gentoo',`
 	')
 
 	optional_policy(`
+		openvswitch_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		pacemaker_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		pads_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		pcscd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		pegasus_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		perdition_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		phpfpm_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		pingd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		pkcs_admin_slotd(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		plymouthd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		polipo_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		portmap_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		portreserve_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
 		postfix_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
+		postfixpolicyd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
 		postgresql_admin(sysadm_t, sysadm_r)
 		postgresql_exec(sysadm_t)
 	')
 
 	optional_policy(`
+		postgrey_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		ppp_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		prelude_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		privoxy_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		psad_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
 		puppet_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
-		qemu_read_state(sysadm_t)
-		qemu_signal(sysadm_t)
-		qemu_kill(sysadm_t)
-		qemu_setsched(sysadm_t)
-		qemu_run(sysadm_t, sysadm_r)
+		pxe_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		pyicqt_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		pyzor_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		qpidd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		quantum_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		quota_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		rabbitmq_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		radius_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		radvd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		raid_admin_mdadm(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		redis_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		resmgr_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		rgmanager_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		rhcs_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		rhsmcertd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		ricci_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		rngd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		roundup_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
@@ -558,21 +1220,61 @@ ifdef(`distro_gentoo',`
 	')
 
 	optional_policy(`
+		rpcbind_admin(sysadm_t, sysadm_r)
 		rpcbind_stream_connect(sysadm_t)
 	')
 
 	optional_policy(`
+		rpm_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		rsync_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		rtkit_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
 		rtorrent_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
+		rwho_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
 		salt_admin_master(sysadm_t, sysadm_r)
 		salt_admin_minion(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
-		# Support audit2allow, sepolgen and so on
-		selinux_read_policy(sysadm_t)
+		samba_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		sanlock_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		sasl_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		sblim_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		sendmail_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		sensord_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		setroubleshoot_admin(sysadm_t, sysadm_r)
 	')
 
 	optional_policy(`
@@ -580,6 +1282,139 @@ ifdef(`distro_gentoo',`
 	')
 
 	optional_policy(`
-		vde_role(sysadm_r, sysadm_t)
+		slpd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		smartmon_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		smokeping_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		smstools_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		snmp_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		snort_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		soundserver_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		spamassassin_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		squid_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		sssd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		stapserver_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		svnserve_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		sysstat_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		tcsd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		tftp_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		tgtd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		tor_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		transproxy_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		tuned_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		ulogd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		uptime_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		uucp_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		uuidd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		varnishd_admin(sysadm_t, sysadm_r)
+		varnishd_admin_varnishlog(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		vdagent_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		vhostmd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		virt_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		vnstatd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		watchdog_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		wdmd_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		xfs_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		zabbix_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		zarafa_admin(sysadm_t, sysadm_r)
+	')
+
+	optional_policy(`
+		zebra_admin(sysadm_t, sysadm_r)
 	')
 ')