From: "Jason Zaman" <perfinion@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/contrib/
Date: Mon, 11 May 2015 22:57:25 +0000 (UTC) [thread overview]
Message-ID: <1431384823.0e73c60284ee74368c9742064fe937620b15f8d4.perfinion@gentoo> (raw)
commit: 0e73c60284ee74368c9742064fe937620b15f8d4
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Mon May 11 20:25:10 2015 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Mon May 11 22:53:43 2015 +0000
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=0e73c602
remove initrc_exec_t transitions from contrib _admin interfaces
The _admin interfaces have a transition from sysadm_t to initrc_t
for the init scripts. These interfere with the run_init integration
in openrc, so they need to be removed.
policy/modules/contrib/abrt.if | 8 ++++----
policy/modules/contrib/acct.if | 8 ++++----
policy/modules/contrib/afs.if | 8 ++++----
policy/modules/contrib/aiccu.if | 8 ++++----
policy/modules/contrib/aisexec.if | 8 ++++----
policy/modules/contrib/amavis.if | 8 ++++----
policy/modules/contrib/amtu.if | 8 ++++----
policy/modules/contrib/apache.if | 8 ++++----
policy/modules/contrib/apcupsd.if | 8 ++++----
policy/modules/contrib/apm.if | 8 ++++----
policy/modules/contrib/arpwatch.if | 8 ++++----
policy/modules/contrib/asterisk.if | 8 ++++----
policy/modules/contrib/automount.if | 8 ++++----
policy/modules/contrib/avahi.if | 8 ++++----
policy/modules/contrib/bacula.if | 8 ++++----
policy/modules/contrib/bcfg2.if | 8 ++++----
policy/modules/contrib/bind.if | 8 ++++----
policy/modules/contrib/bird.if | 8 ++++----
policy/modules/contrib/bitcoin.if | 8 ++++----
policy/modules/contrib/bitlbee.if | 8 ++++----
policy/modules/contrib/bluetooth.if | 8 ++++----
policy/modules/contrib/boinc.if | 8 ++++----
policy/modules/contrib/cachefilesd.if | 8 ++++----
policy/modules/contrib/callweaver.if | 8 ++++----
policy/modules/contrib/canna.if | 8 ++++----
policy/modules/contrib/ccs.if | 8 ++++----
policy/modules/contrib/certmaster.if | 8 ++++----
policy/modules/contrib/certmonger.if | 8 ++++----
policy/modules/contrib/cfengine.if | 8 ++++----
policy/modules/contrib/cgroup.if | 10 +++++-----
policy/modules/contrib/chronyd.if | 8 ++++----
policy/modules/contrib/cipe.if | 8 ++++----
policy/modules/contrib/clamav.if | 8 ++++----
policy/modules/contrib/cmirrord.if | 8 ++++----
policy/modules/contrib/cobbler.if | 8 ++++----
policy/modules/contrib/collectd.if | 8 ++++----
policy/modules/contrib/condor.if | 8 ++++----
policy/modules/contrib/corosync.if | 8 ++++----
policy/modules/contrib/couchdb.if | 8 ++++----
policy/modules/contrib/ctdb.if | 8 ++++----
policy/modules/contrib/cups.if | 8 ++++----
policy/modules/contrib/cvs.if | 8 ++++----
policy/modules/contrib/cyphesis.if | 8 ++++----
policy/modules/contrib/cyrus.if | 8 ++++----
policy/modules/contrib/dante.if | 8 ++++----
policy/modules/contrib/ddclient.if | 8 ++++----
policy/modules/contrib/denyhosts.if | 8 ++++----
policy/modules/contrib/dhcp.if | 8 ++++----
policy/modules/contrib/dictd.if | 8 ++++----
policy/modules/contrib/dirmngr.if | 8 ++++----
policy/modules/contrib/distcc.if | 8 ++++----
policy/modules/contrib/dkim.if | 8 ++++----
policy/modules/contrib/dnsmasq.if | 8 ++++----
policy/modules/contrib/dnssectrigger.if | 8 ++++----
policy/modules/contrib/dovecot.if | 8 ++++----
policy/modules/contrib/drbd.if | 8 ++++----
policy/modules/contrib/dspam.if | 8 ++++----
policy/modules/contrib/entropyd.if | 8 ++++----
policy/modules/contrib/exim.if | 8 ++++----
policy/modules/contrib/fail2ban.if | 8 ++++----
policy/modules/contrib/fcoe.if | 8 ++++----
policy/modules/contrib/fetchmail.if | 8 ++++----
policy/modules/contrib/firewalld.if | 8 ++++----
policy/modules/contrib/ftp.if | 8 ++++----
policy/modules/contrib/gatekeeper.if | 8 ++++----
policy/modules/contrib/gdomap.if | 8 ++++----
policy/modules/contrib/glance.if | 8 ++++----
policy/modules/contrib/glusterfs.if | 8 ++++----
policy/modules/contrib/gpm.if | 8 ++++----
policy/modules/contrib/gpsd.if | 8 ++++----
policy/modules/contrib/hadoop.if | 8 ++++----
policy/modules/contrib/hddtemp.if | 8 ++++----
policy/modules/contrib/howl.if | 8 ++++----
policy/modules/contrib/hypervkvp.if | 8 ++++----
policy/modules/contrib/i18n_input.if | 8 ++++----
policy/modules/contrib/icecast.if | 8 ++++----
policy/modules/contrib/ifplugd.if | 8 ++++----
policy/modules/contrib/inn.if | 8 ++++----
policy/modules/contrib/iodine.if | 8 ++++----
policy/modules/contrib/ircd.if | 8 ++++----
policy/modules/contrib/irqbalance.if | 8 ++++----
policy/modules/contrib/iscsi.if | 8 ++++----
policy/modules/contrib/isns.if | 8 ++++----
policy/modules/contrib/jabber.if | 8 ++++----
policy/modules/contrib/kdump.if | 8 ++++----
policy/modules/contrib/kerberos.if | 8 ++++----
policy/modules/contrib/kerneloops.if | 8 ++++----
policy/modules/contrib/keystone.if | 8 ++++----
policy/modules/contrib/kismet.if | 8 ++++----
policy/modules/contrib/ksmtuned.if | 8 ++++----
policy/modules/contrib/kudzu.if | 8 ++++----
policy/modules/contrib/l2tp.if | 8 ++++----
policy/modules/contrib/ldap.if | 8 ++++----
policy/modules/contrib/likewise.if | 8 ++++----
policy/modules/contrib/lircd.if | 8 ++++----
policy/modules/contrib/lldpad.if | 8 ++++----
policy/modules/contrib/mailscanner.if | 8 ++++----
policy/modules/contrib/mcelog.if | 8 ++++----
policy/modules/contrib/memcached.if | 8 ++++----
policy/modules/contrib/minidlna.if | 8 ++++----
policy/modules/contrib/minissdpd.if | 8 ++++----
policy/modules/contrib/mongodb.if | 8 ++++----
policy/modules/contrib/monop.if | 8 ++++----
policy/modules/contrib/mpd.if | 8 ++++----
policy/modules/contrib/mrtg.if | 8 ++++----
policy/modules/contrib/munin.if | 8 ++++----
policy/modules/contrib/mysql.if | 8 ++++----
policy/modules/contrib/nagios.if | 8 ++++----
policy/modules/contrib/nessus.if | 8 ++++----
policy/modules/contrib/networkmanager.if | 8 ++++----
policy/modules/contrib/nis.if | 10 +++++-----
policy/modules/contrib/nscd.if | 8 ++++----
policy/modules/contrib/nsd.if | 8 ++++----
policy/modules/contrib/nslcd.if | 8 ++++----
policy/modules/contrib/ntop.if | 8 ++++----
policy/modules/contrib/ntp.if | 8 ++++----
policy/modules/contrib/numad.if | 8 ++++----
policy/modules/contrib/nut.if | 8 ++++----
policy/modules/contrib/oident.if | 8 ++++----
policy/modules/contrib/openct.if | 8 ++++----
policy/modules/contrib/openhpi.if | 8 ++++----
policy/modules/contrib/openvpn.if | 8 ++++----
policy/modules/contrib/openvswitch.if | 8 ++++----
policy/modules/contrib/pacemaker.if | 8 ++++----
policy/modules/contrib/pads.if | 8 ++++----
policy/modules/contrib/pcscd.if | 8 ++++----
policy/modules/contrib/pegasus.if | 8 ++++----
policy/modules/contrib/perdition.if | 8 ++++----
policy/modules/contrib/pingd.if | 8 ++++----
policy/modules/contrib/pkcs.if | 8 ++++----
policy/modules/contrib/polipo.if | 8 ++++----
policy/modules/contrib/portmap.if | 8 ++++----
policy/modules/contrib/portreserve.if | 8 ++++----
policy/modules/contrib/postfix.if | 8 ++++----
policy/modules/contrib/postfixpolicyd.if | 8 ++++----
policy/modules/contrib/postgrey.if | 8 ++++----
policy/modules/contrib/ppp.if | 8 ++++----
policy/modules/contrib/prelude.if | 8 ++++----
policy/modules/contrib/privoxy.if | 8 ++++----
policy/modules/contrib/psad.if | 8 ++++----
policy/modules/contrib/puppet.if | 8 ++++----
policy/modules/contrib/pxe.if | 8 ++++----
policy/modules/contrib/pyicqt.if | 8 ++++----
policy/modules/contrib/pyzor.if | 8 ++++----
policy/modules/contrib/qpid.if | 8 ++++----
policy/modules/contrib/quantum.if | 8 ++++----
policy/modules/contrib/quota.if | 8 ++++----
policy/modules/contrib/rabbitmq.if | 8 ++++----
policy/modules/contrib/radius.if | 8 ++++----
policy/modules/contrib/radvd.if | 8 ++++----
policy/modules/contrib/raid.if | 8 ++++----
policy/modules/contrib/redis.if | 8 ++++----
policy/modules/contrib/resmgr.if | 8 ++++----
policy/modules/contrib/rgmanager.if | 8 ++++----
policy/modules/contrib/rhcs.if | 8 ++++----
policy/modules/contrib/rhsmcertd.if | 8 ++++----
policy/modules/contrib/ricci.if | 8 ++++----
policy/modules/contrib/rngd.if | 8 ++++----
policy/modules/contrib/roundup.if | 8 ++++----
policy/modules/contrib/rpc.if | 8 ++++----
policy/modules/contrib/rpcbind.if | 8 ++++----
policy/modules/contrib/rpm.if | 8 ++++----
policy/modules/contrib/rtkit.if | 8 ++++----
policy/modules/contrib/rwho.if | 8 ++++----
policy/modules/contrib/salt.if | 16 ++++++++--------
policy/modules/contrib/samba.if | 8 ++++----
policy/modules/contrib/sanlock.if | 8 ++++----
policy/modules/contrib/sasl.if | 8 ++++----
policy/modules/contrib/sblim.if | 8 ++++----
policy/modules/contrib/sendmail.if | 6 +++---
policy/modules/contrib/sensord.if | 8 ++++----
policy/modules/contrib/shorewall.if | 8 ++++----
policy/modules/contrib/slpd.if | 8 ++++----
policy/modules/contrib/smartmon.if | 8 ++++----
policy/modules/contrib/smokeping.if | 8 ++++----
policy/modules/contrib/smstools.if | 8 ++++----
policy/modules/contrib/snmp.if | 8 ++++----
policy/modules/contrib/snort.if | 8 ++++----
policy/modules/contrib/soundserver.if | 8 ++++----
policy/modules/contrib/spamassassin.if | 8 ++++----
policy/modules/contrib/squid.if | 8 ++++----
policy/modules/contrib/sssd.if | 8 ++++----
policy/modules/contrib/svnserve.if | 8 ++++----
policy/modules/contrib/sysstat.if | 8 ++++----
policy/modules/contrib/systemtap.if | 8 ++++----
policy/modules/contrib/tcsd.if | 8 ++++----
policy/modules/contrib/tgtd.if | 8 ++++----
policy/modules/contrib/tor.if | 8 ++++----
policy/modules/contrib/transproxy.if | 8 ++++----
policy/modules/contrib/tuned.if | 8 ++++----
policy/modules/contrib/ulogd.if | 8 ++++----
policy/modules/contrib/uptime.if | 8 ++++----
policy/modules/contrib/uucp.if | 8 ++++----
policy/modules/contrib/uuidd.if | 8 ++++----
policy/modules/contrib/varnishd.if | 16 ++++++++--------
policy/modules/contrib/vdagent.if | 8 ++++----
policy/modules/contrib/vhostmd.if | 8 ++++----
policy/modules/contrib/virt.if | 8 ++++----
policy/modules/contrib/vnstatd.if | 8 ++++----
policy/modules/contrib/watchdog.if | 8 ++++----
policy/modules/contrib/wdmd.if | 8 ++++----
policy/modules/contrib/xfs.if | 8 ++++----
policy/modules/contrib/zabbix.if | 8 ++++----
policy/modules/contrib/zarafa.if | 8 ++++----
policy/modules/contrib/zebra.if | 8 ++++----
205 files changed, 829 insertions(+), 829 deletions(-)
diff --git a/policy/modules/contrib/abrt.if b/policy/modules/contrib/abrt.if
index 058d908..6195190 100644
--- a/policy/modules/contrib/abrt.if
+++ b/policy/modules/contrib/abrt.if
@@ -304,10 +304,10 @@ interface(`abrt_admin',`
allow $1 abrt_domain:process { ptrace signal_perms };
ps_process_pattern($1, abrt_domain)
- init_labeled_script_domtrans($1, abrt_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 abrt_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, abrt_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 abrt_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, abrt_etc_t)
diff --git a/policy/modules/contrib/acct.if b/policy/modules/contrib/acct.if
index 81280d0..a49181a 100644
--- a/policy/modules/contrib/acct.if
+++ b/policy/modules/contrib/acct.if
@@ -106,10 +106,10 @@ interface(`acct_admin',`
allow $1 acct_t:process { ptrace signal_perms };
ps_process_pattern($1, acct_t)
- init_labeled_script_domtrans($1, acct_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 acct_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, acct_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 acct_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, acct_data_t)
diff --git a/policy/modules/contrib/afs.if b/policy/modules/contrib/afs.if
index 3b41be6..04f8f03 100644
--- a/policy/modules/contrib/afs.if
+++ b/policy/modules/contrib/afs.if
@@ -103,10 +103,10 @@ interface(`afs_admin',`
allow $1 afs_domain:process { ptrace signal_perms };
ps_process_pattern($1, afs_domain)
- afs_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 afs_initrc_exec_t system_r;
- allow $2 system_r;
+ #afs_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 afs_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, afs_config_t)
diff --git a/policy/modules/contrib/aiccu.if b/policy/modules/contrib/aiccu.if
index 3b5dcb9..cd049ac 100644
--- a/policy/modules/contrib/aiccu.if
+++ b/policy/modules/contrib/aiccu.if
@@ -82,10 +82,10 @@ interface(`aiccu_admin',`
allow $1 aiccu_t:process { ptrace signal_perms };
ps_process_pattern($1, aiccu_t)
- aiccu_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 aiccu_initrc_exec_t system_r;
- allow $2 system_r;
+ #aiccu_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 aiccu_initrc_exec_t system_r;
+ #allow $2 system_r;
admin_pattern($1, aiccu_etc_t)
files_list_etc($1)
diff --git a/policy/modules/contrib/aisexec.if b/policy/modules/contrib/aisexec.if
index a2997fa..1bc0fcf 100644
--- a/policy/modules/contrib/aisexec.if
+++ b/policy/modules/contrib/aisexec.if
@@ -86,10 +86,10 @@ interface(`aisexecd_admin',`
allow $1 aisexec_t:process { ptrace signal_perms };
ps_process_pattern($1, aisexec_t)
- init_labeled_script_domtrans($1, aisexec_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 aisexec_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, aisexec_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 aisexec_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_var_lib($1)
admin_pattern($1, aisexec_var_lib_t)
diff --git a/policy/modules/contrib/amavis.if b/policy/modules/contrib/amavis.if
index 60d4f8c..9b6f2b2 100644
--- a/policy/modules/contrib/amavis.if
+++ b/policy/modules/contrib/amavis.if
@@ -237,10 +237,10 @@ interface(`amavis_admin',`
allow $1 amavis_t:process { ptrace signal_perms };
ps_process_pattern($1, amavis_t)
- amavis_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 amavis_initrc_exec_t system_r;
- allow $2 system_r;
+ #amavis_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 amavis_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, amavis_etc_t)
diff --git a/policy/modules/contrib/amtu.if b/policy/modules/contrib/amtu.if
index 884b23b..fa319c7 100644
--- a/policy/modules/contrib/amtu.if
+++ b/policy/modules/contrib/amtu.if
@@ -70,8 +70,8 @@ interface(`amtu_admin',`
allow $1 amtu_t:process { ptrace signal_perms };
ps_process_pattern($1, amtu_t)
- init_labeled_script_domtrans($1, amtu_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 amtu_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, amtu_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 amtu_initrc_exec_t system_r;
+ #allow $2 system_r;
')
diff --git a/policy/modules/contrib/apache.if b/policy/modules/contrib/apache.if
index 717c6f7..b148da6 100644
--- a/policy/modules/contrib/apache.if
+++ b/policy/modules/contrib/apache.if
@@ -1318,10 +1318,10 @@ interface(`apache_admin',`
ps_process_pattern($1, { httpd_script_domains httpd_t httpd_helper_t })
ps_process_pattern($1, { httpd_rotatelogs_t httpd_suexec_t httpd_passwd_t })
- init_labeled_script_domtrans($1, httpd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 httpd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, httpd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 httpd_initrc_exec_t system_r;
+ #allow $2 system_r;
apache_manage_all_content($1)
miscfiles_manage_public_files($1)
diff --git a/policy/modules/contrib/apcupsd.if b/policy/modules/contrib/apcupsd.if
index f3c0aba..2e2b50c 100644
--- a/policy/modules/contrib/apcupsd.if
+++ b/policy/modules/contrib/apcupsd.if
@@ -149,10 +149,10 @@ interface(`apcupsd_admin',`
allow $1 apcupsd_t:process { ptrace signal_perms };
ps_process_pattern($1, apcupsd_t)
- apcupsd_initrc_domtrans($1, apcupsd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 apcupsd_initrc_exec_t system_r;
- allow $2 system_r;
+ #apcupsd_initrc_domtrans($1, apcupsd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 apcupsd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_var($1)
admin_pattern($1, apcupsd_lock_t)
diff --git a/policy/modules/contrib/apm.if b/policy/modules/contrib/apm.if
index 1a7a97e..f5219a2 100644
--- a/policy/modules/contrib/apm.if
+++ b/policy/modules/contrib/apm.if
@@ -166,10 +166,10 @@ interface(`apm_admin',`
allow $1 apmd_t:process { ptrace signal_perms };
ps_process_pattern($1, apmd_t)
- init_labeled_script_domtrans($1, apmd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 apmd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, apmd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 apmd_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, apmd_log_t)
diff --git a/policy/modules/contrib/arpwatch.if b/policy/modules/contrib/arpwatch.if
index 50c9b9c..7296bdf 100644
--- a/policy/modules/contrib/arpwatch.if
+++ b/policy/modules/contrib/arpwatch.if
@@ -143,10 +143,10 @@ interface(`arpwatch_admin',`
allow $1 arpwatch_t:process { ptrace signal_perms };
ps_process_pattern($1, arpwatch_t)
- arpwatch_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 arpwatch_initrc_exec_t system_r;
- allow $2 system_r;
+ #arpwatch_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 arpwatch_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_tmp($1)
admin_pattern($1, arpwatch_tmp_t)
diff --git a/policy/modules/contrib/asterisk.if b/policy/modules/contrib/asterisk.if
index 2077053..46ef939 100644
--- a/policy/modules/contrib/asterisk.if
+++ b/policy/modules/contrib/asterisk.if
@@ -127,10 +127,10 @@ interface(`asterisk_admin',`
allow $1 asterisk_t:process { ptrace signal_perms };
ps_process_pattern($1, asterisk_t)
- init_labeled_script_domtrans($1, asterisk_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 asterisk_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, asterisk_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 asterisk_initrc_exec_t system_r;
+ #allow $2 system_r;
asterisk_exec($1)
diff --git a/policy/modules/contrib/automount.if b/policy/modules/contrib/automount.if
index f24e369..82c1ea5 100644
--- a/policy/modules/contrib/automount.if
+++ b/policy/modules/contrib/automount.if
@@ -159,10 +159,10 @@ interface(`automount_admin',`
allow $1 automount_t:process { ptrace signal_perms };
ps_process_pattern($1, automount_t)
- init_labeled_script_domtrans($1, automount_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 automount_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, automount_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 automount_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, automount_keytab_t)
diff --git a/policy/modules/contrib/avahi.if b/policy/modules/contrib/avahi.if
index 9078c3d..b490161 100644
--- a/policy/modules/contrib/avahi.if
+++ b/policy/modules/contrib/avahi.if
@@ -264,10 +264,10 @@ interface(`avahi_admin',`
allow $1 avahi_t:process { ptrace signal_perms };
ps_process_pattern($1, avahi_t)
- avahi_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 avahi_initrc_exec_t system_r;
- allow $2 system_r;
+ #avahi_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 avahi_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, avahi_var_run_t)
diff --git a/policy/modules/contrib/bacula.if b/policy/modules/contrib/bacula.if
index dcd774e..fdfef80 100644
--- a/policy/modules/contrib/bacula.if
+++ b/policy/modules/contrib/bacula.if
@@ -74,10 +74,10 @@ interface(`bacula_admin',`
allow $1 bacula_t:process { ptrace signal_perms };
ps_process_pattern($1, bacula_t)
- init_labeled_script_domtrans($1, bacula_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 bacula_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, bacula_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 bacula_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, bacula_etc_t)
diff --git a/policy/modules/contrib/bcfg2.if b/policy/modules/contrib/bcfg2.if
index ec95d36..311ab75 100644
--- a/policy/modules/contrib/bcfg2.if
+++ b/policy/modules/contrib/bcfg2.if
@@ -141,10 +141,10 @@ interface(`bcfg2_admin',`
allow $1 bcfg2_t:process { ptrace signal_perms };
ps_process_pattern($1, bcfg2_t)
- bcfg2_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 bcfg2_initrc_exec_t system_r;
- allow $2 system_r;
+ #bcfg2_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 bcfg2_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, bcfg2_var_run_t)
diff --git a/policy/modules/contrib/bind.if b/policy/modules/contrib/bind.if
index 531a8f2..835b9c0 100644
--- a/policy/modules/contrib/bind.if
+++ b/policy/modules/contrib/bind.if
@@ -370,10 +370,10 @@ interface(`bind_admin',`
allow $1 { named_t ndc_t }:process { ptrace signal_perms };
ps_process_pattern($1, { named_t ndc_t })
- init_labeled_script_domtrans($1, named_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 named_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, named_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 named_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_tmp($1)
admin_pattern($1, named_tmp_t)
diff --git a/policy/modules/contrib/bird.if b/policy/modules/contrib/bird.if
index 85c035f..01278df 100644
--- a/policy/modules/contrib/bird.if
+++ b/policy/modules/contrib/bird.if
@@ -26,10 +26,10 @@ interface(`bird_admin',`
allow $1 bird_t:process { ptrace signal_perms };
ps_process_pattern($1, bird_t)
- init_labeled_script_domtrans($1, bird_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 bird_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, bird_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 bird_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, bird_etc_t)
diff --git a/policy/modules/contrib/bitcoin.if b/policy/modules/contrib/bitcoin.if
index 922bc7c..a6d9018 100644
--- a/policy/modules/contrib/bitcoin.if
+++ b/policy/modules/contrib/bitcoin.if
@@ -26,10 +26,10 @@ interface(`bitcoin_admin',`
allow $1 bitcoin_t:process { ptrace signal_perms };
ps_process_pattern($1, bitcoin_t)
- init_labeled_script_domtrans($1, bitcoin_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 bitcoin_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, bitcoin_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 bitcoin_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_tmp($1)
admin_pattern($1, bitcoin_tmp_t)
diff --git a/policy/modules/contrib/bitlbee.if b/policy/modules/contrib/bitlbee.if
index e73fb79..bc326c9 100644
--- a/policy/modules/contrib/bitlbee.if
+++ b/policy/modules/contrib/bitlbee.if
@@ -47,10 +47,10 @@ interface(`bitlbee_admin',`
allow $1 bitlbee_t:process { ptrace signal_perms };
ps_process_pattern($1, bitlbee_t)
- init_labeled_script_domtrans($1, bitlbee_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 bitlbee_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, bitlbee_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 bitlbee_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, bitlbee_conf_t)
diff --git a/policy/modules/contrib/bluetooth.if b/policy/modules/contrib/bluetooth.if
index c723a0a..8e2eff5 100644
--- a/policy/modules/contrib/bluetooth.if
+++ b/policy/modules/contrib/bluetooth.if
@@ -216,10 +216,10 @@ interface(`bluetooth_admin',`
allow $1 bluetooth_t:process { ptrace signal_perms };
ps_process_pattern($1, bluetooth_t)
- init_labeled_script_domtrans($1, bluetooth_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 bluetooth_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, bluetooth_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 bluetooth_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_tmp($1)
admin_pattern($1, bluetooth_tmp_t)
diff --git a/policy/modules/contrib/boinc.if b/policy/modules/contrib/boinc.if
index 02fefaa..3a66e75 100644
--- a/policy/modules/contrib/boinc.if
+++ b/policy/modules/contrib/boinc.if
@@ -28,10 +28,10 @@ interface(`boinc_admin',`
allow $1 { boinc_t boinc_project_t }:process { ptrace signal_perms };
ps_process_pattern($1, { boinc_t boinc_project_t })
- init_labeled_script_domtrans($1, boinc_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 boinc_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, boinc_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 boinc_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, boinc_log_t)
diff --git a/policy/modules/contrib/cachefilesd.if b/policy/modules/contrib/cachefilesd.if
index 8de2ab9..4c68242 100644
--- a/policy/modules/contrib/cachefilesd.if
+++ b/policy/modules/contrib/cachefilesd.if
@@ -26,10 +26,10 @@ interface(`cachefilesd_admin',`
allow $1 cachefilesd_t:process { ptrace signal_perms };
ps_process_pattern($1, cachefilesd_t)
- init_labeled_script_domtrans($1, cachefilesd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 cachefilesd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, cachefilesd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 cachefilesd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var($1)
admin_pattern($1, cachefilesd_cache_t)
diff --git a/policy/modules/contrib/callweaver.if b/policy/modules/contrib/callweaver.if
index 16f1855..ad4dee3 100644
--- a/policy/modules/contrib/callweaver.if
+++ b/policy/modules/contrib/callweaver.if
@@ -65,10 +65,10 @@ interface(`callweaver_admin',`
allow $1 callweaver_t:process { ptrace signal_perms };
ps_process_pattern($1, callweaver_t)
- init_labeled_script_domtrans($1, callweaver_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 callweaver_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, callweaver_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 callweaver_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, callweaver_log_t)
diff --git a/policy/modules/contrib/canna.if b/policy/modules/contrib/canna.if
index 400db07..98a34d7 100644
--- a/policy/modules/contrib/canna.if
+++ b/policy/modules/contrib/canna.if
@@ -46,10 +46,10 @@ interface(`canna_admin',`
allow $1 canna_t:process { ptrace signal_perms };
ps_process_pattern($1, canna_t)
- init_labeled_script_domtrans($1, canna_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 canna_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, canna_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 canna_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_list_logs($1)
admin_pattern($1, canna_log_t)
diff --git a/policy/modules/contrib/ccs.if b/policy/modules/contrib/ccs.if
index bb17e0f..80ef99e 100644
--- a/policy/modules/contrib/ccs.if
+++ b/policy/modules/contrib/ccs.if
@@ -105,10 +105,10 @@ interface(`ccs_admin',`
allow $1 ccs_t:process { ptrace signal_perms };
ps_process_pattern($1, ccs_t)
- init_labeled_script_domtrans($1, ccs_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 ccs_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, ccs_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 ccs_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, ccs_conf_t)
diff --git a/policy/modules/contrib/certmaster.if b/policy/modules/contrib/certmaster.if
index 0c53b18..ad86de9 100644
--- a/policy/modules/contrib/certmaster.if
+++ b/policy/modules/contrib/certmaster.if
@@ -124,10 +124,10 @@ interface(`certmaster_admin',`
allow $1 certmaster_t:process { ptrace signal_perms };
ps_process_pattern($1, certmaster_t)
- init_labeled_script_domtrans($1, certmaster_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 certmaster_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, certmaster_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 certmaster_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
miscfiles_manage_generic_cert_dirs($1)
diff --git a/policy/modules/contrib/certmonger.if b/policy/modules/contrib/certmonger.if
index 008f8ef..bed2a59 100644
--- a/policy/modules/contrib/certmonger.if
+++ b/policy/modules/contrib/certmonger.if
@@ -162,10 +162,10 @@ interface(`certmonger_admin',`
ps_process_pattern($1, certmonger_t)
allow $1 certmonger_t:process { ptrace signal_perms };
- certmonger_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 certmonger_initrc_exec_t system_r;
- allow $2 system_r;
+ #certmonger_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 certmonger_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var_lib($1)
admin_pattern($1, certmonger_var_lib_t)
diff --git a/policy/modules/contrib/cfengine.if b/policy/modules/contrib/cfengine.if
index a731122..d47ea2a 100644
--- a/policy/modules/contrib/cfengine.if
+++ b/policy/modules/contrib/cfengine.if
@@ -97,10 +97,10 @@ interface(`cfengine_admin',`
allow $1 cfengine_domain:process { ptrace signal_perms };
ps_process_pattern($1, cfengine_domain)
- init_labeled_script_domtrans($1, cfengine_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 cfengine_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, cfengine_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 cfengine_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var_lib($1)
admin_pattern($1, { cfengine_log_t cfengine_var_lib_t })
diff --git a/policy/modules/contrib/cgroup.if b/policy/modules/contrib/cgroup.if
index 85ca63f..c136d2f 100644
--- a/policy/modules/contrib/cgroup.if
+++ b/policy/modules/contrib/cgroup.if
@@ -180,11 +180,11 @@ interface(`cgroup_admin',`
admin_pattern($1, cgred_var_run_t)
files_list_pids($1)
- cgroup_initrc_domtrans_cgconfig($1)
- cgroup_initrc_domtrans_cgred($1)
- domain_system_change_exemption($1)
- role_transition $2 { cgconfig_initrc_exec_t cgred_initrc_exec_t } system_r;
- allow $2 system_r;
+ #cgroup_initrc_domtrans_cgconfig($1)
+ #cgroup_initrc_domtrans_cgred($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 { cgconfig_initrc_exec_t cgred_initrc_exec_t } system_r;
+ #allow $2 system_r;
cgroup_run_cgclear($1, $2)
')
diff --git a/policy/modules/contrib/chronyd.if b/policy/modules/contrib/chronyd.if
index 32e8265..f504b7b 100644
--- a/policy/modules/contrib/chronyd.if
+++ b/policy/modules/contrib/chronyd.if
@@ -184,10 +184,10 @@ interface(`chronyd_admin',`
allow $1 chronyd_t:process { ptrace signal_perms };
ps_process_pattern($1, chronyd_t)
- chronyd_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 chronyd_initrc_exec_t system_r;
- allow $2 system_r;
+ #chronyd_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 chronyd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, chronyd_keys_t)
diff --git a/policy/modules/contrib/cipe.if b/policy/modules/contrib/cipe.if
index 5fb51b2..11ff777 100644
--- a/policy/modules/contrib/cipe.if
+++ b/policy/modules/contrib/cipe.if
@@ -25,8 +25,8 @@ interface(`cipe_admin',`
allow $1 ciped_t:process { ptrace signal_perms };
ps_process_pattern($1, ciped_t)
- init_labeled_script_domtrans($1, ciped_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 ciped_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, ciped_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 ciped_initrc_exec_t system_r;
+ #allow $2 system_r;
')
diff --git a/policy/modules/contrib/clamav.if b/policy/modules/contrib/clamav.if
index 4cc4a5c..e194bb7 100644
--- a/policy/modules/contrib/clamav.if
+++ b/policy/modules/contrib/clamav.if
@@ -205,10 +205,10 @@ interface(`clamav_admin',`
allow $1 { clamd_t clamscan_t freshclam_t }:process { ptrace signal_perms };
ps_process_pattern($1, { clamd_t clamscan_t freshclam_t })
- init_labeled_script_domtrans($1, clamd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 clamd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, clamd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 clamd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, clamd_etc_t)
diff --git a/policy/modules/contrib/cmirrord.if b/policy/modules/contrib/cmirrord.if
index cc4e7cb..242bbc3 100644
--- a/policy/modules/contrib/cmirrord.if
+++ b/policy/modules/contrib/cmirrord.if
@@ -106,10 +106,10 @@ interface(`cmirrord_admin',`
allow $1 cmirrord_t:process { ptrace signal_perms };
ps_process_pattern($1, cmirrord_t)
- cmirrord_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 cmirrord_initrc_exec_t system_r;
- allow $2 system_r;
+ #cmirrord_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 cmirrord_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_pids($1)
admin_pattern($1, cmirrord_var_run_t)
diff --git a/policy/modules/contrib/cobbler.if b/policy/modules/contrib/cobbler.if
index c223f81..8392d01 100644
--- a/policy/modules/contrib/cobbler.if
+++ b/policy/modules/contrib/cobbler.if
@@ -183,10 +183,10 @@ interface(`cobbler_admin',`
allow $1 cobblerd_t:process { ptrace signal_perms };
ps_process_pattern($1, cobblerd_t)
- cobblerd_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 cobblerd_initrc_exec_t system_r;
- allow $2 system_r;
+ #cobblerd_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 cobblerd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, cobbler_etc_t)
diff --git a/policy/modules/contrib/collectd.if b/policy/modules/contrib/collectd.if
index 954309e..9bb2db5 100644
--- a/policy/modules/contrib/collectd.if
+++ b/policy/modules/contrib/collectd.if
@@ -26,10 +26,10 @@ interface(`collectd_admin',`
allow $1 collectd_t:process { ptrace signal_perms };
ps_process_pattern($1, collectd_t)
- init_labeled_script_domtrans($1, collectd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 collectd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, collectd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 collectd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, collectd_var_run_t)
diff --git a/policy/modules/contrib/condor.if b/policy/modules/contrib/condor.if
index c80aaf5..b350506 100644
--- a/policy/modules/contrib/condor.if
+++ b/policy/modules/contrib/condor.if
@@ -66,10 +66,10 @@ interface(`condor_admin',`
allow $1 condor_domain:process { ptrace signal_perms };
ps_process_pattern($1, condor_domain)
- init_labeled_script_domtrans($1, condor_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 condor_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, condor_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 condor_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, condor_conf_t)
diff --git a/policy/modules/contrib/corosync.if b/policy/modules/contrib/corosync.if
index 694a037..2e5c8e0 100644
--- a/policy/modules/contrib/corosync.if
+++ b/policy/modules/contrib/corosync.if
@@ -165,10 +165,10 @@ interface(`corosync_admin',`
allow $1 corosync_t:process { ptrace signal_perms };
ps_process_pattern($1, corosync_t)
- corosync_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 corosync_initrc_exec_t system_r;
- allow $2 system_r;
+ #corosync_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 corosync_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_tmp($1)
admin_pattern($1, corosync_tmp_t)
diff --git a/policy/modules/contrib/couchdb.if b/policy/modules/contrib/couchdb.if
index 715a826..654e58a 100644
--- a/policy/modules/contrib/couchdb.if
+++ b/policy/modules/contrib/couchdb.if
@@ -103,10 +103,10 @@ interface(`couchdb_admin',`
allow $1 couchdb_t:process { ptrace signal_perms };
ps_process_pattern($1, couchdb_t)
- init_labeled_script_domtrans($1, couchdb_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 couchdb_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, couchdb_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 couchdb_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, couchdb_conf_t)
diff --git a/policy/modules/contrib/ctdb.if b/policy/modules/contrib/ctdb.if
index b25b01d..bb9daea 100644
--- a/policy/modules/contrib/ctdb.if
+++ b/policy/modules/contrib/ctdb.if
@@ -66,10 +66,10 @@ interface(`ctdb_admin',`
allow $1 ctdbd_t:process { ptrace signal_perms };
ps_process_pattern($1, ctdbd_t)
- init_labeled_script_domtrans($1, ctdbd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 ctdbd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, ctdbd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 ctdbd_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, ctdbd_log_t)
diff --git a/policy/modules/contrib/cups.if b/policy/modules/contrib/cups.if
index 3023be7..f5e5fcb 100644
--- a/policy/modules/contrib/cups.if
+++ b/policy/modules/contrib/cups.if
@@ -357,10 +357,10 @@ interface(`cups_admin',`
ps_process_pattern($1, { cupsd_t cupsd_config_t cupsd_lpd_t })
ps_process_pattern($1, { cups_pdf_t hplip_t ptal_t })
- init_labeled_script_domtrans($1, cupsd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 cupsd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, cupsd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 cupsd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, { cupsd_etc_t cupsd_rw_etc_t ptal_etc_t })
diff --git a/policy/modules/contrib/cvs.if b/policy/modules/contrib/cvs.if
index 64775fd..276840c 100644
--- a/policy/modules/contrib/cvs.if
+++ b/policy/modules/contrib/cvs.if
@@ -65,10 +65,10 @@ interface(`cvs_admin',`
allow $1 cvs_t:process { ptrace signal_perms };
ps_process_pattern($1, cvs_t)
- init_labeled_script_domtrans($1, cvs_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 cvs_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, cvs_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 cvs_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, cvs_keytab_t)
diff --git a/policy/modules/contrib/cyphesis.if b/policy/modules/contrib/cyphesis.if
index df8aa4a..86c1316 100644
--- a/policy/modules/contrib/cyphesis.if
+++ b/policy/modules/contrib/cyphesis.if
@@ -45,10 +45,10 @@ interface(`cyphesis_admin',`
allow $1 cyphesis_t:process { ptrace signal_perms };
ps_process_pattern($1, cyphesis_t)
- init_labeled_script_domtrans($1, cyphesis_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 cyphesis_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, cyphesis_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 cyphesis_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, cyphesis_log_t)
diff --git a/policy/modules/contrib/cyrus.if b/policy/modules/contrib/cyrus.if
index 83bfda6..069eec7 100644
--- a/policy/modules/contrib/cyrus.if
+++ b/policy/modules/contrib/cyrus.if
@@ -67,10 +67,10 @@ interface(`cyrus_admin',`
allow $1 cyrus_t:process { ptrace signal_perms };
ps_process_pattern($1, cyrus_t)
- init_labeled_script_domtrans($1, cyrus_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 cyrus_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, cyrus_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 cyrus_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, cyrus_keytab_t)
diff --git a/policy/modules/contrib/dante.if b/policy/modules/contrib/dante.if
index e709177..8e26fd8 100644
--- a/policy/modules/contrib/dante.if
+++ b/policy/modules/contrib/dante.if
@@ -26,10 +26,10 @@ interface(`dante_admin',`
allow $1 dante_t:process { ptrace signal_perms };
ps_process_pattern($1, dante_t)
- init_labeled_script_domtrans($1, dante_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 dante_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, dante_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 dante_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, dante_conf_t)
diff --git a/policy/modules/contrib/ddclient.if b/policy/modules/contrib/ddclient.if
index 5606b40..790ed46 100644
--- a/policy/modules/contrib/ddclient.if
+++ b/policy/modules/contrib/ddclient.if
@@ -73,10 +73,10 @@ interface(`ddclient_admin',`
allow $1 ddclient_t:process { ptrace signal_perms };
ps_process_pattern($1, ddclient_t)
- init_labeled_script_domtrans($1, ddclient_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 ddclient_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, ddclient_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 ddclient_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, ddclient_etc_t)
diff --git a/policy/modules/contrib/denyhosts.if b/policy/modules/contrib/denyhosts.if
index a7326da..ee887da 100644
--- a/policy/modules/contrib/denyhosts.if
+++ b/policy/modules/contrib/denyhosts.if
@@ -63,10 +63,10 @@ interface(`denyhosts_admin',`
allow $1 denyhosts_t:process { ptrace signal_perms };
ps_process_pattern($1, denyhosts_t)
- denyhosts_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 denyhosts_initrc_exec_t system_r;
- allow $2 system_r;
+ #denyhosts_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 denyhosts_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var_lib($1)
admin_pattern($1, denyhosts_var_lib_t)
diff --git a/policy/modules/contrib/dhcp.if b/policy/modules/contrib/dhcp.if
index c697edb..fe3f70a 100644
--- a/policy/modules/contrib/dhcp.if
+++ b/policy/modules/contrib/dhcp.if
@@ -84,10 +84,10 @@ interface(`dhcpd_admin',`
allow $1 dhcpd_t:process { ptrace signal_perms };
ps_process_pattern($1, dhcpd_t)
- init_labeled_script_domtrans($1, dhcpd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 dhcpd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, dhcpd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 dhcpd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_tmp($1)
admin_pattern($1, dhcpd_tmp_t)
diff --git a/policy/modules/contrib/dictd.if b/policy/modules/contrib/dictd.if
index 3cc3494..5946e57 100644
--- a/policy/modules/contrib/dictd.if
+++ b/policy/modules/contrib/dictd.if
@@ -41,10 +41,10 @@ interface(`dictd_admin',`
allow $1 dictd_t:process { ptrace signal_perms };
ps_process_pattern($1, dictd_t)
- init_labeled_script_domtrans($1, dictd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 dictd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, dictd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 dictd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, dictd_etc_t)
diff --git a/policy/modules/contrib/dirmngr.if b/policy/modules/contrib/dirmngr.if
index e5f6733..e41f285 100644
--- a/policy/modules/contrib/dirmngr.if
+++ b/policy/modules/contrib/dirmngr.if
@@ -26,10 +26,10 @@ interface(`dirmngr_admin',`
allow $1 dirmngr_t:process { ptrace signal_perms };
ps_process_pattern($1, dirmngr_t)
- init_labeled_script_domtrans($1, dirmngr_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 dirmngr_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, dirmngr_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 dirmngr_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, dirmngr_conf_t)
diff --git a/policy/modules/contrib/distcc.if b/policy/modules/contrib/distcc.if
index 473823d..28a4164 100644
--- a/policy/modules/contrib/distcc.if
+++ b/policy/modules/contrib/distcc.if
@@ -26,10 +26,10 @@ interface(`distcc_admin',`
allow $1 distccd_t:process { ptrace signal_perms };
ps_process_pattern($1, distccd_t)
- init_labeled_script_domtrans($1, distccd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 distccd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, distccd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 distccd_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, distccd_log_t)
diff --git a/policy/modules/contrib/dkim.if b/policy/modules/contrib/dkim.if
index 386e494..7999295 100644
--- a/policy/modules/contrib/dkim.if
+++ b/policy/modules/contrib/dkim.if
@@ -26,10 +26,10 @@ interface(`dkim_admin',`
allow $1 dkim_milter_t:process { ptrace signal_perms };
ps_process_pattern($1, dkim_milter_t)
- init_labeled_script_domtrans($1, dkim_milter_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 dkim_milter_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, dkim_milter_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 dkim_milter_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, dkim_milter_private_key_t)
diff --git a/policy/modules/contrib/dnsmasq.if b/policy/modules/contrib/dnsmasq.if
index 62e4948..0ea06df 100644
--- a/policy/modules/contrib/dnsmasq.if
+++ b/policy/modules/contrib/dnsmasq.if
@@ -273,10 +273,10 @@ interface(`dnsmasq_admin',`
allow $1 dnsmasq_t:process { ptrace signal_perms };
ps_process_pattern($1, dnsmasq_t)
- init_labeled_script_domtrans($1, dnsmasq_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 dnsmasq_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, dnsmasq_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 dnsmasq_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_var_lib($1)
admin_pattern($1, dnsmasq_lease_t)
diff --git a/policy/modules/contrib/dnssectrigger.if b/policy/modules/contrib/dnssectrigger.if
index 456da5c..2e1bd25 100644
--- a/policy/modules/contrib/dnssectrigger.if
+++ b/policy/modules/contrib/dnssectrigger.if
@@ -26,10 +26,10 @@ interface(`dnssectrigger_admin',`
allow $1 dnssec_triggerd_t:process { ptrace signal_perms };
ps_process_pattern($1, dnssec_triggerd_t)
- init_labeled_script_domtrans($1, dnssec_triggerd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 dnssec_triggerd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, dnssec_triggerd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 dnssec_triggerd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, dnssec_trigger_conf_t)
diff --git a/policy/modules/contrib/dovecot.if b/policy/modules/contrib/dovecot.if
index d5badb7..294d61e 100644
--- a/policy/modules/contrib/dovecot.if
+++ b/policy/modules/contrib/dovecot.if
@@ -149,10 +149,10 @@ interface(`dovecot_admin',`
allow $1 dovecot_t:process { ptrace signal_perms };
ps_process_pattern($1, dovecot_t)
- init_labeled_script_domtrans($1, dovecot_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 dovecot_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, dovecot_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 dovecot_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, { dovecot_keytab_t dovecot_etc_t })
diff --git a/policy/modules/contrib/drbd.if b/policy/modules/contrib/drbd.if
index 9a21639..18dbd73 100644
--- a/policy/modules/contrib/drbd.if
+++ b/policy/modules/contrib/drbd.if
@@ -46,10 +46,10 @@ interface(`drbd_admin',`
allow $1 drbd_t:process { ptrace signal_perms };
ps_process_pattern($1, drbd_t)
- init_labeled_script_domtrans($1, drbd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 drbd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, drbd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 drbd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_locks($1)
admin_pattern($1, drbd_lock_t)
diff --git a/policy/modules/contrib/dspam.if b/policy/modules/contrib/dspam.if
index 18f2452..b16cb67 100644
--- a/policy/modules/contrib/dspam.if
+++ b/policy/modules/contrib/dspam.if
@@ -66,10 +66,10 @@ interface(`dspam_admin',`
allow $1 dspam_t:process { ptrace signal_perms };
ps_process_pattern($1, dspam_t)
- init_labeled_script_domtrans($1, dspam_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 dspam_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, dspam_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 dspam_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, dspam_log_t)
diff --git a/policy/modules/contrib/entropyd.if b/policy/modules/contrib/entropyd.if
index 1161fbf..1fc147c 100644
--- a/policy/modules/contrib/entropyd.if
+++ b/policy/modules/contrib/entropyd.if
@@ -25,10 +25,10 @@ interface(`entropyd_admin',`
allow $1 entropyd_t:process { ptrace signal_perms };
ps_process_pattern($1, entropyd_t)
- init_labeled_script_domtrans($1, entropyd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 entropyd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, entropyd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 entropyd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, entropyd_var_run_t)
diff --git a/policy/modules/contrib/exim.if b/policy/modules/contrib/exim.if
index 9bbc690..16d2922 100644
--- a/policy/modules/contrib/exim.if
+++ b/policy/modules/contrib/exim.if
@@ -288,10 +288,10 @@ interface(`exim_admin',`
allow $1 exim_t:process { ptrace signal_perms };
ps_process_pattern($1, exim_t)
- init_labeled_script_domtrans($1, exim_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 exim_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, exim_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 exim_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, exim_keytab_t)
diff --git a/policy/modules/contrib/fail2ban.if b/policy/modules/contrib/fail2ban.if
index 50d0084..0d23647 100644
--- a/policy/modules/contrib/fail2ban.if
+++ b/policy/modules/contrib/fail2ban.if
@@ -266,10 +266,10 @@ interface(`fail2ban_admin',`
allow $1 { fail2ban_t fail2ban_client_t }:process { ptrace signal_perms };
ps_process_pattern($1, { fail2ban_t fail2ban_client_t })
- init_labeled_script_domtrans($1, fail2ban_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 fail2ban_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, fail2ban_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 fail2ban_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_list_logs($1)
admin_pattern($1, fail2ban_log_t)
diff --git a/policy/modules/contrib/fcoe.if b/policy/modules/contrib/fcoe.if
index c3484a9..e8b2446 100644
--- a/policy/modules/contrib/fcoe.if
+++ b/policy/modules/contrib/fcoe.if
@@ -44,10 +44,10 @@ interface(`fcoe_admin',`
allow $1 fcoemon_t:process { ptrace signal_perms };
ps_process_pattern($1, fcoemon_t)
- init_labeled_script_domtrans($1, fcoemon_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 fcoemon_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, fcoemon_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 fcoemon_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, fcoemon_var_run_t)
diff --git a/policy/modules/contrib/fetchmail.if b/policy/modules/contrib/fetchmail.if
index c3f7916..8823986 100644
--- a/policy/modules/contrib/fetchmail.if
+++ b/policy/modules/contrib/fetchmail.if
@@ -23,10 +23,10 @@ interface(`fetchmail_admin',`
type fetchmail_var_run_t, fetchmail_initrc_exec_t, fetchmail_log_t;
')
- init_labeled_script_domtrans($1, fetchmail_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 fetchmail_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, fetchmail_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 fetchmail_initrc_exec_t system_r;
+ #allow $2 system_r;
allow $1 fetchmail_t:process { ptrace signal_perms };
ps_process_pattern($1, fetchmail_t)
diff --git a/policy/modules/contrib/firewalld.if b/policy/modules/contrib/firewalld.if
index c62c567..cbe9016 100644
--- a/policy/modules/contrib/firewalld.if
+++ b/policy/modules/contrib/firewalld.if
@@ -86,10 +86,10 @@ interface(`firewalld_admin',`
allow $1 firewalld_t:process { ptrace signal_perms };
ps_process_pattern($1, firewalld_t)
- init_labeled_script_domtrans($1, firewalld_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 firewalld_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, firewalld_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 firewalld_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, firewalld_var_run_t)
diff --git a/policy/modules/contrib/ftp.if b/policy/modules/contrib/ftp.if
index 65adda9..5d7a53f 100644
--- a/policy/modules/contrib/ftp.if
+++ b/policy/modules/contrib/ftp.if
@@ -182,10 +182,10 @@ interface(`ftp_admin',`
allow $1 { ftpd_t ftpdctl_t sftpd_t anon_sftpd_t }:process { ptrace signal_perms };
ps_process_pattern($1, { ftpd_t ftpdctl_t sftpd_t anon_sftpd_t })
- init_labeled_script_domtrans($1, ftpd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 ftpd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, ftpd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 ftpd_initrc_exec_t system_r;
+ #allow $2 system_r;
miscfiles_manage_public_files($1)
diff --git a/policy/modules/contrib/gatekeeper.if b/policy/modules/contrib/gatekeeper.if
index 30926d7..879de37 100644
--- a/policy/modules/contrib/gatekeeper.if
+++ b/policy/modules/contrib/gatekeeper.if
@@ -26,10 +26,10 @@ interface(`gatekeeper_admin',`
allow $1 gatekeeper_t:process { ptrace signal_perms };
ps_process_pattern($1, gatekeeper_t)
- init_labeled_script_domtrans($1, gatekeeper_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 gatekeeper_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, gatekeeper_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 gatekeeper_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, gatekeeper_etc_t)
diff --git a/policy/modules/contrib/gdomap.if b/policy/modules/contrib/gdomap.if
index 7d6b6b7..b4ebe6c 100644
--- a/policy/modules/contrib/gdomap.if
+++ b/policy/modules/contrib/gdomap.if
@@ -45,10 +45,10 @@ interface(`gdomap_admin',`
allow $1 gdomap_t:process { ptrace signal_perms };
ps_process_pattern($1, gdomap_t)
- init_labeled_script_domtrans($1, gdomap_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 gdomap_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, gdomap_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 gdomap_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, gdomap_conf_t)
diff --git a/policy/modules/contrib/glance.if b/policy/modules/contrib/glance.if
index 9eacb2c..6966abb 100644
--- a/policy/modules/contrib/glance.if
+++ b/policy/modules/contrib/glance.if
@@ -245,10 +245,10 @@ interface(`glance_admin',`
allow $1 { glance_api_t glance_registry_t }:process signal_perms;
ps_process_pattern($1, { glance_api_t glance_registry_t })
- init_labeled_script_domtrans($1, { glance_api_initrc_exec_t glance_registry_initrc_exec_t })
- domain_system_change_exemption($1)
- role_transition $2 { glance_api_initrc_exec_t glance_registry_initrc_exec_t } system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, { glance_api_initrc_exec_t glance_registry_initrc_exec_t })
+ #domain_system_change_exemption($1)
+ #role_transition $2 { glance_api_initrc_exec_t glance_registry_initrc_exec_t } system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, glance_log_t)
diff --git a/policy/modules/contrib/glusterfs.if b/policy/modules/contrib/glusterfs.if
index 05233c8..c121fda 100644
--- a/policy/modules/contrib/glusterfs.if
+++ b/policy/modules/contrib/glusterfs.if
@@ -46,10 +46,10 @@ interface(`glusterfs_admin',`
type glusterd_var_run_t;
')
- init_labeled_script_domtrans($1, glusterd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 glusterd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, glusterd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 glusterd_initrc_exec_t system_r;
+ #allow $2 system_r;
allow $1 glusterd_t:process { ptrace signal_perms };
ps_process_pattern($1, glusterd_t)
diff --git a/policy/modules/contrib/gpm.if b/policy/modules/contrib/gpm.if
index f1528c9..65818dc 100644
--- a/policy/modules/contrib/gpm.if
+++ b/policy/modules/contrib/gpm.if
@@ -106,10 +106,10 @@ interface(`gpm_admin',`
allow $1 gpm_t:process { ptrace signal_perms };
ps_process_pattern($1, gpm_t)
- init_labeled_script_domtrans($1, gpm_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 gpm_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, gpm_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 gpm_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, gpm_conf_t)
diff --git a/policy/modules/contrib/gpsd.if b/policy/modules/contrib/gpsd.if
index 92eb564..6d077a4 100644
--- a/policy/modules/contrib/gpsd.if
+++ b/policy/modules/contrib/gpsd.if
@@ -91,10 +91,10 @@ interface(`gpsd_admin',`
allow $1 gpsd_t:process { ptrace signal_perms };
ps_process_pattern($1, gpsd_t)
- init_labeled_script_domtrans($1, gpsd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 gpsd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, gpsd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 gpsd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, gpsd_var_run_t)
diff --git a/policy/modules/contrib/hadoop.if b/policy/modules/contrib/hadoop.if
index 2b0d488..48f93d3 100644
--- a/policy/modules/contrib/hadoop.if
+++ b/policy/modules/contrib/hadoop.if
@@ -441,10 +441,10 @@ interface(`hadoop_admin',`
allow $1 { hadoop_domain hadoop_initrc_domain hadoop_t zookeeper_t zookeeper_server_t }:process { ptrace signal_perms };
ps_process_pattern($1, { hadoop_domain hadoop_initrc_domain hadoop_t zookeeper_t zookeeper_server_t })
- init_labeled_script_domtrans($1, hadoop_init_script_file)
- domain_system_change_exemption($1)
- role_transition $2 hadoop_init_script_file system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, hadoop_init_script_file)
+ #domain_system_change_exemption($1)
+ #role_transition $2 hadoop_init_script_file system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, { hadoop_etc_t zookeeper_etc_t })
diff --git a/policy/modules/contrib/hddtemp.if b/policy/modules/contrib/hddtemp.if
index 1728071..718fc12 100644
--- a/policy/modules/contrib/hddtemp.if
+++ b/policy/modules/contrib/hddtemp.if
@@ -63,10 +63,10 @@ interface(`hddtemp_admin',`
allow $1 hddtemp_t:process { ptrace signal_perms };
ps_process_pattern($1, hddtemp_t)
- init_labeled_script_domtrans($1, hddtemp_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 hddtemp_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, hddtemp_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 hddtemp_initrc_exec_t system_r;
+ #allow $2 system_r;
admin_pattern($1, hddtemp_etc_t)
files_search_etc($1)
diff --git a/policy/modules/contrib/howl.if b/policy/modules/contrib/howl.if
index dc609f0..d67eac5 100644
--- a/policy/modules/contrib/howl.if
+++ b/policy/modules/contrib/howl.if
@@ -43,10 +43,10 @@ interface(`howl_admin',`
allow $1 howl_t:process { ptrace signal_perms };
ps_process_pattern($1, howl_t)
- init_labeled_script_domtrans($1, howl_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 howl_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, howl_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 howl_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, howl_var_run_t)
diff --git a/policy/modules/contrib/hypervkvp.if b/policy/modules/contrib/hypervkvp.if
index 6517fad..d483ebe 100644
--- a/policy/modules/contrib/hypervkvp.if
+++ b/policy/modules/contrib/hypervkvp.if
@@ -25,8 +25,8 @@ interface(`hypervkvp_admin',`
allow $1 hypervkvpd_t:process { ptrace signal_perms };
ps_process_pattern($1, hypervkvpd_t)
- init_labeled_script_domtrans($1, hypervkvpd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 hypervkvpd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, hypervkvpd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 hypervkvpd_initrc_exec_t system_r;
+ #allow $2 system_r;
')
diff --git a/policy/modules/contrib/i18n_input.if b/policy/modules/contrib/i18n_input.if
index 5eab254..dd6c6a9 100644
--- a/policy/modules/contrib/i18n_input.if
+++ b/policy/modules/contrib/i18n_input.if
@@ -40,10 +40,10 @@ interface(`i18n_input_admin',`
allow $1 i18n_input_t:process { ptrace signal_perms };
ps_process_pattern($1, i18n_input_t)
- init_labeled_script_domtrans($1, i18n_input_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 i18n_input_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, i18n_input_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 i18n_input_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, i18n_input_var_run_t)
diff --git a/policy/modules/contrib/icecast.if b/policy/modules/contrib/icecast.if
index 580b533..0235592 100644
--- a/policy/modules/contrib/icecast.if
+++ b/policy/modules/contrib/icecast.if
@@ -176,10 +176,10 @@ interface(`icecast_admin',`
type icecast_var_run_t;
')
- icecast_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 icecast_initrc_exec_t system_r;
- allow $2 system_r;
+ #icecast_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 icecast_initrc_exec_t system_r;
+ #allow $2 system_r;
allow $1 icecast_t:process { ptrace signal_perms };
ps_process_pattern($1, icecast_t)
diff --git a/policy/modules/contrib/ifplugd.if b/policy/modules/contrib/ifplugd.if
index 8999899..bc3884d 100644
--- a/policy/modules/contrib/ifplugd.if
+++ b/policy/modules/contrib/ifplugd.if
@@ -122,10 +122,10 @@ interface(`ifplugd_admin',`
allow $1 ifplugd_t:process { ptrace signal_perms };
ps_process_pattern($1, ifplugd_t)
- init_labeled_script_domtrans($1, ifplugd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 ifplugd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, ifplugd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 ifplugd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, ifplugd_etc_t)
diff --git a/policy/modules/contrib/inn.if b/policy/modules/contrib/inn.if
index eb87f23..91b81e9 100644
--- a/policy/modules/contrib/inn.if
+++ b/policy/modules/contrib/inn.if
@@ -230,10 +230,10 @@ interface(`inn_admin',`
type innd_var_run_t, innd_initrc_exec_t;
')
- init_labeled_script_domtrans($1, innd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 innd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, innd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 innd_initrc_exec_t system_r;
+ #allow $2 system_r;
allow $1 innd_t:process { ptrace signal_perms };
ps_process_pattern($1, innd_t)
diff --git a/policy/modules/contrib/iodine.if b/policy/modules/contrib/iodine.if
index a0bfbd0..f034884 100644
--- a/policy/modules/contrib/iodine.if
+++ b/policy/modules/contrib/iodine.if
@@ -47,8 +47,8 @@ interface(`iodine_admin',`
allow $1 iodined_t:process { ptrace signal_perms };
ps_process_pattern($1, iodined_t)
- init_labeled_script_domtrans($1, iodined_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 iodined_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, iodined_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 iodined_initrc_exec_t system_r;
+ #allow $2 system_r;
')
diff --git a/policy/modules/contrib/ircd.if b/policy/modules/contrib/ircd.if
index 1a88664..6d057fd 100644
--- a/policy/modules/contrib/ircd.if
+++ b/policy/modules/contrib/ircd.if
@@ -23,10 +23,10 @@ interface(`ircd_admin',`
type ircd_log_t, ircd_var_lib_t, ircd_var_run_t;
')
- init_labeled_script_domtrans($1, ircd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 ircd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, ircd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 ircd_initrc_exec_t system_r;
+ #allow $2 system_r;
allow $1 ircd_t:process { ptrace signal_perms };
ps_process_pattern($1, ircd_t)
diff --git a/policy/modules/contrib/irqbalance.if b/policy/modules/contrib/irqbalance.if
index d7113e7..5f97e41 100644
--- a/policy/modules/contrib/irqbalance.if
+++ b/policy/modules/contrib/irqbalance.if
@@ -25,10 +25,10 @@ interface(`irqbalance_admin',`
allow $1 irqbalance_t:process { ptrace signal_perms };
ps_process_pattern($1, irqbalance_t)
- init_labeled_script_domtrans($1, irqbalance_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 irqbalance_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, irqbalance_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 irqbalance_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, irqbalance_var_run_t)
diff --git a/policy/modules/contrib/iscsi.if b/policy/modules/contrib/iscsi.if
index 1a35420..9e73947 100644
--- a/policy/modules/contrib/iscsi.if
+++ b/policy/modules/contrib/iscsi.if
@@ -105,10 +105,10 @@ interface(`iscsi_admin',`
allow $1 iscsid_t:process { ptrace signal_perms };
ps_process_pattern($1, iscsid_t)
- init_labeled_script_domtrans($1, iscsi_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 iscsi_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, iscsi_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 iscsi_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, iscsi_log_t)
diff --git a/policy/modules/contrib/isns.if b/policy/modules/contrib/isns.if
index da7e970..baf3539 100644
--- a/policy/modules/contrib/isns.if
+++ b/policy/modules/contrib/isns.if
@@ -26,10 +26,10 @@ interface(`isnsd_admin',`
allow $1 isnsd_t:process { ptrace signal_perms };
ps_process_pattern($1, isnsd_t)
- init_labeled_script_domtrans($1, isnsd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 isnsd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, isnsd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 isnsd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var_lib($1)
admin_pattern($1, isnsd_var_lib_t)
diff --git a/policy/modules/contrib/jabber.if b/policy/modules/contrib/jabber.if
index 7eb3811..dda272b 100644
--- a/policy/modules/contrib/jabber.if
+++ b/policy/modules/contrib/jabber.if
@@ -81,10 +81,10 @@ interface(`jabber_admin',`
allow $1 jabberd_domain:process { ptrace signal_perms };
ps_process_pattern($1, jabberd_domain)
- init_labeled_script_domtrans($1, jabberd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 jabberd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, jabberd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 jabberd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_locks($1)
admin_pattern($1, jabberd_lock_t)
diff --git a/policy/modules/contrib/kdump.if b/policy/modules/contrib/kdump.if
index 3a00b3a..804c498 100644
--- a/policy/modules/contrib/kdump.if
+++ b/policy/modules/contrib/kdump.if
@@ -102,10 +102,10 @@ interface(`kdump_admin',`
allow $1 { kdump_t kdumpctl_t }:process { ptrace signal_perms };
ps_process_pattern($1, { kdump_t kdumpctl_t })
- init_labeled_script_domtrans($1, kdump_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 kdump_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, kdump_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 kdump_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, kdump_etc_t)
diff --git a/policy/modules/contrib/kerberos.if b/policy/modules/contrib/kerberos.if
index 77a5c49..ab3f24e 100644
--- a/policy/modules/contrib/kerberos.if
+++ b/policy/modules/contrib/kerberos.if
@@ -493,10 +493,10 @@ interface(`kerberos_admin',`
allow $1 { kadmind_t krb5kdc_t kpropd_t }:process { ptrace signal_perms };
ps_process_pattern($1, { kadmind_t krb5kdc_t kpropd_t })
- init_labeled_script_domtrans($1, kerberos_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 kerberos_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, kerberos_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 kerberos_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_list_logs($1)
admin_pattern($1, kadmind_log_t)
diff --git a/policy/modules/contrib/kerneloops.if b/policy/modules/contrib/kerneloops.if
index 714448f..7e50bdd 100644
--- a/policy/modules/contrib/kerneloops.if
+++ b/policy/modules/contrib/kerneloops.if
@@ -108,10 +108,10 @@ interface(`kerneloops_admin',`
allow $1 kerneloops_t:process { ptrace signal_perms };
ps_process_pattern($1, kerneloops_t)
- init_labeled_script_domtrans($1, kerneloops_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 kerneloops_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, kerneloops_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 kerneloops_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_tmp($1)
admin_pattern($1, kerneloops_tmp_t)
diff --git a/policy/modules/contrib/keystone.if b/policy/modules/contrib/keystone.if
index e88fb16..7407597 100644
--- a/policy/modules/contrib/keystone.if
+++ b/policy/modules/contrib/keystone.if
@@ -26,10 +26,10 @@ interface(`keystone_admin',`
allow $1 keystone_t:process { ptrace signal_perms };
ps_process_pattern($1, keystone_t)
- init_labeled_script_domtrans($1, keystone_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 keystone_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, keystone_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 keystone_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, keystone_log_t)
diff --git a/policy/modules/contrib/kismet.if b/policy/modules/contrib/kismet.if
index f20de6e..1a3bc7d 100644
--- a/policy/modules/contrib/kismet.if
+++ b/policy/modules/contrib/kismet.if
@@ -286,10 +286,10 @@ interface(`kismet_admin',`
type kismet_log_t, kismet_tmp_t, kismet_initrc_exec_t;
')
- init_labeled_script_domtrans($1, kismet_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 kismet_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, kismet_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 kismet_initrc_exec_t system_r;
+ #allow $2 system_r;
ps_process_pattern($1, kismet_t)
allow $1 kismet_t:process { ptrace signal_perms };
diff --git a/policy/modules/contrib/ksmtuned.if b/policy/modules/contrib/ksmtuned.if
index 93a64bc..663a091 100644
--- a/policy/modules/contrib/ksmtuned.if
+++ b/policy/modules/contrib/ksmtuned.if
@@ -61,10 +61,10 @@ interface(`ksmtuned_admin',`
type ksmtuned_initrc_exec_t, ksmtuned_log_t;
')
- ksmtuned_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 ksmtuned_initrc_exec_t system_r;
- allow $2 system_r;
+ #ksmtuned_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 ksmtuned_initrc_exec_t system_r;
+ #allow $2 system_r;
allow $1 ksmtuned_t:process { ptrace signal_perms };
ps_process_pattern($1, ksmtuned_t)
diff --git a/policy/modules/contrib/kudzu.if b/policy/modules/contrib/kudzu.if
index 5297064..db57d00 100644
--- a/policy/modules/contrib/kudzu.if
+++ b/policy/modules/contrib/kudzu.if
@@ -89,10 +89,10 @@ interface(`kudzu_admin',`
allow $1 kudzu_t:process { ptrace signal_perms };
ps_process_pattern($1, kudzu_t)
- init_labeled_script_domtrans($1, kudzu_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 kudzu_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, kudzu_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 kudzu_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_tmp($1)
admin_pattern($1, kudzu_tmp_t)
diff --git a/policy/modules/contrib/l2tp.if b/policy/modules/contrib/l2tp.if
index 73e2803..5f364d2 100644
--- a/policy/modules/contrib/l2tp.if
+++ b/policy/modules/contrib/l2tp.if
@@ -86,10 +86,10 @@ interface(`l2tp_admin',`
allow $1 l2tpd_t:process { ptrace signal_perms };
ps_process_pattern($1, l2tpd_t)
- init_labeled_script_domtrans($1, l2tpd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 l2tpd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, l2tpd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 l2tpd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, l2tp_conf_t)
diff --git a/policy/modules/contrib/ldap.if b/policy/modules/contrib/ldap.if
index 7f09b4a..bb0ca32 100644
--- a/policy/modules/contrib/ldap.if
+++ b/policy/modules/contrib/ldap.if
@@ -122,10 +122,10 @@ interface(`ldap_admin',`
allow $1 slapd_t:process { ptrace signal_perms };
ps_process_pattern($1, slapd_t)
- init_labeled_script_domtrans($1, slapd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 slapd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, slapd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 slapd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, { slapd_etc_t slapd_db_t slapd_cert_t slapd_keytab_t })
diff --git a/policy/modules/contrib/likewise.if b/policy/modules/contrib/likewise.if
index bd20e8c..3813742 100644
--- a/policy/modules/contrib/likewise.if
+++ b/policy/modules/contrib/likewise.if
@@ -110,10 +110,10 @@ interface(`likewise_admin',`
allow $1 likewise_domains:process { ptrace signal_perms };
ps_process_pattern($1, likewise_domains)
- init_labeled_script_domtrans($1, likewise_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 likewise_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, likewise_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 likewise_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, { likewise_etc_t likewise_pstore_lock_t likewise_krb5_ad_t })
diff --git a/policy/modules/contrib/lircd.if b/policy/modules/contrib/lircd.if
index dff21a7..50996eb 100644
--- a/policy/modules/contrib/lircd.if
+++ b/policy/modules/contrib/lircd.if
@@ -84,10 +84,10 @@ interface(`lircd_admin',`
allow $1 lircd_t:process { ptrace signal_perms };
ps_process_pattern($1, lircd_t)
- init_labeled_script_domtrans($1, lircd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 lircd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, lircd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 lircd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, lircd_etc_t)
diff --git a/policy/modules/contrib/lldpad.if b/policy/modules/contrib/lldpad.if
index d18c960..612d86f 100644
--- a/policy/modules/contrib/lldpad.if
+++ b/policy/modules/contrib/lldpad.if
@@ -45,10 +45,10 @@ interface(`lldpad_admin',`
allow $1 lldpad_t:process { ptrace signal_perms };
ps_process_pattern($1, lldpad_t)
- init_labeled_script_domtrans($1, lldpad_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 lldpad_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, lldpad_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 lldpad_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var_lib($1)
admin_pattern($1, lldpad_var_lib_t)
diff --git a/policy/modules/contrib/mailscanner.if b/policy/modules/contrib/mailscanner.if
index 214cb44..d3bd6c5 100644
--- a/policy/modules/contrib/mailscanner.if
+++ b/policy/modules/contrib/mailscanner.if
@@ -47,10 +47,10 @@ interface(`mscan_admin',`
allow $1 mscan_t:process { ptrace signal_perms };
ps_process_pattern($1, mscan_t)
- init_labeled_script_domtrans($1, mscan_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 mscan_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, mscan_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 mscan_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, mscan_etc_t)
diff --git a/policy/modules/contrib/mcelog.if b/policy/modules/contrib/mcelog.if
index f89651e..82b0846 100644
--- a/policy/modules/contrib/mcelog.if
+++ b/policy/modules/contrib/mcelog.if
@@ -45,10 +45,10 @@ interface(`mcelog_admin',`
allow $1 mcelog_t:process { ptrace signal_perms };
ps_process_pattern($1, mcelog_t)
- init_labeled_script_domtrans($1, mcelog_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 mcelog_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, mcelog_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 mcelog_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, mcelog_etc_t)
diff --git a/policy/modules/contrib/memcached.if b/policy/modules/contrib/memcached.if
index 1d4eb19..6b3c3dc 100644
--- a/policy/modules/contrib/memcached.if
+++ b/policy/modules/contrib/memcached.if
@@ -124,10 +124,10 @@ interface(`memcached_admin',`
allow $1 memcached_t:process { ptrace signal_perms };
ps_process_pattern($1, memcached_t)
- init_labeled_script_domtrans($1, memcached_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 memcached_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, memcached_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 memcached_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, memcached_var_run_t)
diff --git a/policy/modules/contrib/minidlna.if b/policy/modules/contrib/minidlna.if
index 358917a..e58f50a 100644
--- a/policy/modules/contrib/minidlna.if
+++ b/policy/modules/contrib/minidlna.if
@@ -26,10 +26,10 @@ interface(`minidlna_admin',`
allow $1 minidlna_t:process { ptrace signal_perms };
ps_process_pattern($1, minidlna_t)
- minidlna_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 minidlna_initrc_exec_t system_r;
- allow $2 system_r;
+ #minidlna_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 minidlna_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, minidlna_conf_t)
diff --git a/policy/modules/contrib/minissdpd.if b/policy/modules/contrib/minissdpd.if
index f37a116..3121ce0 100644
--- a/policy/modules/contrib/minissdpd.if
+++ b/policy/modules/contrib/minissdpd.if
@@ -45,10 +45,10 @@ interface(`minissdpd_admin',`
allow $1 minissdpd_t:process { ptrace signal_perms };
ps_process_pattern($1, minissdpd_t)
- init_labeled_script_domtrans($1, minissdpd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 minissdpd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, minissdpd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 minissdpd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, minissdpd_conf_t)
diff --git a/policy/modules/contrib/mongodb.if b/policy/modules/contrib/mongodb.if
index b247d25..80ba75c 100644
--- a/policy/modules/contrib/mongodb.if
+++ b/policy/modules/contrib/mongodb.if
@@ -26,10 +26,10 @@ interface(`mongodb_admin',`
allow $1 mongod_t:process { ptrace signal_perms };
ps_process_pattern($1, mongod_t)
- init_labeled_script_domtrans($1, mongod_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 mongod_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, mongod_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 mongod_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, mongod_log_t)
diff --git a/policy/modules/contrib/monop.if b/policy/modules/contrib/monop.if
index a6ec137..a798087 100644
--- a/policy/modules/contrib/monop.if
+++ b/policy/modules/contrib/monop.if
@@ -26,10 +26,10 @@ interface(`monop_admin',`
allow $1 monopd_t:process { ptrace signal_perms };
ps_process_pattern($1, monopd_t)
- init_labeled_script_domtrans($1, monopd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 monopd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, monopd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 monopd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, monopd_etc_t)
diff --git a/policy/modules/contrib/mpd.if b/policy/modules/contrib/mpd.if
index 5fa77c7..9be1aa8 100644
--- a/policy/modules/contrib/mpd.if
+++ b/policy/modules/contrib/mpd.if
@@ -347,10 +347,10 @@ interface(`mpd_admin',`
allow $1 mpd_t:process { ptrace signal_perms };
ps_process_pattern($1, mpd_t)
- mpd_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 mpd_initrc_exec_t system_r;
- allow $2 system_r;
+ #mpd_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 mpd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, mpd_etc_t)
diff --git a/policy/modules/contrib/mrtg.if b/policy/modules/contrib/mrtg.if
index c595094..aeac4b2 100644
--- a/policy/modules/contrib/mrtg.if
+++ b/policy/modules/contrib/mrtg.if
@@ -47,10 +47,10 @@ interface(`mrtg_admin',`
allow $1 mrtg_t:process { ptrace signal_perms };
ps_process_pattern($1, mrtg_t)
- init_labeled_script_domtrans($1, mrtg_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 mrtg_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, mrtg_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 mrtg_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, mrtg_etc_t)
diff --git a/policy/modules/contrib/munin.if b/policy/modules/contrib/munin.if
index b744fe3..b540634 100644
--- a/policy/modules/contrib/munin.if
+++ b/policy/modules/contrib/munin.if
@@ -173,10 +173,10 @@ interface(`munin_admin',`
allow $1 { munin_plugin_domain munin_t }:process { ptrace signal_perms };
ps_process_pattern($1, { munin_plugin_domain munin_t })
- init_labeled_script_domtrans($1, munin_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 munin_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, munin_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 munin_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_tmp($1)
admin_pattern($1, { munin_tmp_t munin_plugin_tmp_content })
diff --git a/policy/modules/contrib/mysql.if b/policy/modules/contrib/mysql.if
index 590748a..5535d22 100644
--- a/policy/modules/contrib/mysql.if
+++ b/policy/modules/contrib/mysql.if
@@ -450,10 +450,10 @@ interface(`mysql_admin',`
allow $1 { mysqld_safe_t mysqld_t mysqlmanagerd_t }:process { ptrace signal_perms };
ps_process_pattern($1, { mysqld_safe_t mysqld_t mysqlmanagerd_t })
- init_labeled_script_domtrans($1, { mysqlmanagerd_initrc_exec_t mysqld_initrc_exec_t })
- domain_system_change_exemption($1)
- role_transition $2 { mysqlmanagerd_initrc_exec_t mysqld_initrc_exec_t } system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, { mysqlmanagerd_initrc_exec_t mysqld_initrc_exec_t })
+ #domain_system_change_exemption($1)
+ #role_transition $2 { mysqlmanagerd_initrc_exec_t mysqld_initrc_exec_t } system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, { mysqlmanagerd_var_run_t mysqld_var_run_t })
diff --git a/policy/modules/contrib/nagios.if b/policy/modules/contrib/nagios.if
index 0641e97..8289ecb 100644
--- a/policy/modules/contrib/nagios.if
+++ b/policy/modules/contrib/nagios.if
@@ -204,10 +204,10 @@ interface(`nagios_admin',`
allow $1 { nagios_t nrpe_t nagios_plugin_domain }:process { ptrace signal_perms };
ps_process_pattern($1, { nagios_t nrpe_t nagios_plugin_domain })
- init_labeled_script_domtrans($1, nagios_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 nagios_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, nagios_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 nagios_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_tmp($1)
admin_pattern($1, { nagios_eventhandler_plugin_tmp_t nagios_tmp_t nagios_system_plugin_tmp_t })
diff --git a/policy/modules/contrib/nessus.if b/policy/modules/contrib/nessus.if
index 42e9ed4..5fa68ad 100644
--- a/policy/modules/contrib/nessus.if
+++ b/policy/modules/contrib/nessus.if
@@ -40,10 +40,10 @@ interface(`nessus_admin',`
allow $1 nessusd_t:process { ptrace signal_perms };
ps_process_pattern($1, nessusd_t)
- init_labeled_script_domtrans($1, nessusd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 nessusd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, nessusd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 nessusd_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, nessusd_log_t)
diff --git a/policy/modules/contrib/networkmanager.if b/policy/modules/contrib/networkmanager.if
index b512ce0..7e1b861 100644
--- a/policy/modules/contrib/networkmanager.if
+++ b/policy/modules/contrib/networkmanager.if
@@ -297,10 +297,10 @@ interface(`networkmanager_admin',`
allow $1 { wpa_cli_t NetworkManager_t }:process { ptrace signal_perms };
ps_process_pattern($1, { wpa_cli_t NetworkManager_t })
- init_labeled_script_domtrans($1, NetworkManager_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 NetworkManager_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, NetworkManager_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 NetworkManager_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, { NetworkManager_etc_t NetworkManager_etc_rw_t })
diff --git a/policy/modules/contrib/nis.if b/policy/modules/contrib/nis.if
index 46e55c3..8000aa6 100644
--- a/policy/modules/contrib/nis.if
+++ b/policy/modules/contrib/nis.if
@@ -381,11 +381,11 @@ interface(`nis_admin',`
allow $1 { ypbind_t yppasswdd_t ypserv_t ypxfr_t }:process { ptrace signal_perms };
ps_process_pattern($1, { ypbind_t yppasswdd_t ypserv_t ypxfr_t })
- nis_initrc_domtrans($1)
- nis_initrc_domtrans_ypbind($1)
- domain_system_change_exemption($1)
- role_transition $2 { nis_initrc_exec_t ypbind_initrc_exec_t } system_r;
- allow $2 system_r;
+ #nis_initrc_domtrans($1)
+ #nis_initrc_domtrans_ypbind($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 { nis_initrc_exec_t ypbind_initrc_exec_t } system_r;
+ #allow $2 system_r;
files_list_tmp($1)
admin_pattern($1, { ypserv_tmp_t ypbind_tmp_t })
diff --git a/policy/modules/contrib/nscd.if b/policy/modules/contrib/nscd.if
index 8f2ab09..7d046d2 100644
--- a/policy/modules/contrib/nscd.if
+++ b/policy/modules/contrib/nscd.if
@@ -299,10 +299,10 @@ interface(`nscd_admin',`
allow $1 nscd_t:process { ptrace signal_perms };
ps_process_pattern($1, nscd_t)
- init_labeled_script_domtrans($1, nscd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 nscd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, nscd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 nscd_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_list_logs($1)
admin_pattern($1, nscd_log_t)
diff --git a/policy/modules/contrib/nsd.if b/policy/modules/contrib/nsd.if
index a9c60ff..6b42add 100644
--- a/policy/modules/contrib/nsd.if
+++ b/policy/modules/contrib/nsd.if
@@ -54,10 +54,10 @@ interface(`nsd_admin',`
allow $1 nsd_t:process { ptrace signal_perms };
ps_process_pattern($1, nsd_t)
- init_labeled_script_domtrans($1, nsd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 nsd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, nsd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 nsd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, { nsd_conf_t nsd_db_t })
diff --git a/policy/modules/contrib/nslcd.if b/policy/modules/contrib/nslcd.if
index bbd7cac..4c7aee8 100644
--- a/policy/modules/contrib/nslcd.if
+++ b/policy/modules/contrib/nslcd.if
@@ -102,10 +102,10 @@ interface(`nslcd_admin',`
allow $1 nslcd_t:process { ptrace signal_perms };
ps_process_pattern($1, nslcd_t)
- nslcd_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 nslcd_initrc_exec_t system_r;
- allow $2 system_r;
+ #nslcd_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 nslcd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, nslcd_conf_t)
diff --git a/policy/modules/contrib/ntop.if b/policy/modules/contrib/ntop.if
index beaee73..756b0cc 100644
--- a/policy/modules/contrib/ntop.if
+++ b/policy/modules/contrib/ntop.if
@@ -26,10 +26,10 @@ interface(`ntop_admin',`
allow $1 ntop_t:process { ptrace signal_perms };
ps_process_pattern($1, ntop_t)
- init_labeled_script_domtrans($1, ntop_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 ntop_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, ntop_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 ntop_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, ntop_etc_t)
diff --git a/policy/modules/contrib/ntp.if b/policy/modules/contrib/ntp.if
index 6a83626..02e6320 100644
--- a/policy/modules/contrib/ntp.if
+++ b/policy/modules/contrib/ntp.if
@@ -166,10 +166,10 @@ interface(`ntp_admin',`
allow $1 ntpd_t:process { ptrace signal_perms };
ps_process_pattern($1, ntpd_t)
- init_labeled_script_domtrans($1, ntpd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 ntpd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, ntpd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 ntpd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, { ntpd_key_t ntp_conf_t })
diff --git a/policy/modules/contrib/numad.if b/policy/modules/contrib/numad.if
index 0d3c270..d5c4a6d 100644
--- a/policy/modules/contrib/numad.if
+++ b/policy/modules/contrib/numad.if
@@ -26,10 +26,10 @@ interface(`numad_admin',`
allow $1 numad_t:process { ptrace signal_perms };
ps_process_pattern($1, numad_t)
- init_labeled_script_domtrans($1, numad_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 numad_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, numad_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 numad_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, numad_log_t)
diff --git a/policy/modules/contrib/nut.if b/policy/modules/contrib/nut.if
index c606ae6..f0f6b74 100644
--- a/policy/modules/contrib/nut.if
+++ b/policy/modules/contrib/nut.if
@@ -26,10 +26,10 @@ interface(`nut_admin',`
allow $1 nut_domain:process { ptrace signal_perms };
ps_process_pattern($1, nut_domain)
- init_labeled_script_domtrans($1, nut_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 nut_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, nut_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 nut_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, nut_conf_t)
diff --git a/policy/modules/contrib/oident.if b/policy/modules/contrib/oident.if
index 513f452..c4d4419 100644
--- a/policy/modules/contrib/oident.if
+++ b/policy/modules/contrib/oident.if
@@ -131,10 +131,10 @@ interface(`oident_admin',`
allow $1 oidentd_t:process { ptrace signal_perms };
ps_process_pattern($1, oidentd_t)
- init_labeled_script_domtrans($1, oidentd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 oidentd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, oidentd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 oidentd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, oidentd_config_t)
diff --git a/policy/modules/contrib/openct.if b/policy/modules/contrib/openct.if
index a55238b..4fe22f9 100644
--- a/policy/modules/contrib/openct.if
+++ b/policy/modules/contrib/openct.if
@@ -120,10 +120,10 @@ interface(`openct_admin',`
allow $1 openct_t:process { ptrace signal_perms };
ps_process_pattern($1, openct_t)
- init_labeled_script_domtrans($1, openct_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 openct_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, openct_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 openct_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, openct_var_run_t)
diff --git a/policy/modules/contrib/openhpi.if b/policy/modules/contrib/openhpi.if
index 3c86958..141f3c8 100644
--- a/policy/modules/contrib/openhpi.if
+++ b/policy/modules/contrib/openhpi.if
@@ -26,10 +26,10 @@ interface(`openhpi_admin',`
allow $1 openhpid_t:process { ptrace signal_perms };
ps_process_pattern($1, openhpid_t)
- init_labeled_script_domtrans($1, openhpid_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 openhpid_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, openhpid_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 openhpid_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var_lib($1)
admin_pattern($1, openhpid_var_lib_t)
diff --git a/policy/modules/contrib/openvpn.if b/policy/modules/contrib/openvpn.if
index 6837e9a..7efa5a5 100644
--- a/policy/modules/contrib/openvpn.if
+++ b/policy/modules/contrib/openvpn.if
@@ -150,10 +150,10 @@ interface(`openvpn_admin',`
allow $1 openvpn_t:process { ptrace signal_perms };
ps_process_pattern($1, openvpn_t)
- init_labeled_script_domtrans($1, openvpn_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 openvpn_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, openvpn_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 openvpn_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, { openvpn_etc_t openvpn_etc_rw_t })
diff --git a/policy/modules/contrib/openvswitch.if b/policy/modules/contrib/openvswitch.if
index 9b15730..131e6dc 100644
--- a/policy/modules/contrib/openvswitch.if
+++ b/policy/modules/contrib/openvswitch.if
@@ -64,10 +64,10 @@ interface(`openvswitch_admin',`
allow $1 openvswitch_t:process { ptrace signal_perms };
ps_process_pattern($1, openvswitch_t)
- init_labeled_script_domtrans($1, openvswitch_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 openvswitch_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, openvswitch_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 openvswitch_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, openvswitch_conf_t)
diff --git a/policy/modules/contrib/pacemaker.if b/policy/modules/contrib/pacemaker.if
index 9682d9a..3ae9dcf 100644
--- a/policy/modules/contrib/pacemaker.if
+++ b/policy/modules/contrib/pacemaker.if
@@ -26,10 +26,10 @@ interface(`pacemaker_admin',`
allow $1 pacemaker_t:process { ptrace signal_perms };
ps_process_pattern($1, pacemaker_t)
- init_labeled_script_domtrans($1, pacemaker_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 pacemaker_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, pacemaker_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 pacemaker_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var_lib($1)
admin_pattern($1, pacemaker_var_lib_t)
diff --git a/policy/modules/contrib/pads.if b/policy/modules/contrib/pads.if
index 6e097c9..e9fa6d2 100644
--- a/policy/modules/contrib/pads.if
+++ b/policy/modules/contrib/pads.if
@@ -26,10 +26,10 @@ interface(`pads_admin', `
allow $1 pads_t:process { ptrace signal_perms };
ps_process_pattern($1, pads_t)
- init_labeled_script_domtrans($1, pads_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 pads_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, pads_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 pads_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, pads_var_run_t)
diff --git a/policy/modules/contrib/pcscd.if b/policy/modules/contrib/pcscd.if
index 7f77d32..aa414bd 100644
--- a/policy/modules/contrib/pcscd.if
+++ b/policy/modules/contrib/pcscd.if
@@ -128,10 +128,10 @@ interface(`pcscd_admin',`
allow $1 pcscd_t:process { ptrace signal_perms };
ps_process_pattern($1, pcscd_t)
- init_labeled_script_domtrans($1, pcscd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 pcscd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, pcscd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 pcscd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, pcscd_var_run_t)
diff --git a/policy/modules/contrib/pegasus.if b/policy/modules/contrib/pegasus.if
index d2fc677..3b509a4 100644
--- a/policy/modules/contrib/pegasus.if
+++ b/policy/modules/contrib/pegasus.if
@@ -27,10 +27,10 @@ interface(`pegasus_admin',`
allow $1 pegasus_t:process { ptrace signal_perms };
ps_process_pattern($1, pegasus_t)
- init_labeled_script_domtrans($1, pegasus_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 pegasus_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, pegasus_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 pegasus_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, pegasus_conf_t)
diff --git a/policy/modules/contrib/perdition.if b/policy/modules/contrib/perdition.if
index 47e09e1..ffe3965 100644
--- a/policy/modules/contrib/perdition.if
+++ b/policy/modules/contrib/perdition.if
@@ -40,10 +40,10 @@ interface(`perdition_admin',`
allow $1 perdition_t:process { ptrace signal_perms };
ps_process_pattern($1, perdition_t)
- init_labeled_script_domtrans($1, perdition_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 perdition_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, perdition_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 perdition_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, perdition_etc_t)
diff --git a/policy/modules/contrib/pingd.if b/policy/modules/contrib/pingd.if
index 21a6ecb..4194b84 100644
--- a/policy/modules/contrib/pingd.if
+++ b/policy/modules/contrib/pingd.if
@@ -84,10 +84,10 @@ interface(`pingd_admin',`
allow $1 pingd_t:process { ptrace signal_perms };
ps_process_pattern($1, pingd_t)
- init_labeled_script_domtrans($1, pingd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 pingd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, pingd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 pingd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, pingd_etc_t)
diff --git a/policy/modules/contrib/pkcs.if b/policy/modules/contrib/pkcs.if
index 69be2aa..c3b3223 100644
--- a/policy/modules/contrib/pkcs.if
+++ b/policy/modules/contrib/pkcs.if
@@ -26,10 +26,10 @@ interface(`pkcs_admin_slotd',`
allow $1 pkcs_slotd_t:process { ptrace signal_perms };
ps_process_pattern($1, pkcs_slotd_t)
- init_labeled_script_domtrans($1, pkcs_slotd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 pkcs_slotd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, pkcs_slotd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 pkcs_slotd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var_lib($1)
admin_pattern($1, pkcs_slotd_var_lib_t)
diff --git a/policy/modules/contrib/polipo.if b/policy/modules/contrib/polipo.if
index ae27bb7..c6c431e 100644
--- a/policy/modules/contrib/polipo.if
+++ b/policy/modules/contrib/polipo.if
@@ -125,10 +125,10 @@ interface(`polipo_admin',`
allow $1 polipo_system_t:process { ptrace signal_perms };
ps_process_pattern($1, polipo_system_t)
- polipo_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 polipo_initrc_exec_t system_r;
- allow $2 system_r;
+ #polipo_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 polipo_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var($1)
admin_pattern($1, polipo_cache_t)
diff --git a/policy/modules/contrib/portmap.if b/policy/modules/contrib/portmap.if
index 9f982b5..7cc0695 100644
--- a/policy/modules/contrib/portmap.if
+++ b/policy/modules/contrib/portmap.if
@@ -114,10 +114,10 @@ interface(`portmap_admin',`
allow $1 { portmap_t portmap_helper_t }:process { ptrace signal_perms };
ps_process_pattern($1, { portmap_t portmap_helper_t })
- init_labeled_script_domtrans($1, portmap_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 portmap_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, portmap_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 portmap_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, portmap_var_run_t)
diff --git a/policy/modules/contrib/portreserve.if b/policy/modules/contrib/portreserve.if
index 5ad5291..ecffbfc 100644
--- a/policy/modules/contrib/portreserve.if
+++ b/policy/modules/contrib/portreserve.if
@@ -108,10 +108,10 @@ interface(`portreserve_admin',`
allow $1 portreserve_t:process { ptrace signal_perms };
ps_process_pattern($1, portreserve_t)
- portreserve_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 portreserve_initrc_exec_t system_r;
- allow $2 system_r;
+ #portreserve_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 portreserve_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, portreserve_etc_t)
diff --git a/policy/modules/contrib/postfix.if b/policy/modules/contrib/postfix.if
index 8e7d1e7..603f2e3 100644
--- a/policy/modules/contrib/postfix.if
+++ b/policy/modules/contrib/postfix.if
@@ -720,10 +720,10 @@ interface(`postfix_admin',`
allow $1 postfix_domain:process { ptrace signal_perms };
ps_process_pattern($1, postfix_domain)
- init_labeled_script_domtrans($1, postfix_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 postfix_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, postfix_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 postfix_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, { postfix_prng_t postfix_etc_t postfix_exec_t postfix_keytab_t })
diff --git a/policy/modules/contrib/postfixpolicyd.if b/policy/modules/contrib/postfixpolicyd.if
index 5de8173..d74f378 100644
--- a/policy/modules/contrib/postfixpolicyd.if
+++ b/policy/modules/contrib/postfixpolicyd.if
@@ -26,10 +26,10 @@ interface(`postfixpolicyd_admin',`
allow $1 postfix_policyd_t:process { ptrace signal_perms };
ps_process_pattern($1, postfix_policyd_t)
- init_labeled_script_domtrans($1, postfix_policyd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 postfix_policyd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, postfix_policyd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 postfix_policyd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, postfix_policyd_conf_t)
diff --git a/policy/modules/contrib/postgrey.if b/policy/modules/contrib/postgrey.if
index b9e71b5..05a4cd4 100644
--- a/policy/modules/contrib/postgrey.if
+++ b/policy/modules/contrib/postgrey.if
@@ -67,10 +67,10 @@ interface(`postgrey_admin',`
allow $1 postgrey_t:process { ptrace signal_perms };
ps_process_pattern($1, postgrey_t)
- init_labeled_script_domtrans($1, postgrey_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 postgrey_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, postgrey_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 postgrey_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, postgrey_etc_t)
diff --git a/policy/modules/contrib/ppp.if b/policy/modules/contrib/ppp.if
index cd8b8b9..71455d1 100644
--- a/policy/modules/contrib/ppp.if
+++ b/policy/modules/contrib/ppp.if
@@ -487,10 +487,10 @@ interface(`ppp_admin',`
allow $1 { pptp_t pppd_t }:process { ptrace signal_perms };
ps_process_pattern($1, { pptp_t pppd_t })
- ppp_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 pppd_initrc_exec_t system_r;
- allow $2 system_r;
+ #ppp_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 pppd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_tmp($1)
admin_pattern($1, pppd_tmp_t)
diff --git a/policy/modules/contrib/prelude.if b/policy/modules/contrib/prelude.if
index db8f510..573fac7 100644
--- a/policy/modules/contrib/prelude.if
+++ b/policy/modules/contrib/prelude.if
@@ -126,10 +126,10 @@ interface(`prelude_admin',`
allow $1 { prelude_t prelude_audisp_t prelude_lml_t prelude_correlator_t }:process { ptrace signal_perms };
ps_process_pattern($1, { prelude_t prelude_audisp_t prelude_lml_t prelude_correlator_t })
- init_labeled_script_domtrans($1, prelude_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 prelude_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, prelude_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 prelude_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_spool($1)
admin_pattern($1, prelude_spool_t)
diff --git a/policy/modules/contrib/privoxy.if b/policy/modules/contrib/privoxy.if
index bdcee30..182267b 100644
--- a/policy/modules/contrib/privoxy.if
+++ b/policy/modules/contrib/privoxy.if
@@ -26,10 +26,10 @@ interface(`privoxy_admin',`
allow $1 privoxy_t:process { ptrace signal_perms };
ps_process_pattern($1, privoxy_t)
- init_labeled_script_domtrans($1, privoxy_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 privoxy_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, privoxy_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 privoxy_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_list_logs($1)
admin_pattern($1, privoxy_log_t)
diff --git a/policy/modules/contrib/psad.if b/policy/modules/contrib/psad.if
index cdc83d2..a04483a 100644
--- a/policy/modules/contrib/psad.if
+++ b/policy/modules/contrib/psad.if
@@ -242,10 +242,10 @@ interface(`psad_admin',`
allow $1 psad_t:process { ptrace signal_perms };
ps_process_pattern($1, psad_t)
- init_labeled_script_domtrans($1, psad_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 psad_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, psad_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 psad_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, psad_etc_t)
diff --git a/policy/modules/contrib/puppet.if b/policy/modules/contrib/puppet.if
index 7cb8b1f..9d0c95c 100644
--- a/policy/modules/contrib/puppet.if
+++ b/policy/modules/contrib/puppet.if
@@ -211,10 +211,10 @@ interface(`puppet_admin',`
allow $1 { puppet_t puppetca_t puppetmaster_t }:process { ptrace signal_perms };
ps_process_pattern($1, { puppet_t puppetca_t puppetmaster_t })
- init_labeled_script_domtrans($1, { puppet_initrc_exec_t puppetmaster_initrc_exec_t })
- domain_system_change_exemption($1)
- role_transition $2 { puppet_initrc_exec_t puppetmaster_initrc_exec_t } system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, { puppet_initrc_exec_t puppetmaster_initrc_exec_t })
+ #domain_system_change_exemption($1)
+ #role_transition $2 { puppet_initrc_exec_t puppetmaster_initrc_exec_t } system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, puppet_etc_t)
diff --git a/policy/modules/contrib/pxe.if b/policy/modules/contrib/pxe.if
index 7da286f..3a60f9b 100644
--- a/policy/modules/contrib/pxe.if
+++ b/policy/modules/contrib/pxe.if
@@ -26,10 +26,10 @@ interface(`pxe_admin',`
allow $1 pxe_t:process { ptrace signal_perms };
ps_process_pattern($1, pxe_t)
- init_labeled_script_domtrans($1, pxe_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 pxe_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, pxe_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 pxe_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, pxe_log_t)
diff --git a/policy/modules/contrib/pyicqt.if b/policy/modules/contrib/pyicqt.if
index 0ccea82..683d0ee 100644
--- a/policy/modules/contrib/pyicqt.if
+++ b/policy/modules/contrib/pyicqt.if
@@ -26,10 +26,10 @@ interface(`pyicqt_admin',`
allow $1 pyicqt_t:process { ptrace signal_perms };
ps_process_pattern($1, pyicqt_t)
- init_labeled_script_domtrans($1, pyicqt_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 pyicqt_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, pyicqt_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 pyicqt_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, pyicqt_conf_t)
diff --git a/policy/modules/contrib/pyzor.if b/policy/modules/contrib/pyzor.if
index c05a504..664b594 100644
--- a/policy/modules/contrib/pyzor.if
+++ b/policy/modules/contrib/pyzor.if
@@ -118,10 +118,10 @@ interface(`pyzor_admin',`
allow $1 pyzord_t:process { ptrace signal_perms };
ps_process_pattern($1, pyzord_t)
- init_labeled_script_domtrans($1, pyzord_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 pyzord_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, pyzord_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 pyzord_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, pyzor_etc_t)
diff --git a/policy/modules/contrib/qpid.if b/policy/modules/contrib/qpid.if
index fe2adf8..307b419 100644
--- a/policy/modules/contrib/qpid.if
+++ b/policy/modules/contrib/qpid.if
@@ -177,10 +177,10 @@ interface(`qpidd_admin',`
allow $1 qpidd_t:process { ptrace signal_perms };
ps_process_pattern($1, qpidd_t)
- qpidd_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 qpidd_initrc_exec_t system_r;
- allow $2 system_r;
+ #qpidd_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 qpidd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var_lib($1)
admin_pattern($1, qpidd_var_lib_t)
diff --git a/policy/modules/contrib/quantum.if b/policy/modules/contrib/quantum.if
index afc0068..2d9ec09 100644
--- a/policy/modules/contrib/quantum.if
+++ b/policy/modules/contrib/quantum.if
@@ -26,10 +26,10 @@ interface(`quantum_admin',`
allow $1 quantum_t:process { ptrace signal_perms };
ps_process_pattern($1, quantum_t)
- init_labeled_script_domtrans($1, quantum_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 quantum_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, quantum_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 quantum_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, quantum_log_t)
diff --git a/policy/modules/contrib/quota.if b/policy/modules/contrib/quota.if
index 68611e3..6af6364 100644
--- a/policy/modules/contrib/quota.if
+++ b/policy/modules/contrib/quota.if
@@ -184,10 +184,10 @@ interface(`quota_admin',`
allow $1 { quota_nld_t quota_t }:process { ptrace signal_perms };
ps_process_pattern($1, { quota_nld_t quota_t })
- init_labeled_script_domtrans($1, quota_nld_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 quota_nld_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, quota_nld_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 quota_nld_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_all($1)
admin_pattern($1, { quota_db_t quota_flag_t quota_nld_var_run_t })
diff --git a/policy/modules/contrib/rabbitmq.if b/policy/modules/contrib/rabbitmq.if
index 2c3d338..64bd4db 100644
--- a/policy/modules/contrib/rabbitmq.if
+++ b/policy/modules/contrib/rabbitmq.if
@@ -45,10 +45,10 @@ interface(`rabbitmq_admin',`
allow $1 { rabbitmq_epmd_t rabbitmq_beam_t }:process { ptrace signal_perms };
ps_process_pattern($1, { rabbitmq_epmd_t rabbitmq_beam_t })
- init_labeled_script_domtrans($1, rabbitmq_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 rabbitmq_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, rabbitmq_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 rabbitmq_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, rabbitmq_var_log_t)
diff --git a/policy/modules/contrib/radius.if b/policy/modules/contrib/radius.if
index 4460582..785c40a 100644
--- a/policy/modules/contrib/radius.if
+++ b/policy/modules/contrib/radius.if
@@ -41,10 +41,10 @@ interface(`radius_admin',`
allow $1 radiusd_t:process { ptrace signal_perms };
ps_process_pattern($1, radiusd_t)
- init_labeled_script_domtrans($1, radiusd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 radiusd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, radiusd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 radiusd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, { radiusd_etc_t radiusd_etc_rw_t })
diff --git a/policy/modules/contrib/radvd.if b/policy/modules/contrib/radvd.if
index ac7058d..33a3f31 100644
--- a/policy/modules/contrib/radvd.if
+++ b/policy/modules/contrib/radvd.if
@@ -26,10 +26,10 @@ interface(`radvd_admin',`
allow $1 radvd_t:process { ptrace signal_perms };
ps_process_pattern($1, radvd_t)
- init_labeled_script_domtrans($1, radvd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 radvd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, radvd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 radvd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, radvd_etc_t)
diff --git a/policy/modules/contrib/raid.if b/policy/modules/contrib/raid.if
index 951db7f..f865481 100644
--- a/policy/modules/contrib/raid.if
+++ b/policy/modules/contrib/raid.if
@@ -91,10 +91,10 @@ interface(`raid_admin_mdadm',`
allow $1 mdadm_t:process { ptrace signal_perms };
ps_process_pattern($1, mdadm_t)
- init_labeled_script_domtrans($1, mdadm_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 mdadm_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, mdadm_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 mdadm_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, mdadm_var_run_t)
diff --git a/policy/modules/contrib/redis.if b/policy/modules/contrib/redis.if
index 3969450..13812be 100644
--- a/policy/modules/contrib/redis.if
+++ b/policy/modules/contrib/redis.if
@@ -26,10 +26,10 @@ interface(`redis_admin',`
allow $1 redis_t:process { ptrace signal_perms };
ps_process_pattern($1, redis_t)
- init_labeled_script_domtrans($1, redis_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 redis_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, redis_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 redis_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, redis_log_t)
diff --git a/policy/modules/contrib/resmgr.if b/policy/modules/contrib/resmgr.if
index 0d93db6..b6a5cec 100644
--- a/policy/modules/contrib/resmgr.if
+++ b/policy/modules/contrib/resmgr.if
@@ -46,10 +46,10 @@ interface(`resmgr_admin',`
allow $1 resmgrd_t:process { ptrace signal_perms };
ps_process_pattern($1, resmgrd_t)
- init_labeled_script_domtrans($1, resmgrd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 resmgrd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, resmgrd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 resmgrd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, resmgrd_etc_t)
diff --git a/policy/modules/contrib/rgmanager.if b/policy/modules/contrib/rgmanager.if
index 1c2f9aa..5ab664c 100644
--- a/policy/modules/contrib/rgmanager.if
+++ b/policy/modules/contrib/rgmanager.if
@@ -105,10 +105,10 @@ interface(`rgmanager_admin',`
allow $1 rgmanager_t:process { ptrace signal_perms };
ps_process_pattern($1, rgmanager_t)
- init_labeled_script_domtrans($1, rgmanager_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 rgmanager_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, rgmanager_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 rgmanager_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_tmp($1)
admin_pattern($1, rgmanager_tmp_t)
diff --git a/policy/modules/contrib/rhcs.if b/policy/modules/contrib/rhcs.if
index c8bdea2..10828e8 100644
--- a/policy/modules/contrib/rhcs.if
+++ b/policy/modules/contrib/rhcs.if
@@ -472,10 +472,10 @@ interface(`rhcs_admin',`
allow $1 cluster_domain:process { ptrace signal_perms };
ps_process_pattern($1, cluster_domain)
- init_labeled_script_domtrans($1, { dlm_controld_initrc_exec_t foghorn_initrc_exec_t })
- domain_system_change_exemption($1)
- role_transition $2 { dlm_controld_initrc_exec_t foghorn_initrc_exec_t } system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, { dlm_controld_initrc_exec_t foghorn_initrc_exec_t })
+ #domain_system_change_exemption($1)
+ #role_transition $2 { dlm_controld_initrc_exec_t foghorn_initrc_exec_t } system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, cluster_pid)
diff --git a/policy/modules/contrib/rhsmcertd.if b/policy/modules/contrib/rhsmcertd.if
index 6dbc905..98574fe 100644
--- a/policy/modules/contrib/rhsmcertd.if
+++ b/policy/modules/contrib/rhsmcertd.if
@@ -285,10 +285,10 @@ interface(`rhsmcertd_admin',`
allow $1 rhsmcertd_t:process { ptrace signal_perms };
ps_process_pattern($1, rhsmcertd_t)
- rhsmcertd_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 rhsmcertd_initrc_exec_t system_r;
- allow $2 system_r;
+ #rhsmcertd_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 rhsmcertd_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, rhsmcertd_log_t)
diff --git a/policy/modules/contrib/ricci.if b/policy/modules/contrib/ricci.if
index 2ab3ed1..3290abc 100644
--- a/policy/modules/contrib/ricci.if
+++ b/policy/modules/contrib/ricci.if
@@ -203,10 +203,10 @@ interface(`ricci_admin',`
allow $1 ricci_t:process { ptrace signal_perms };
ps_process_pattern($1, ricci_t)
- init_labeled_script_domtrans($1, ricci_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 ricci_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, ricci_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 ricci_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_tmp($1)
admin_pattern($1, ricci_tmp_t)
diff --git a/policy/modules/contrib/rngd.if b/policy/modules/contrib/rngd.if
index 13f788f..d182588 100644
--- a/policy/modules/contrib/rngd.if
+++ b/policy/modules/contrib/rngd.if
@@ -25,10 +25,10 @@ interface(`rngd_admin',`
allow $1 rngd_t:process { ptrace signal_perms };
ps_process_pattern($1, rngd_t)
- init_labeled_script_domtrans($1, rngd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 rngd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, rngd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 rngd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, rngd_var_run_t)
diff --git a/policy/modules/contrib/roundup.if b/policy/modules/contrib/roundup.if
index 975bb6a..f540ee7 100644
--- a/policy/modules/contrib/roundup.if
+++ b/policy/modules/contrib/roundup.if
@@ -26,10 +26,10 @@ interface(`roundup_admin',`
allow $1 roundup_t:process { ptrace signal_perms };
ps_process_pattern($1, roundup_t)
- init_labeled_script_domtrans($1, roundup_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 roundup_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, roundup_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 roundup_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_var_lib($1)
admin_pattern($1, roundup_var_lib_t)
diff --git a/policy/modules/contrib/rpc.if b/policy/modules/contrib/rpc.if
index 157afd9..baf9509 100644
--- a/policy/modules/contrib/rpc.if
+++ b/policy/modules/contrib/rpc.if
@@ -400,10 +400,10 @@ interface(`rpc_admin',`
allow $1 rpc_domain:process { ptrace signal_perms };
ps_process_pattern($1, rpc_domain)
- init_labeled_script_domtrans($1, { nfsd_initrc_exec_t rpcd_initrc_exec_t })
- domain_system_change_exemption($1)
- role_transition $2 { nfsd_initrc_exec_t rpcd_initrc_exec_t } system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, { nfsd_initrc_exec_t rpcd_initrc_exec_t })
+ #domain_system_change_exemption($1)
+ #role_transition $2 { nfsd_initrc_exec_t rpcd_initrc_exec_t } system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, { gssd_keytab_t exports_t })
diff --git a/policy/modules/contrib/rpcbind.if b/policy/modules/contrib/rpcbind.if
index f78fef0..bfee269 100644
--- a/policy/modules/contrib/rpcbind.if
+++ b/policy/modules/contrib/rpcbind.if
@@ -160,10 +160,10 @@ interface(`rpcbind_admin',`
allow $1 rpcbind_t:process { ptrace signal_perms };
ps_process_pattern($1, rpcbind_t)
- init_labeled_script_domtrans($1, rpcbind_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 rpcbind_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, rpcbind_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 rpcbind_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, rpcbind_var_run_t)
diff --git a/policy/modules/contrib/rpm.if b/policy/modules/contrib/rpm.if
index fc9c8d8..4b1a6b3 100644
--- a/policy/modules/contrib/rpm.if
+++ b/policy/modules/contrib/rpm.if
@@ -634,10 +634,10 @@ interface(`rpm_admin',`
allow $1 { rpm_t rpm_script_t }:process { ptrace signal_perms };
ps_process_pattern($1, { rpm_t rpm_script_t })
- init_labeled_script_domtrans($1, rpm_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 rpm_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, rpm_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 rpm_initrc_exec_t system_r;
+ #allow $2 system_r;
admin_pattern($1, rpm_file_t)
diff --git a/policy/modules/contrib/rtkit.if b/policy/modules/contrib/rtkit.if
index e904ec4..37daa13 100644
--- a/policy/modules/contrib/rtkit.if
+++ b/policy/modules/contrib/rtkit.if
@@ -90,8 +90,8 @@ interface(`rtkit_admin',`
allow $1 rtkit_daemon_t:process { ptrace signal_perms };
ps_process_pattern($1, rtkit_daemon_t)
- init_labeled_script_domtrans($1, rtkit_daemon_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 rtkit_daemon_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, rtkit_daemon_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 rtkit_daemon_initrc_exec_t system_r;
+ #allow $2 system_r;
')
diff --git a/policy/modules/contrib/rwho.if b/policy/modules/contrib/rwho.if
index 0360ff0..01b5928 100644
--- a/policy/modules/contrib/rwho.if
+++ b/policy/modules/contrib/rwho.if
@@ -142,10 +142,10 @@ interface(`rwho_admin',`
allow $1 rwho_t:process { ptrace signal_perms };
ps_process_pattern($1, rwho_t)
- init_labeled_script_domtrans($1, rwho_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 rwho_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, rwho_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 rwho_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_list_logs($1)
admin_pattern($1, rwho_log_t)
diff --git a/policy/modules/contrib/salt.if b/policy/modules/contrib/salt.if
index 7ab9e6b..c8e33a5 100644
--- a/policy/modules/contrib/salt.if
+++ b/policy/modules/contrib/salt.if
@@ -29,12 +29,12 @@ interface(`salt_admin_master',`
allow $1 salt_master_t:process { ptrace signal_perms };
ps_process_pattern($1, salt_master_t)
- init_labeled_script_domtrans($1, salt_master_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 salt_master_initrc_exec_t system_r;
+ #init_labeled_script_domtrans($1, salt_master_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 salt_master_initrc_exec_t system_r;
# for debugging?
- role_transition $2 salt_master_exec_t system_r;
+ #role_transition $2 salt_master_exec_t system_r;
domtrans_pattern($1, salt_master_exec_t, salt_master_t)
roleattribute $2 salt_master_roles;
@@ -73,12 +73,12 @@ interface(`salt_admin_minion',`
allow $1 salt_minion_t:process { ptrace signal_perms };
ps_process_pattern($1, salt_minion_t)
- init_labeled_script_domtrans($1, salt_minion_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 salt_minion_initrc_exec_t system_r;
+ #init_labeled_script_domtrans($1, salt_minion_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 salt_minion_initrc_exec_t system_r;
# for debugging
- role_transition $2 salt_minion_exec_t system_r;
+ #role_transition $2 salt_minion_exec_t system_r;
domtrans_pattern($1, salt_minion_exec_t, salt_minion_t)
roleattribute $2 salt_minion_roles;
diff --git a/policy/modules/contrib/samba.if b/policy/modules/contrib/samba.if
index 50d07fb..51e6858 100644
--- a/policy/modules/contrib/samba.if
+++ b/policy/modules/contrib/samba.if
@@ -695,10 +695,10 @@ interface(`samba_admin',`
allow $1 { nmbd_t smbd_t }:process { ptrace signal_perms };
ps_process_pattern($1, { nmbd_t smbd_t })
- init_labeled_script_domtrans($1, samba_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 samba_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, samba_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 samba_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, { samba_etc_t smbd_keytab_t })
diff --git a/policy/modules/contrib/sanlock.if b/policy/modules/contrib/sanlock.if
index cd6c213..98b2950 100644
--- a/policy/modules/contrib/sanlock.if
+++ b/policy/modules/contrib/sanlock.if
@@ -104,10 +104,10 @@ interface(`sanlock_admin',`
allow $1 sanlock_t:process { ptrace signal_perms };
ps_process_pattern($1, sanlock_t)
- sanlock_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 sanlock_initrc_exec_t system_r;
- allow $2 system_r;
+ #sanlock_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 sanlock_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, sanlock_var_run_t)
diff --git a/policy/modules/contrib/sasl.if b/policy/modules/contrib/sasl.if
index 8c3c151..7da737b 100644
--- a/policy/modules/contrib/sasl.if
+++ b/policy/modules/contrib/sasl.if
@@ -45,10 +45,10 @@ interface(`sasl_admin',`
allow $1 saslauthd_t:process { ptrace signal_perms };
ps_process_pattern($1, saslauthd_t)
- init_labeled_script_domtrans($1, saslauthd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 saslauthd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, saslauthd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 saslauthd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, saslauthd_keytab_t)
diff --git a/policy/modules/contrib/sblim.if b/policy/modules/contrib/sblim.if
index 98c9e0a..25d94a4 100644
--- a/policy/modules/contrib/sblim.if
+++ b/policy/modules/contrib/sblim.if
@@ -64,10 +64,10 @@ interface(`sblim_admin',`
allow $1 sblim_domain:process { ptrace signal_perms };
ps_process_pattern($1, sblim_domain)
- init_labeled_script_domtrans($1, sblim_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 sblim_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, sblim_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 sblim_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, sblim_var_run_t)
diff --git a/policy/modules/contrib/sendmail.if b/policy/modules/contrib/sendmail.if
index 35ad2a7..7a95364 100644
--- a/policy/modules/contrib/sendmail.if
+++ b/policy/modules/contrib/sendmail.if
@@ -360,9 +360,9 @@ interface(`sendmail_admin',`
allow $1 { unconfined_sendmail_t sendmail_t }:process { ptrace signal_perms };
ps_process_pattern($1, { unconfined_sendmail_t sendmail_t })
- init_labeled_script_domtrans($1, sendmail_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 sendmail_initrc_exec_t system_r;
+ #init_labeled_script_domtrans($1, sendmail_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 sendmail_initrc_exec_t system_r;
files_list_etc($1)
admin_pattern($1, sendmail_keytab_t)
diff --git a/policy/modules/contrib/sensord.if b/policy/modules/contrib/sensord.if
index d204752..ec77409 100644
--- a/policy/modules/contrib/sensord.if
+++ b/policy/modules/contrib/sensord.if
@@ -25,10 +25,10 @@ interface(`sensord_admin',`
allow $1 sensord_t:process { ptrace signal_perms };
ps_process_pattern($1, sensord_t)
- init_labeled_script_domtrans($1, sensord_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 sensord_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, sensord_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 sensord_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, sensord_var_run_t)
diff --git a/policy/modules/contrib/shorewall.if b/policy/modules/contrib/shorewall.if
index 1aeef8a..abcfdf5 100644
--- a/policy/modules/contrib/shorewall.if
+++ b/policy/modules/contrib/shorewall.if
@@ -179,10 +179,10 @@ interface(`shorewall_admin',`
allow $1 shorewall_t:process { ptrace signal_perms };
ps_process_pattern($1, shorewall_t)
- init_labeled_script_domtrans($1, shorewall_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 shorewall_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, shorewall_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 shorewall_initrc_exec_t system_r;
+ #allow $2 system_r;
can_exec($1, shorewall_exec_t)
diff --git a/policy/modules/contrib/slpd.if b/policy/modules/contrib/slpd.if
index ca32e89..c13e32c 100644
--- a/policy/modules/contrib/slpd.if
+++ b/policy/modules/contrib/slpd.if
@@ -26,10 +26,10 @@ interface(`slpd_admin',`
allow $1 slpd_t:process { ptrace signal_perms };
ps_process_pattern($1, slpd_t)
- init_labeled_script_domtrans($1, slpd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 slpd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, slpd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 slpd_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, slpd_log_t)
diff --git a/policy/modules/contrib/smartmon.if b/policy/modules/contrib/smartmon.if
index e0644b5..b0660d6 100644
--- a/policy/modules/contrib/smartmon.if
+++ b/policy/modules/contrib/smartmon.if
@@ -45,10 +45,10 @@ interface(`smartmon_admin',`
allow $1 fsdaemon_t:process { ptrace signal_perms };
ps_process_pattern($1, fsdaemon_t)
- init_labeled_script_domtrans($1, fsdaemon_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 fsdaemon_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, fsdaemon_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 fsdaemon_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_tmp($1)
admin_pattern($1, fsdaemon_tmp_t)
diff --git a/policy/modules/contrib/smokeping.if b/policy/modules/contrib/smokeping.if
index 1fa51c1..8c0eefe 100644
--- a/policy/modules/contrib/smokeping.if
+++ b/policy/modules/contrib/smokeping.if
@@ -161,10 +161,10 @@ interface(`smokeping_admin',`
allow $1 smokeping_t:process { ptrace signal_perms };
ps_process_pattern($1, smokeping_t)
- smokeping_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 smokeping_initrc_exec_t system_r;
- allow $2 system_r;
+ #smokeping_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 smokeping_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var_lib($1)
admin_pattern($1, smokeping_var_lib_t)
diff --git a/policy/modules/contrib/smstools.if b/policy/modules/contrib/smstools.if
index 81136f0..2b49829 100644
--- a/policy/modules/contrib/smstools.if
+++ b/policy/modules/contrib/smstools.if
@@ -27,10 +27,10 @@ interface(`smstools_admin',`
allow $1 smsd_t:process { ptrace signal_perms };
ps_process_pattern($1, smsd_t)
- init_labeled_script_domtrans($1, smsd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 smsd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, smsd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 smsd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, smsd_conf_t)
diff --git a/policy/modules/contrib/snmp.if b/policy/modules/contrib/snmp.if
index bf78fa9..0da50f0 100644
--- a/policy/modules/contrib/snmp.if
+++ b/policy/modules/contrib/snmp.if
@@ -182,10 +182,10 @@ interface(`snmp_admin',`
allow $1 snmpd_t:process { ptrace signal_perms };
ps_process_pattern($1, snmpd_t)
- init_labeled_script_domtrans($1, snmpd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 snmpd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, snmpd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 snmpd_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_list_logs($1)
admin_pattern($1, snmpd_log_t)
diff --git a/policy/modules/contrib/snort.if b/policy/modules/contrib/snort.if
index 7d86b34..910ffb9 100644
--- a/policy/modules/contrib/snort.if
+++ b/policy/modules/contrib/snort.if
@@ -45,10 +45,10 @@ interface(`snort_admin',`
allow $1 snort_t:process { ptrace signal_perms };
ps_process_pattern($1, snort_t)
- init_labeled_script_domtrans($1, snort_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 snort_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, snort_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 snort_initrc_exec_t system_r;
+ #allow $2 system_r;
admin_pattern($1, snort_etc_t)
files_search_etc($1)
diff --git a/policy/modules/contrib/soundserver.if b/policy/modules/contrib/soundserver.if
index a5abc5a..c6d0368 100644
--- a/policy/modules/contrib/soundserver.if
+++ b/policy/modules/contrib/soundserver.if
@@ -41,10 +41,10 @@ interface(`soundserver_admin',`
allow $1 soundd_t:process { ptrace signal_perms };
ps_process_pattern($1, soundd_t)
- init_labeled_script_domtrans($1, soundd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 soundd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, soundd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 soundd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, soundd_etc_t)
diff --git a/policy/modules/contrib/spamassassin.if b/policy/modules/contrib/spamassassin.if
index 7f5a1cc..f697f7b 100644
--- a/policy/modules/contrib/spamassassin.if
+++ b/policy/modules/contrib/spamassassin.if
@@ -384,10 +384,10 @@ interface(`spamassassin_admin',`
allow $1 spamd_t:process { ptrace signal_perms };
ps_process_pattern($1, spamd_t)
- init_labeled_script_domtrans($1, spamd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 spamd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, spamd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 spamd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_tmp($1)
admin_pattern($1, spamd_tmp_t)
diff --git a/policy/modules/contrib/squid.if b/policy/modules/contrib/squid.if
index 5e1f053..0d43504 100644
--- a/policy/modules/contrib/squid.if
+++ b/policy/modules/contrib/squid.if
@@ -216,10 +216,10 @@ interface(`squid_admin',`
allow $1 squid_t:process { ptrace signal_perms };
ps_process_pattern($1, squid_t)
- init_labeled_script_domtrans($1, squid_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 squid_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, squid_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 squid_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_var($1)
admin_pattern($1, squid_cache_t)
diff --git a/policy/modules/contrib/sssd.if b/policy/modules/contrib/sssd.if
index a240455..4ba98cc 100644
--- a/policy/modules/contrib/sssd.if
+++ b/policy/modules/contrib/sssd.if
@@ -342,10 +342,10 @@ interface(`sssd_admin',`
allow $1 sssd_t:process { ptrace signal_perms };
ps_process_pattern($1, sssd_t)
- sssd_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 sssd_initrc_exec_t system_r;
- allow $2 system_r;
+ #sssd_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 sssd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, sssd_conf_t)
diff --git a/policy/modules/contrib/svnserve.if b/policy/modules/contrib/svnserve.if
index 5cd46e9..043ade5 100644
--- a/policy/modules/contrib/svnserve.if
+++ b/policy/modules/contrib/svnserve.if
@@ -25,10 +25,10 @@ interface(`svnserve_admin',`
allow $1 svnserve_t:process { ptrace signal_perms };
ps_process_pattern($1, svnserve_t)
- init_labeled_script_domtrans($1, svnserve_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 svnserve_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, svnserve_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 svnserve_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, svnserve_var_run_t)
diff --git a/policy/modules/contrib/sysstat.if b/policy/modules/contrib/sysstat.if
index 14ae3f2..46e08d3 100644
--- a/policy/modules/contrib/sysstat.if
+++ b/policy/modules/contrib/sysstat.if
@@ -46,10 +46,10 @@ interface(`sysstat_admin',`
allow $1 sysstat_t:process { ptrace signal_perms };
ps_process_pattern($1, sysstat_t)
- init_labeled_script_domtrans($1, sysstat_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 sysstat_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, sysstat_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 sysstat_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, sysstat_log_t)
diff --git a/policy/modules/contrib/systemtap.if b/policy/modules/contrib/systemtap.if
index d60a21e..4718ca2 100644
--- a/policy/modules/contrib/systemtap.if
+++ b/policy/modules/contrib/systemtap.if
@@ -26,10 +26,10 @@ interface(`stapserver_admin',`
allow $1 stapserver_t:process { ptrace signal_perms };
ps_process_pattern($1, stapserver_t)
- init_labeled_script_domtrans($1, stapserver_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 stapserver_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, stapserver_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 stapserver_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, stapserver_conf_t)
diff --git a/policy/modules/contrib/tcsd.if b/policy/modules/contrib/tcsd.if
index b42ec1d..d4b8da8 100644
--- a/policy/modules/contrib/tcsd.if
+++ b/policy/modules/contrib/tcsd.if
@@ -141,10 +141,10 @@ interface(`tcsd_admin',`
allow $1 tcsd_t:process { ptrace signal_perms };
ps_process_pattern($1, tcsd_t)
- tcsd_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 tcsd_initrc_exec_t system_r;
- allow $2 system_r;
+ #tcsd_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 tcsd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var_lib($1)
admin_pattern($1, tcsd_var_lib_t)
diff --git a/policy/modules/contrib/tgtd.if b/policy/modules/contrib/tgtd.if
index dc5b46e..bde65e4 100644
--- a/policy/modules/contrib/tgtd.if
+++ b/policy/modules/contrib/tgtd.if
@@ -83,10 +83,10 @@ interface(`tgtd_admin',`
allow $1 tgtd_t:process { ptrace signal_perms };
ps_process_pattern($1, tgtd_t)
- init_labeled_script_domtrans($1, tgtd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 tgtd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, tgtd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 tgtd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var_lib($1)
admin_pattern($1, tgtd_var_lib_t)
diff --git a/policy/modules/contrib/tor.if b/policy/modules/contrib/tor.if
index 61c2e07..6ab1023 100644
--- a/policy/modules/contrib/tor.if
+++ b/policy/modules/contrib/tor.if
@@ -45,10 +45,10 @@ interface(`tor_admin',`
allow $1 tor_t:process { ptrace signal_perms };
ps_process_pattern($1, tor_t)
- init_labeled_script_domtrans($1, tor_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 tor_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, tor_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 tor_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, tor_etc_t)
diff --git a/policy/modules/contrib/transproxy.if b/policy/modules/contrib/transproxy.if
index 81a8351..20102c2 100644
--- a/policy/modules/contrib/transproxy.if
+++ b/policy/modules/contrib/transproxy.if
@@ -25,10 +25,10 @@ interface(`transproxy_admin',`
allow $1 transproxy_t:process { ptrace signal_perms };
ps_process_pattern($1, transproxy_t)
- init_labeled_script_domtrans($1, transproxy_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 transproxy_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, transproxy_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 transproxy_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, transproxy_var_run_t)
diff --git a/policy/modules/contrib/tuned.if b/policy/modules/contrib/tuned.if
index e29db63..9829bad 100644
--- a/policy/modules/contrib/tuned.if
+++ b/policy/modules/contrib/tuned.if
@@ -122,10 +122,10 @@ interface(`tuned_admin',`
allow $1 tuned_t:process { ptrace signal_perms };
ps_process_pattern($1, tuned_t)
- tuned_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 tuned_initrc_exec_t system_r;
- allow $2 system_r;
+ #tuned_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 tuned_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, { tuned_etc_t tuned_rw_etc_t })
diff --git a/policy/modules/contrib/ulogd.if b/policy/modules/contrib/ulogd.if
index 9b95c3e..43bfd7b 100644
--- a/policy/modules/contrib/ulogd.if
+++ b/policy/modules/contrib/ulogd.if
@@ -126,10 +126,10 @@ interface(`ulogd_admin',`
allow $1 ulogd_t:process { ptrace signal_perms };
ps_process_pattern($1, ulogd_t)
- init_labeled_script_domtrans($1, ulogd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 ulogd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, ulogd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 ulogd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, ulogd_etc_t)
diff --git a/policy/modules/contrib/uptime.if b/policy/modules/contrib/uptime.if
index 19f4724..b9f36e4 100644
--- a/policy/modules/contrib/uptime.if
+++ b/policy/modules/contrib/uptime.if
@@ -26,10 +26,10 @@ interface(`uptime_admin',`
allow $1 uptimed_t:process { ptrace signal_perms };
ps_process_pattern($1, uptimed_t)
- init_labeled_script_domtrans($1, uptimed_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 uptimed_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, uptimed_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 uptimed_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, uptimed_etc_t)
diff --git a/policy/modules/contrib/uucp.if b/policy/modules/contrib/uucp.if
index af9acc0..bf7df04 100644
--- a/policy/modules/contrib/uucp.if
+++ b/policy/modules/contrib/uucp.if
@@ -104,10 +104,10 @@ interface(`uucp_admin',`
type uucpd_var_run_t, uucpd_initrc_exec_t;
')
- init_labeled_script_domtrans($1, uucpd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 uucpd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, uucpd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 uucpd_initrc_exec_t system_r;
+ #allow $2 system_r;
allow $1 uucpd_t:process { ptrace signal_perms };
ps_process_pattern($1, uucpd_t)
diff --git a/policy/modules/contrib/uuidd.if b/policy/modules/contrib/uuidd.if
index 6e48653..e33ec25 100644
--- a/policy/modules/contrib/uuidd.if
+++ b/policy/modules/contrib/uuidd.if
@@ -181,10 +181,10 @@ interface(`uuidd_admin',`
allow $1 uuidd_t:process signal_perms;
ps_process_pattern($1, uuidd_t)
- uuidd_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 uuidd_initrc_exec_t system_r;
- allow $2 system_r;
+ #uuidd_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 uuidd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_var_lib($1)
admin_pattern($1, uuidd_var_lib_t)
diff --git a/policy/modules/contrib/varnishd.if b/policy/modules/contrib/varnishd.if
index 1c35171..636c20d 100644
--- a/policy/modules/contrib/varnishd.if
+++ b/policy/modules/contrib/varnishd.if
@@ -160,10 +160,10 @@ interface(`varnishd_admin_varnishlog',`
allow $1 varnishlog_t:process { ptrace signal_perms };
ps_process_pattern($1, varnishlog_t)
- init_labeled_script_domtrans($1, varnishlog_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 varnishlog_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, varnishlog_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 varnishlog_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_pids($1)
admin_pattern($1, varnishlog_var_run_t)
@@ -199,10 +199,10 @@ interface(`varnishd_admin',`
allow $1 varnishd_t:process { ptrace signal_perms };
ps_process_pattern($1, varnishd_t)
- init_labeled_script_domtrans($1, varnishd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 varnishd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, varnishd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 varnishd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_var_lib($1)
admin_pattern($1, varnishd_var_lib_t)
diff --git a/policy/modules/contrib/vdagent.if b/policy/modules/contrib/vdagent.if
index 31c752e..5d3b76c 100644
--- a/policy/modules/contrib/vdagent.if
+++ b/policy/modules/contrib/vdagent.if
@@ -121,10 +121,10 @@ interface(`vdagent_admin',`
allow $1 vdagent_t:process signal_perms;
ps_process_pattern($1, vdagent_t)
- init_labeled_script_domtrans($1, vdagentd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 vdagentd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, vdagentd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 vdagentd_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, vdagent_log_t)
diff --git a/policy/modules/contrib/vhostmd.if b/policy/modules/contrib/vhostmd.if
index 22edd58..0055667 100644
--- a/policy/modules/contrib/vhostmd.if
+++ b/policy/modules/contrib/vhostmd.if
@@ -219,10 +219,10 @@ interface(`vhostmd_admin',`
allow $1 vhostmd_t:process { ptrace signal_perms };
ps_process_pattern($1, vhostmd_t)
- vhostmd_initrc_domtrans($1)
- domain_system_change_exemption($1)
- role_transition $2 vhostmd_initrc_exec_t system_r;
- allow $2 system_r;
+ #vhostmd_initrc_domtrans($1)
+ #domain_system_change_exemption($1)
+ #role_transition $2 vhostmd_initrc_exec_t system_r;
+ #allow $2 system_r;
fs_search_tmpfs($1)
admin_pattern($1, vhostmd_tmpfs_t)
diff --git a/policy/modules/contrib/virt.if b/policy/modules/contrib/virt.if
index 7c97c87..4f531b9 100644
--- a/policy/modules/contrib/virt.if
+++ b/policy/modules/contrib/virt.if
@@ -1176,10 +1176,10 @@ interface(`virt_admin',`
ps_process_pattern($1, { virt_domain svirt_lxc_domain virtd_t })
ps_process_pattern($1, { virtd_lxc_t virsh_t virt_bridgehelper_t virt_qmf_t })
- init_labeled_script_domtrans($1, virtd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 virtd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, virtd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 virtd_initrc_exec_t system_r;
+ #allow $2 system_r;
fs_search_tmpfs($1)
admin_pattern($1, virt_tmpfs_type)
diff --git a/policy/modules/contrib/vnstatd.if b/policy/modules/contrib/vnstatd.if
index 137ac44..99bddf4 100644
--- a/policy/modules/contrib/vnstatd.if
+++ b/policy/modules/contrib/vnstatd.if
@@ -168,10 +168,10 @@ interface(`vnstatd_admin',`
allow $1 vnstatd_t:process { ptrace signal_perms };
ps_process_pattern($1, vnstatd_t)
- init_labeled_script_domtrans($1, vnstatd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 vnstatd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, vnstatd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 vnstatd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, vnstatd_var_run_t)
diff --git a/policy/modules/contrib/watchdog.if b/policy/modules/contrib/watchdog.if
index 6461a77..44a1a7c 100644
--- a/policy/modules/contrib/watchdog.if
+++ b/policy/modules/contrib/watchdog.if
@@ -26,10 +26,10 @@ interface(`watchdog_admin',`
allow $1 watchdog_t:process { ptrace signal_perms };
ps_process_pattern($1, watchdog_t)
- init_labeled_script_domtrans($1, watchdog_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 watchdog_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, watchdog_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 watchdog_initrc_exec_t system_r;
+ #allow $2 system_r;
logging_search_logs($1)
admin_pattern($1, watchdog_log_t)
diff --git a/policy/modules/contrib/wdmd.if b/policy/modules/contrib/wdmd.if
index 1e3aec0..553b69a 100644
--- a/policy/modules/contrib/wdmd.if
+++ b/policy/modules/contrib/wdmd.if
@@ -45,10 +45,10 @@ interface(`wdmd_admin',`
allow $1 wdmd_t:process { ptrace signal_perms };
ps_process_pattern($1, wdmd_t)
- init_labeled_script_domtrans($1, wdmd_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 wdmd_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, wdmd_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 wdmd_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, wdmd_var_run_t)
diff --git a/policy/modules/contrib/xfs.if b/policy/modules/contrib/xfs.if
index 4570b86..3318873 100644
--- a/policy/modules/contrib/xfs.if
+++ b/policy/modules/contrib/xfs.if
@@ -84,10 +84,10 @@ interface(`xfs_admin',`
allow $1 xfs_t:process { ptrace signal_perms };
ps_process_pattern($1, xfs_t)
- init_labeled_script_domtrans($1, xfs_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 xfs_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, xfs_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 xfs_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_pids($1)
admin_pattern($1, xfs_var_run_t)
diff --git a/policy/modules/contrib/zabbix.if b/policy/modules/contrib/zabbix.if
index 29d87d7..0a75b8a 100644
--- a/policy/modules/contrib/zabbix.if
+++ b/policy/modules/contrib/zabbix.if
@@ -146,10 +146,10 @@ interface(`zabbix_admin',`
allow $1 { zabbix_t zabbix_agent_t }:process { ptrace signal_perms };
ps_process_pattern($1, { zabbix_t zabbix_agent_t })
- init_labeled_script_domtrans($1, { zabbix_agent_initrc_exec_t zabbix_initrc_exec_t })
- domain_system_change_exemption($1)
- role_transition $2 { zabbix_agent_initrc_exec_t zabbix_initrc_exec_t } system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, { zabbix_agent_initrc_exec_t zabbix_initrc_exec_t })
+ #domain_system_change_exemption($1)
+ #role_transition $2 { zabbix_agent_initrc_exec_t zabbix_initrc_exec_t } system_r;
+ #allow $2 system_r;
logging_list_logs($1)
admin_pattern($1, zabbix_log_t)
diff --git a/policy/modules/contrib/zarafa.if b/policy/modules/contrib/zarafa.if
index 83b4ca5..d2245ae 100644
--- a/policy/modules/contrib/zarafa.if
+++ b/policy/modules/contrib/zarafa.if
@@ -152,10 +152,10 @@ interface(`zarafa_admin',`
allow $1 zarafa_domain:process { ptrace signal_perms };
ps_process_pattern($1, zarafa_domain)
- init_labeled_script_domtrans($1, zarafa_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 zarafa_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, zarafa_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 zarafa_initrc_exec_t system_r;
+ #allow $2 system_r;
files_search_etc($1)
admin_pattern($1, zarafa_etc_t)
diff --git a/policy/modules/contrib/zebra.if b/policy/modules/contrib/zebra.if
index 3416401..33aa2ed 100644
--- a/policy/modules/contrib/zebra.if
+++ b/policy/modules/contrib/zebra.if
@@ -69,10 +69,10 @@ interface(`zebra_admin',`
allow $1 zebra_t:process { ptrace signal_perms };
ps_process_pattern($1, zebra_t)
- init_labeled_script_domtrans($1, zebra_initrc_exec_t)
- domain_system_change_exemption($1)
- role_transition $2 zebra_initrc_exec_t system_r;
- allow $2 system_r;
+ #init_labeled_script_domtrans($1, zebra_initrc_exec_t)
+ #domain_system_change_exemption($1)
+ #role_transition $2 zebra_initrc_exec_t system_r;
+ #allow $2 system_r;
files_list_etc($1)
admin_pattern($1, zebra_conf_t)
next reply other threads:[~2015-05-11 22:57 UTC|newest]
Thread overview: 413+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-05-11 22:57 Jason Zaman [this message]
-- strict thread matches above, loose matches on Subject: below --
2017-09-10 14:03 [gentoo-commits] proj/hardened-refpolicy:next commit in: policy/modules/contrib/ Jason Zaman
2017-09-10 14:03 Jason Zaman
2017-09-10 14:03 Jason Zaman
2017-09-10 14:03 Jason Zaman
2017-09-10 14:03 Jason Zaman
2017-09-10 14:03 Jason Zaman
2017-09-10 14:03 Jason Zaman
2017-09-10 14:03 Jason Zaman
2017-09-10 14:03 Jason Zaman
2017-09-10 14:03 Jason Zaman
2017-09-10 14:03 Jason Zaman
2017-09-10 14:03 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:08 Jason Zaman
2017-05-25 17:04 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-05-25 17:08 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-05-07 17:47 Jason Zaman
2017-05-07 17:47 Jason Zaman
2017-05-07 17:47 Jason Zaman
2017-05-07 17:47 Jason Zaman
2017-05-07 17:47 Jason Zaman
2017-05-07 17:47 Jason Zaman
2017-05-07 17:47 Jason Zaman
2017-05-07 17:47 Jason Zaman
2017-05-07 17:47 Jason Zaman
2017-05-07 17:47 Jason Zaman
2017-05-07 17:47 Jason Zaman
2017-05-07 17:47 Jason Zaman
2017-05-07 17:47 Jason Zaman
2017-05-07 17:47 Jason Zaman
2017-05-07 17:41 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-05-07 17:47 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-05-07 16:09 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-05-07 17:47 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-05-07 16:09 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-05-07 17:47 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-05-07 16:09 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-05-07 17:47 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-05-07 16:09 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-05-07 17:47 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:40 Jason Zaman
2017-04-30 9:32 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-04-30 9:40 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-04-30 9:32 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-04-30 9:40 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-04-30 9:32 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-04-30 9:40 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-04-30 9:32 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-04-30 9:40 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-04-30 9:32 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-04-30 9:40 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-04-30 9:32 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-04-30 9:40 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-03-30 17:09 Jason Zaman
2017-03-30 17:09 Jason Zaman
2017-03-30 17:09 Jason Zaman
2017-03-30 17:09 Jason Zaman
2017-03-30 17:09 Jason Zaman
2017-03-30 17:09 Jason Zaman
2017-03-30 17:09 Jason Zaman
2017-03-30 17:09 Jason Zaman
2017-03-30 17:09 Jason Zaman
2017-03-30 17:09 Jason Zaman
2017-03-30 17:09 Jason Zaman
2017-03-30 17:09 Jason Zaman
2017-03-30 17:09 Jason Zaman
2017-03-30 17:06 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-03-30 17:09 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-03-30 17:06 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-03-30 17:09 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-03-30 17:06 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-03-30 17:09 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-03-30 17:06 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-03-30 17:09 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-03-30 17:06 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-03-30 17:09 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-02-27 11:40 Jason Zaman
2017-02-27 11:40 Jason Zaman
2017-02-27 11:40 Jason Zaman
2017-02-27 11:40 Jason Zaman
2017-02-27 11:40 Jason Zaman
2017-02-27 11:40 Jason Zaman
2017-02-27 11:40 Jason Zaman
2017-02-27 11:40 Jason Zaman
2017-02-27 10:50 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-02-27 11:40 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-02-25 16:58 Jason Zaman
2017-02-25 16:58 Jason Zaman
2017-02-25 16:58 Jason Zaman
2017-02-25 16:58 Jason Zaman
2017-02-25 16:58 Jason Zaman
2017-02-25 16:58 Jason Zaman
2017-02-25 16:58 Jason Zaman
2017-02-25 16:58 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-02-25 16:58 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-02-25 15:28 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-02-25 16:58 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-02-25 14:59 Jason Zaman
2017-02-25 14:59 Jason Zaman
2017-02-25 14:59 Jason Zaman
2017-02-25 14:59 Jason Zaman
2017-02-25 14:59 Jason Zaman
2017-02-25 14:59 Jason Zaman
2017-02-25 14:59 Jason Zaman
2017-02-25 14:59 Jason Zaman
2017-02-25 14:59 Jason Zaman
2017-02-25 14:59 Jason Zaman
2017-02-25 14:59 Jason Zaman
2017-02-25 14:51 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-02-25 14:59 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-02-25 14:51 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-02-25 14:59 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-02-25 14:51 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-02-25 14:59 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-02-17 8:50 Jason Zaman
2017-02-17 8:50 Jason Zaman
2017-02-17 8:50 Jason Zaman
2017-02-17 8:50 Jason Zaman
2017-02-17 8:50 Jason Zaman
2017-02-17 8:50 Jason Zaman
2017-02-17 8:50 Jason Zaman
2017-02-17 8:50 Jason Zaman
2017-02-17 8:50 Jason Zaman
2017-02-17 8:50 Jason Zaman
2017-02-17 8:50 Jason Zaman
2017-02-17 8:50 Jason Zaman
2017-02-17 8:44 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-02-17 8:50 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-02-17 8:44 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-02-17 8:50 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-02-17 8:44 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-02-17 8:50 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-02-17 8:44 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-02-17 8:50 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-02-17 8:44 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-02-17 8:50 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-02-17 8:44 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-02-17 8:50 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-01-01 16:47 Jason Zaman
2017-01-01 16:47 Jason Zaman
2017-01-01 16:47 Jason Zaman
2017-01-01 16:47 Jason Zaman
2017-01-01 16:47 Jason Zaman
2017-01-01 16:37 Jason Zaman
2017-01-01 16:37 Jason Zaman
2017-01-01 16:37 Jason Zaman
2017-01-01 16:37 Jason Zaman
2017-01-01 16:37 Jason Zaman
2016-12-08 5:03 Jason Zaman
2016-12-08 5:03 Jason Zaman
2016-12-08 5:03 Jason Zaman
2016-12-08 5:03 Jason Zaman
2016-12-08 5:03 Jason Zaman
2016-12-08 5:03 Jason Zaman
2016-12-08 4:47 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-12-08 5:03 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-12-06 15:10 Jason Zaman
2016-12-06 15:10 Jason Zaman
2016-12-06 15:10 Jason Zaman
2016-12-06 15:10 Jason Zaman
2016-12-06 15:10 Jason Zaman
2016-12-06 15:10 Jason Zaman
2016-12-06 14:25 Jason Zaman
2016-12-06 14:25 Jason Zaman
2016-12-06 14:25 Jason Zaman
2016-12-06 14:25 Jason Zaman
2016-12-06 14:25 Jason Zaman
2016-12-06 14:25 Jason Zaman
2016-12-06 14:25 Jason Zaman
2016-12-06 14:25 Jason Zaman
2016-12-06 14:25 Jason Zaman
2016-12-06 14:21 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-12-06 14:25 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-12-06 13:39 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-12-06 14:25 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-12-06 13:39 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-12-06 14:25 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-12-06 13:39 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-12-06 14:25 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-12-06 13:39 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-12-06 14:25 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-12-06 13:39 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-12-06 14:25 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-12-06 13:39 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-12-06 14:25 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-12-06 13:39 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-12-06 14:25 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-12-06 13:39 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-12-06 14:25 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-12-06 13:39 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-12-06 14:25 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-10-26 11:08 Jason Zaman
2016-10-26 11:08 Jason Zaman
2016-10-26 11:08 Jason Zaman
2016-10-26 11:08 Jason Zaman
2016-10-26 11:08 Jason Zaman
2016-10-26 11:08 Jason Zaman
2016-10-26 11:08 Jason Zaman
2016-10-24 17:14 Sven Vermeulen
2016-10-24 17:14 Sven Vermeulen
2016-10-24 17:14 Sven Vermeulen
2016-10-24 17:14 Sven Vermeulen
2016-10-24 17:14 Sven Vermeulen
2016-10-24 16:56 [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2016-10-24 17:13 ` [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
2016-10-24 16:03 Sven Vermeulen
2016-10-24 16:03 Sven Vermeulen
2016-10-24 16:03 Sven Vermeulen
2016-10-24 16:03 Sven Vermeulen
2016-10-24 16:03 Sven Vermeulen
2016-10-24 16:03 Sven Vermeulen
2016-10-24 16:03 Sven Vermeulen
2016-10-24 16:02 [gentoo-commits] proj/hardened-refpolicy:swift " Sven Vermeulen
2016-10-24 16:03 ` [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
2016-10-24 16:02 [gentoo-commits] proj/hardened-refpolicy:swift " Sven Vermeulen
2016-10-24 16:03 ` [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
2016-10-24 16:02 [gentoo-commits] proj/hardened-refpolicy:swift " Sven Vermeulen
2016-10-24 16:03 ` [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
2016-10-24 16:02 [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2016-10-24 16:03 ` [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
2016-10-24 15:44 Jason Zaman
2016-10-03 6:26 Jason Zaman
2016-10-03 6:26 Jason Zaman
2016-10-03 6:26 Jason Zaman
2016-10-03 6:26 Jason Zaman
2016-10-03 6:26 Jason Zaman
2016-10-03 6:26 Jason Zaman
2016-10-03 6:26 Jason Zaman
2016-10-03 6:26 Jason Zaman
2016-10-03 6:26 Jason Zaman
2016-10-03 6:26 Jason Zaman
2016-10-03 6:26 Jason Zaman
2016-10-03 6:26 Jason Zaman
2016-10-03 6:26 Jason Zaman
2016-10-03 6:26 Jason Zaman
2016-10-03 6:20 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-10-03 6:26 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-10-03 6:20 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-10-03 6:26 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-10-03 6:20 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-10-03 6:26 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-10-03 6:20 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-10-03 6:26 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-10-03 6:20 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-10-03 6:26 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-10-03 6:20 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-10-03 6:26 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-10-03 6:20 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-10-03 6:26 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-08-17 16:59 Jason Zaman
2016-08-17 16:59 Jason Zaman
2016-08-17 16:59 Jason Zaman
2016-08-17 16:59 Jason Zaman
2016-08-17 16:59 Jason Zaman
2016-08-17 16:59 Jason Zaman
2016-08-17 16:59 Jason Zaman
2016-08-17 16:59 Jason Zaman
2016-08-17 16:59 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-08-17 16:59 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-08-17 16:59 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-08-17 16:59 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-08-17 16:59 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-08-17 16:59 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-08-13 18:35 Jason Zaman
2016-08-13 18:35 Jason Zaman
2016-08-13 18:35 Jason Zaman
2016-08-13 18:35 Jason Zaman
2016-08-13 18:35 Jason Zaman
2016-08-13 18:35 Jason Zaman
2016-08-13 18:35 Jason Zaman
2016-08-13 18:35 Jason Zaman
2016-08-13 18:35 Jason Zaman
2016-08-13 18:35 Jason Zaman
2016-08-13 18:35 Jason Zaman
2016-08-13 18:35 Jason Zaman
2016-08-13 18:32 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-08-13 18:35 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-08-13 18:32 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-08-13 18:35 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-08-13 18:32 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-08-13 18:35 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-08-13 18:32 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-08-13 18:35 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-08-13 18:32 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-08-13 18:35 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-08-13 18:32 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-08-13 18:35 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-05-26 19:28 Jason Zaman
2016-05-26 19:28 Jason Zaman
2016-05-26 17:39 Jason Zaman
2016-05-26 17:39 Jason Zaman
2016-05-26 15:54 Jason Zaman
2016-05-26 15:54 Jason Zaman
2015-12-18 4:14 Jason Zaman
2015-12-18 3:49 Jason Zaman
2015-12-17 18:52 Jason Zaman
2015-12-17 18:49 Jason Zaman
2015-12-17 18:49 Jason Zaman
2015-12-17 18:49 Jason Zaman
2015-12-17 18:49 Jason Zaman
2015-12-17 18:49 Jason Zaman
2015-12-17 18:49 Jason Zaman
2015-12-17 18:49 Jason Zaman
2015-12-17 18:49 Jason Zaman
2015-12-17 18:49 Jason Zaman
2015-12-17 18:49 Jason Zaman
2015-12-17 18:49 Jason Zaman
2015-12-17 16:10 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-12-17 18:49 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-12-17 16:10 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-12-17 18:49 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-12-17 16:10 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-12-17 18:49 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-12-17 16:10 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-12-17 18:49 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-12-17 16:10 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-12-17 18:49 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-12-17 16:10 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-12-17 18:49 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-11-23 13:42 Jason Zaman
2015-11-22 10:14 Jason Zaman
2015-11-22 10:14 Jason Zaman
2015-10-26 5:48 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-10-26 5:36 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-10-26 5:48 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-10-26 5:36 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-10-26 5:36 Jason Zaman
2015-10-22 13:44 Jason Zaman
2015-10-17 17:02 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-10-17 17:02 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-10-17 17:02 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-10-17 17:02 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-10-17 17:02 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-10-17 17:02 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-10-17 17:02 Jason Zaman
2015-10-11 10:48 Jason Zaman
2015-10-11 10:48 Jason Zaman
2015-09-20 7:00 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-10-11 10:48 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-09-06 11:25 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-09-06 11:23 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-09-06 11:25 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-09-06 11:23 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-09-06 11:23 Jason Zaman
2015-09-06 11:23 Jason Zaman
2015-09-02 14:41 Jason Zaman
2015-09-02 14:41 Jason Zaman
2015-08-27 19:52 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-08-27 19:52 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-08-27 19:11 Jason Zaman
2015-08-27 19:11 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-08-27 19:11 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-08-27 19:11 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-08-27 19:11 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-08-27 19:11 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-08-27 19:11 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-08-27 19:11 Jason Zaman
2015-08-27 19:11 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-08-27 19:11 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-08-27 18:58 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-08-26 6:46 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-08-27 18:00 Jason Zaman
2015-08-27 17:49 Jason Zaman
2015-08-27 13:26 Jason Zaman
2015-08-26 6:46 Jason Zaman
2015-08-26 6:46 Jason Zaman
2015-08-26 6:46 Jason Zaman
2015-08-26 6:46 Jason Zaman
2015-08-23 4:13 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-08-26 6:46 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-08-02 19:06 Jason Zaman
2015-08-02 19:06 Jason Zaman
2015-08-02 19:06 Jason Zaman
2015-08-02 19:06 Jason Zaman
2015-08-02 19:06 Jason Zaman
2015-08-02 19:06 Jason Zaman
2015-07-31 14:15 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-08-02 19:06 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-07-13 21:45 Jason Zaman
2015-07-13 21:45 Jason Zaman
2015-07-13 21:45 Jason Zaman
2015-07-13 21:45 Jason Zaman
2015-07-13 21:45 Jason Zaman
2015-07-13 21:45 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-07-13 21:45 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-07-13 21:45 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-07-13 21:45 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-07-13 20:59 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-07-13 21:45 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-07-11 19:57 Jason Zaman
2015-07-11 19:57 Jason Zaman
2015-07-11 19:57 Jason Zaman
2015-07-11 19:57 Jason Zaman
2015-07-11 19:57 Jason Zaman
2015-07-11 19:55 Jason Zaman
2015-07-11 19:52 Jason Zaman
2015-07-11 19:52 Jason Zaman
2015-07-11 19:52 Jason Zaman
2015-07-11 19:52 Jason Zaman
2015-07-11 19:52 Jason Zaman
2015-07-11 19:52 Jason Zaman
2015-07-02 19:28 Jason Zaman
2015-07-02 18:37 Jason Zaman
2015-07-02 18:07 Jason Zaman
2015-07-02 18:07 Jason Zaman
2015-07-02 18:07 Jason Zaman
2015-07-02 18:07 Jason Zaman
2015-07-02 17:07 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-07-02 18:07 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-05-11 22:10 Jason Zaman
2015-05-11 21:49 Jason Zaman
2015-03-29 10:01 Jason Zaman
2015-03-29 10:01 Jason Zaman
2015-03-29 10:01 Jason Zaman
2015-03-29 10:01 Jason Zaman
2015-03-29 9:59 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-03-29 10:01 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-03-25 16:01 Jason Zaman
2015-03-25 16:01 Jason Zaman
2015-03-25 16:01 Jason Zaman
2015-03-25 16:01 Jason Zaman
2015-03-25 16:01 Jason Zaman
2015-03-25 16:01 Jason Zaman
2015-03-25 16:01 Jason Zaman
2015-03-25 16:01 Jason Zaman
2015-03-25 16:01 Jason Zaman
2015-03-25 16:01 Jason Zaman
2015-03-25 16:01 Jason Zaman
2015-03-25 15:55 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-03-25 16:01 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-03-25 2:17 Jason Zaman
2015-03-24 13:25 Jason Zaman
2015-03-24 13:25 Jason Zaman
2015-03-23 14:58 Jason Zaman
2015-03-23 14:58 Jason Zaman
2015-03-23 14:58 Jason Zaman
2015-03-04 17:03 Sven Vermeulen
2015-03-04 17:03 Sven Vermeulen
2015-02-24 17:11 Jason Zaman
2015-02-24 17:11 Jason Zaman
2015-02-24 17:11 Jason Zaman
2015-02-24 17:11 Jason Zaman
2015-02-24 17:11 Jason Zaman
2015-02-24 17:11 Jason Zaman
2015-02-24 17:11 Jason Zaman
2015-02-24 17:11 Jason Zaman
2015-02-09 18:35 [gentoo-commits] proj/hardened-refpolicy:adminroles " Jason Zaman
2015-02-09 18:33 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-02-09 18:33 Jason Zaman
2015-01-29 9:12 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-01-29 8:38 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-01-29 9:12 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-01-29 8:38 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-01-29 8:38 Jason Zaman
2015-01-29 8:38 Jason Zaman
2015-01-29 8:38 Jason Zaman
2015-01-29 6:51 Jason Zaman
2015-01-29 6:51 Jason Zaman
2015-01-29 6:51 Jason Zaman
2015-01-29 6:51 Jason Zaman
2015-01-29 6:51 Jason Zaman
2015-01-26 5:59 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-01-29 6:51 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-01-25 13:46 Sven Vermeulen
2015-01-25 13:46 Sven Vermeulen
2015-01-25 13:46 Sven Vermeulen
2015-01-25 13:46 Sven Vermeulen
2015-01-25 13:46 Sven Vermeulen
2015-01-20 15:08 Jason Zaman
2015-01-20 15:08 Jason Zaman
2015-01-20 15:08 Jason Zaman
2015-01-20 15:08 Jason Zaman
2015-01-20 15:08 Jason Zaman
2014-12-21 12:49 [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2014-12-20 15:49 ` [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2014-11-28 11:16 Sven Vermeulen
2014-11-28 10:44 Sven Vermeulen
2014-11-28 9:40 [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-11-28 10:04 ` [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
2014-11-23 13:22 [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-11-28 10:04 ` [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1431384823.0e73c60284ee74368c9742064fe937620b15f8d4.perfinion@gentoo \
--to=perfinion@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox