public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed
* [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/, policy/modules/system/, policy/modules/kernel/
@ 2017-04-30  9:57 Jason Zaman
  0 siblings, 0 replies; only message in thread
From: Jason Zaman @ 2017-04-30  9:57 UTC (permalink / raw
  To: gentoo-commits

commit:     e06a9ea97b9d65ee80024b2f3586a7fb4e132217
Author:     Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sun Apr 30 09:57:08 2017 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Apr 30 09:57:08 2017 +0000
URL:        https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=e06a9ea9

Remove interfaces added upstream

 policy/modules/contrib/gnome.if | 29 -----------------------------
 policy/modules/kernel/files.if  | 20 --------------------
 policy/modules/system/init.te   |  1 -
 3 files changed, 50 deletions(-)

diff --git a/policy/modules/contrib/gnome.if b/policy/modules/contrib/gnome.if
index ce436cfd..4fcc6905 100644
--- a/policy/modules/contrib/gnome.if
+++ b/policy/modules/contrib/gnome.if
@@ -124,12 +124,6 @@ template(`gnome_role_template',`
 			wm_dbus_chat($1, $1_gkeyringd_t)
 		')
 	')
-
-	ifdef(`distro_gentoo',`
-		optional_policy(`
-			gnome_dbus_chat_gconfd($3)
-		')
-	')
 ')
 
 ########################################
@@ -841,29 +835,6 @@ interface(`gnome_stream_connect_all_gkeyringd',`
 	stream_connect_pattern($1, gnome_keyring_tmp_t, gnome_keyring_tmp_t, gkeyringd_domain)
 ')
 
-# From here Gentoo specific but cannot use ifdef distro_gentoo here
-
-#########################################
-## <summary>
-##	Send and receive messages from the gconf daemon
-##	over dbus.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`gnome_dbus_chat_gconfd',`
-	gen_require(`
-		type gconfd_t;
-		class dbus send_msg;
-	')
-
-	allow $1 gconfd_t:dbus send_msg;
-	allow gconfd_t $1:dbus send_msg;
-')
-
 ########################################
 ## <summary>
 ##	Manage gstreamer ORC optimized

diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index ef969a95..a74f7913 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -7232,26 +7232,6 @@ interface(`files_unconfined',`
 
 ########################################
 ## <summary>
-##	Create PID directories.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`files_create_pid_dirs',`
-	gen_require(`
-		type var_t, var_run_t;
-	')
-
-	allow $1 var_t:dir search_dir_perms;
-	allow $1 var_run_t:lnk_file read_lnk_file_perms;
-	create_dirs_pattern($1, var_run_t, var_run_t)
-')
-
-########################################
-## <summary>
 ##	Create, read, write, and delete symbolic links in
 ##	/etc that are dynamically created on boot.
 ## </summary>

diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index 5c6830f2..07238399 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -1350,7 +1350,6 @@ ifdef(`distro_gentoo',`
 	# needs to chmod some devices in early boot
 	dev_setattr_generic_chr_files(initrc_t)
 
-	files_create_pid_dirs(initrc_t)
 	files_dontaudit_write_usr_dirs(initrc_t)
 	files_manage_generic_tmp_dirs(initrc_t)
 	files_manage_generic_tmp_files(initrc_t)


^ permalink raw reply related	[flat|nested] only message in thread
only message in thread, other threads:[~2017-04-30  9:57 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-04-30  9:57 [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/, policy/modules/system/, policy/modules/kernel/ Jason Zaman

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox