[gentoo-commits] proj/hardened-refpolicy:master commit in: /, policy/flask/

[gentoo-commits] proj/hardened-refpolicy:master commit in: /, policy/flask/

[Jason Zaman]

commit:     985561a4219ed9456940e47d0cd9af1bb3d5c0df
Author:     Chris PeBenito <chpebeni <AT> linux <DOT> microsoft <DOT> com>
AuthorDate: Fri Oct 25 19:45:31 2019 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Mon Dec 16 13:13:11 2019 +0000
URL:        https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=985561a4

Move open, audit_access, and execmod to file common.

Signed-off-by: Chris PeBenito <chpebeni <AT> linux.microsoft.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>

 INSTALL                     |  3 +++
 policy/flask/access_vectors | 32 +++-----------------------------
 2 files changed, 6 insertions(+), 29 deletions(-)

diff --git a/INSTALL b/INSTALL
index f6baf840..0ec4e423 100644
--- a/INSTALL
+++ b/INSTALL
@@ -1,3 +1,6 @@
+Reference Policy has the following runtime requirements:
+	* Linux kernel >= 2.6.34
+
 Reference Policy has the following build requirements:
 	* SELinux userspace 2.8
 	* Python >= 3.4

diff --git a/policy/flask/access_vectors b/policy/flask/access_vectors
index 40d1c24d..30d3958d 100644
--- a/policy/flask/access_vectors
+++ b/policy/flask/access_vectors
@@ -28,6 +28,9 @@ common file
 	swapon
 	quotaon
 	mounton
+	open
+	audit_access
+	execmod
 }
 
 
@@ -208,9 +211,6 @@ inherits file
 	reparent
 	search
 	rmdir
-	open
-	audit_access
-	execmod
 }
 
 class file
@@ -218,52 +218,26 @@ inherits file
 {
 	execute_no_trans
 	entrypoint
-	execmod
-	open
-	audit_access
 }
 
 class lnk_file
 inherits file
-{
-	open
-	audit_access
-	execmod
-}
 
 class chr_file
 inherits file
 {
 	execute_no_trans
 	entrypoint
-	execmod
-	open
-	audit_access
 }
 
 class blk_file
 inherits file
-{
-	open
-	audit_access
-	execmod
-}
 
 class sock_file
 inherits file
-{
-	open
-	audit_access
-	execmod
-}
 
 class fifo_file
 inherits file
-{
-	open
-	audit_access
-	execmod
-}
 
 class fd
 {