Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Jason Zaman <perfinion@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/, policy/modules/kernel/, doc/
Date: Mon, 31 Jan 2022 19:31:26
Message-Id: 1643657276.b293bd6062b6007870720a7a8ed255cf2f667280.perfinion@gentoo
1 commit: b293bd6062b6007870720a7a8ed255cf2f667280
2 Author: Jason Zaman <perfinion <AT> gentoo <DOT> org>
3 AuthorDate: Mon Jan 31 19:27:56 2022 +0000
4 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
5 CommitDate: Mon Jan 31 19:27:56 2022 +0000
6 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=b293bd60
7
8 Update generated policy and doc files
9
10 Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
11
12 doc/policy.xml | 11907 ++++++++++++++++++++-------------
13 policy/booleans.conf | 64 +-
14 policy/modules.conf | 35 +
15 policy/modules/kernel/corenetwork.if | 421 ++
16 policy/modules/kernel/corenetwork.te | 15 +-
17 5 files changed, 7744 insertions(+), 4698 deletions(-)
18
19 diff --git a/doc/policy.xml b/doc/policy.xml
20 index 12758be9..35687d71 100644
21 --- a/doc/policy.xml
22 +++ b/doc/policy.xml
23 @@ -3472,22 +3472,33 @@ Role allowed access.
24 </module>
25 <module name="shutdown" filename="policy/modules/admin/shutdown.if">
26 <summary>System shutdown command.</summary>
27 -<interface name="shutdown_role" lineno="18">
28 +<template name="shutdown_role" lineno="29">
29 <summary>
30 Role access for shutdown.
31 </summary>
32 -<param name="role">
33 +<param name="role_prefix">
34 <summary>
35 -Role allowed access.
36 +The prefix of the user role (e.g., user
37 +is the prefix for user_r).
38 </summary>
39 </param>
40 -<param name="domain">
41 +<param name="user_domain">
42 <summary>
43 User domain for the role.
44 </summary>
45 </param>
46 -</interface>
47 -<interface name="shutdown_domtrans" lineno="39">
48 +<param name="user_exec_domain">
49 +<summary>
50 +User exec domain for execute and transition access.
51 +</summary>
52 +</param>
53 +<param name="role">
54 +<summary>
55 +Role allowed access
56 +</summary>
57 +</param>
58 +</template>
59 +<interface name="shutdown_domtrans" lineno="64">
60 <summary>
61 Execute a domain transition to run shutdown.
62 </summary>
63 @@ -3497,7 +3508,7 @@ Domain allowed to transition.
64 </summary>
65 </param>
66 </interface>
67 -<interface name="shutdown_run" lineno="65">
68 +<interface name="shutdown_run" lineno="90">
69 <summary>
70 Execute shutdown in the shutdown
71 domain, and allow the specified role
72 @@ -3514,7 +3525,7 @@ Role allowed access.
73 </summary>
74 </param>
75 </interface>
76 -<interface name="shutdown_signal" lineno="84">
77 +<interface name="shutdown_signal" lineno="109">
78 <summary>
79 Send generic signals to shutdown.
80 </summary>
81 @@ -3524,7 +3535,7 @@ Domain allowed access.
82 </summary>
83 </param>
84 </interface>
85 -<interface name="shutdown_sigchld" lineno="102">
86 +<interface name="shutdown_sigchld" lineno="127">
87 <summary>
88 Send SIGCHLD signals to shutdown.
89 </summary>
90 @@ -3534,7 +3545,7 @@ Domain allowed access.
91 </summary>
92 </param>
93 </interface>
94 -<interface name="shutdown_getattr_exec_files" lineno="120">
95 +<interface name="shutdown_getattr_exec_files" lineno="145">
96 <summary>
97 Get attributes of shutdown executable files.
98 </summary>
99 @@ -3544,6 +3555,16 @@ Domain allowed access.
100 </summary>
101 </param>
102 </interface>
103 +<tunable name="shutdown_allow_user_exec_domains" dftval="false">
104 +<desc>
105 +<p>
106 +Determine whether the user application exec
107 +domain attribute should be respected for
108 +shutdown access. If not enabled, only user
109 +domains themselves may use shutdown.
110 +</p>
111 +</desc>
112 +</tunable>
113 </module>
114 <module name="sosreport" filename="policy/modules/admin/sosreport.if">
115 <summary>Generate debugging information for system.</summary>
116 @@ -3650,7 +3671,7 @@ The role associated with the user domain.
117 </summary>
118 </param>
119 </template>
120 -<template name="su_role_template" lineno="144">
121 +<template name="su_role_template" lineno="149">
122 <summary>
123 The role template for the su module.
124 </summary>
125 @@ -3660,18 +3681,23 @@ The prefix of the user role (e.g., user
126 is the prefix for user_r).
127 </summary>
128 </param>
129 -<param name="user_role">
130 +<param name="user_domain">
131 <summary>
132 -The role associated with the user domain.
133 +User domain for the role.
134 </summary>
135 </param>
136 -<param name="user_domain">
137 +<param name="user_exec_domain">
138 <summary>
139 -The type of the user domain.
140 +User exec domain for execute and transition access.
141 +</summary>
142 +</param>
143 +<param name="role">
144 +<summary>
145 +Role allowed access
146 </summary>
147 </param>
148 </template>
149 -<interface name="su_exec" lineno="280">
150 +<interface name="su_exec" lineno="303">
151 <summary>
152 Execute su in the caller domain.
153 </summary>
154 @@ -3681,10 +3707,20 @@ Domain allowed access.
155 </summary>
156 </param>
157 </interface>
158 +<tunable name="su_allow_user_exec_domains" dftval="false">
159 +<desc>
160 +<p>
161 +Determine whether the user application
162 +exec domain attribute should be respected
163 +for su access. If not enabled, only user
164 +domains themselves may use su.
165 +</p>
166 +</desc>
167 +</tunable>
168 </module>
169 <module name="sudo" filename="policy/modules/admin/sudo.if">
170 <summary>Execute a command with a substitute user</summary>
171 -<template name="sudo_role_template" lineno="31">
172 +<template name="sudo_role_template" lineno="36">
173 <summary>
174 The role template for the sudo module.
175 </summary>
176 @@ -3701,18 +3737,23 @@ The prefix of the user role (e.g., user
177 is the prefix for user_r).
178 </summary>
179 </param>
180 -<param name="user_role">
181 +<param name="user_domain">
182 <summary>
183 -The user role.
184 +User domain for the role.
185 </summary>
186 </param>
187 -<param name="user_domain">
188 +<param name="user_exec_domain">
189 <summary>
190 -The user domain associated with the role.
191 +User exec domain for execute and transition access.
192 +</summary>
193 +</param>
194 +<param name="role">
195 +<summary>
196 +Role allowed access
197 </summary>
198 </param>
199 </template>
200 -<interface name="sudo_sigchld" lineno="195">
201 +<interface name="sudo_sigchld" lineno="215">
202 <summary>
203 Send a SIGCHLD signal to the sudo domain.
204 </summary>
205 @@ -3733,6 +3774,16 @@ required for users to use sudo.
206 </p>
207 </desc>
208 </tunable>
209 +<tunable name="sudo_allow_user_exec_domains" dftval="false">
210 +<desc>
211 +<p>
212 +Determine whether the user application exec
213 +domain attribute should be respected for sudo
214 +access. If not enabled, only user domains
215 +themselves may use sudo.
216 +</p>
217 +</desc>
218 +</tunable>
219 </module>
220 <module name="sxid" filename="policy/modules/admin/sxid.if">
221 <summary>SUID/SGID program monitoring.</summary>
222 @@ -4409,22 +4460,33 @@ Role allowed access.
223 </module>
224 <module name="cdrecord" filename="policy/modules/apps/cdrecord.if">
225 <summary>Record audio or data Compact Discs from a master.</summary>
226 -<interface name="cdrecord_role" lineno="18">
227 +<template name="cdrecord_role" lineno="29">
228 <summary>
229 Role access for cdrecord.
230 </summary>
231 -<param name="role">
232 +<param name="role_prefix">
233 <summary>
234 -Role allowed access.
235 +The prefix of the user role (e.g., user
236 +is the prefix for user_r).
237 </summary>
238 </param>
239 -<param name="domain">
240 +<param name="user_domain">
241 <summary>
242 User domain for the role.
243 </summary>
244 </param>
245 -</interface>
246 -<interface name="cdrecord_exec" lineno="44">
247 +<param name="user_exec_domain">
248 +<summary>
249 +User exec domain for execute and transition access.
250 +</summary>
251 +</param>
252 +<param name="role">
253 +<summary>
254 +Role allowed access
255 +</summary>
256 +</param>
257 +</template>
258 +<interface name="cdrecord_exec" lineno="59">
259 <summary>
260 Execute cdrecord in the caller domain.
261 </summary>
262 @@ -4447,22 +4509,33 @@ content files
263 </module>
264 <module name="chromium" filename="policy/modules/apps/chromium.if">
265 <summary>Chromium browser</summary>
266 -<interface name="chromium_role" lineno="18">
267 +<template name="chromium_role" lineno="29">
268 <summary>
269 Role access for chromium
270 </summary>
271 -<param name="role">
272 +<param name="role_prefix">
273 <summary>
274 -Role allowed access
275 +The prefix of the user role (e.g., user
276 +is the prefix for user_r).
277 </summary>
278 </param>
279 -<param name="domain">
280 +<param name="user_domain">
281 <summary>
282 -User domain for the role
283 +User domain for the role.
284 </summary>
285 </param>
286 -</interface>
287 -<interface name="chromium_rw_tmp_pipes" lineno="67">
288 +<param name="user_exec_domain">
289 +<summary>
290 +User exec domain for execute and transition access.
291 +</summary>
292 +</param>
293 +<param name="role">
294 +<summary>
295 +Role allowed access
296 +</summary>
297 +</param>
298 +</template>
299 +<interface name="chromium_rw_tmp_pipes" lineno="82">
300 <summary>
301 Read-write access to Chromiums' temporary fifo files
302 </summary>
303 @@ -4472,7 +4545,7 @@ Domain allowed access
304 </summary>
305 </param>
306 </interface>
307 -<interface name="chromium_tmp_filetrans" lineno="101">
308 +<interface name="chromium_tmp_filetrans" lineno="116">
309 <summary>
310 Automatically use the specified type for resources created in chromium's
311 temporary locations
312 @@ -4498,7 +4571,7 @@ The name of the resource being created
313 </summary>
314 </param>
315 </interface>
316 -<interface name="chromium_domtrans" lineno="120">
317 +<interface name="chromium_domtrans" lineno="135">
318 <summary>
319 Execute a domain transition to the chromium domain (chromium_t)
320 </summary>
321 @@ -4508,7 +4581,7 @@ Domain allowed access
322 </summary>
323 </param>
324 </interface>
325 -<interface name="chromium_run" lineno="146">
326 +<interface name="chromium_run" lineno="161">
327 <summary>
328 Execute chromium in the chromium domain and allow the specified role to access the chromium domain
329 </summary>
330 @@ -4612,21 +4685,32 @@ Domain allowed access.
331 </module>
332 <module name="cryfs" filename="policy/modules/apps/cryfs.if">
333 <summary>CryFS and similar other tools which mount encrypted directories using FUSE.</summary>
334 -<interface name="cryfs_role" lineno="18">
335 +<template name="cryfs_role" lineno="29">
336 <summary>
337 Role access for CryFS.
338 </summary>
339 -<param name="role">
340 +<param name="role_prefix">
341 <summary>
342 -Role allowed access.
343 +The prefix of the user role (e.g., user
344 +is the prefix for user_r).
345 </summary>
346 </param>
347 -<param name="domain">
348 +<param name="user_domain">
349 <summary>
350 User domain for the role.
351 </summary>
352 </param>
353 -</interface>
354 +<param name="user_exec_domain">
355 +<summary>
356 +User exec domain for execute and transition access.
357 +</summary>
358 +</param>
359 +<param name="role">
360 +<summary>
361 +Role allowed access
362 +</summary>
363 +</param>
364 +</template>
365 <tunable name="cryfs_read_generic_user_content" dftval="true">
366 <desc>
367 <p>
368 @@ -4658,22 +4742,33 @@ Grant the cryfs domains manage rights on all user content
369 </module>
370 <module name="evolution" filename="policy/modules/apps/evolution.if">
371 <summary>Evolution email client.</summary>
372 -<interface name="evolution_role" lineno="18">
373 +<template name="evolution_role" lineno="29">
374 <summary>
375 Role access for evolution.
376 </summary>
377 -<param name="role">
378 +<param name="role_prefix">
379 <summary>
380 -Role allowed access.
381 +The prefix of the user role (e.g., user
382 +is the prefix for user_r).
383 </summary>
384 </param>
385 -<param name="domain">
386 +<param name="user_domain">
387 <summary>
388 User domain for the role.
389 </summary>
390 </param>
391 -</interface>
392 -<interface name="evolution_home_filetrans" lineno="99">
393 +<param name="user_exec_domain">
394 +<summary>
395 +User exec domain for execute and transition access.
396 +</summary>
397 +</param>
398 +<param name="role">
399 +<summary>
400 +Role allowed access
401 +</summary>
402 +</param>
403 +</template>
404 +<interface name="evolution_home_filetrans" lineno="118">
405 <summary>
406 Create objects in the evolution home
407 directories with a private type.
408 @@ -4699,7 +4794,7 @@ The name of the object being created.
409 </summary>
410 </param>
411 </interface>
412 -<interface name="evolution_read_home_files" lineno="118">
413 +<interface name="evolution_read_home_files" lineno="137">
414 <summary>
415 Read evolution home files.
416 </summary>
417 @@ -4709,7 +4804,7 @@ Domain allowed access.
418 </summary>
419 </param>
420 </interface>
421 -<interface name="evolution_stream_connect" lineno="137">
422 +<interface name="evolution_stream_connect" lineno="156">
423 <summary>
424 Connect to evolution using a unix
425 domain stream socket.
426 @@ -4720,7 +4815,7 @@ Domain allowed access.
427 </summary>
428 </param>
429 </interface>
430 -<interface name="evolution_read_orbit_tmp_files" lineno="158">
431 +<interface name="evolution_read_orbit_tmp_files" lineno="177">
432 <summary>
433 Read evolution orbit temporary
434 files.
435 @@ -4731,7 +4826,7 @@ Domain allowed access.
436 </summary>
437 </param>
438 </interface>
439 -<interface name="evolution_dbus_chat" lineno="179">
440 +<interface name="evolution_dbus_chat" lineno="198">
441 <summary>
442 Send and receive messages from
443 evolution over dbus.
444 @@ -4742,7 +4837,7 @@ Domain allowed access.
445 </summary>
446 </param>
447 </interface>
448 -<interface name="evolution_alarm_dbus_chat" lineno="200">
449 +<interface name="evolution_alarm_dbus_chat" lineno="219">
450 <summary>
451 Send and receive messages from
452 evolution_alarm over dbus.
453 @@ -4753,7 +4848,7 @@ Domain allowed access.
454 </summary>
455 </param>
456 </interface>
457 -<interface name="evolution_domtrans" lineno="221">
458 +<interface name="evolution_domtrans" lineno="240">
459 <summary>
460 Make a domain transition to the
461 evolution target domain.
462 @@ -4804,22 +4899,33 @@ Grant the evolution domains manage rights on all user content
463 </module>
464 <module name="games" filename="policy/modules/apps/games.if">
465 <summary>Various games.</summary>
466 -<interface name="games_role" lineno="18">
467 +<template name="games_role" lineno="29">
468 <summary>
469 Role access for games.
470 </summary>
471 -<param name="role">
472 +<param name="role_prefix">
473 <summary>
474 -Role allowed access.
475 +The prefix of the user role (e.g., user
476 +is the prefix for user_r).
477 </summary>
478 </param>
479 -<param name="domain">
480 +<param name="user_domain">
481 <summary>
482 User domain for the role.
483 </summary>
484 </param>
485 -</interface>
486 -<interface name="games_rw_data" lineno="52">
487 +<param name="user_exec_domain">
488 +<summary>
489 +User exec domain for execute and transition access.
490 +</summary>
491 +</param>
492 +<param name="role">
493 +<summary>
494 +Role allowed access
495 +</summary>
496 +</param>
497 +</template>
498 +<interface name="games_rw_data" lineno="67">
499 <summary>
500 Read and write games data files.
501 </summary>
502 @@ -4829,7 +4935,7 @@ Domain allowed access.
503 </summary>
504 </param>
505 </interface>
506 -<interface name="games_domtrans" lineno="71">
507 +<interface name="games_domtrans" lineno="86">
508 <summary>
509 Run a game in the game domain.
510 </summary>
511 @@ -4839,7 +4945,7 @@ Domain allowed to transition.
512 </summary>
513 </param>
514 </interface>
515 -<interface name="games_dbus_chat" lineno="91">
516 +<interface name="games_dbus_chat" lineno="106">
517 <summary>
518 Send and receive messages from
519 games over dbus.
520 @@ -4911,28 +5017,33 @@ Determine whether Gitosis can send mail.
521 </module>
522 <module name="gnome" filename="policy/modules/apps/gnome.if">
523 <summary>GNU network object model environment.</summary>
524 -<template name="gnome_role_template" lineno="24">
525 +<template name="gnome_role_template" lineno="29">
526 <summary>
527 The role template for gnome.
528 </summary>
529 <param name="role_prefix">
530 <summary>
531 -The prefix of the user domain (e.g., user
532 -is the prefix for user_t).
533 +The prefix of the user role (e.g., user
534 +is the prefix for user_r).
535 </summary>
536 </param>
537 -<param name="user_role">
538 +<param name="user_domain">
539 <summary>
540 -The role associated with the user domain.
541 +User domain for the role.
542 </summary>
543 </param>
544 -<param name="user_domain">
545 +<param name="user_exec_domain">
546 <summary>
547 -The type of the user domain.
548 +User exec domain for execute and transition access.
549 +</summary>
550 +</param>
551 +<param name="role">
552 +<summary>
553 +Role allowed access
554 </summary>
555 </param>
556 </template>
557 -<interface name="gnome_exec_gconf" lineno="121">
558 +<interface name="gnome_exec_gconf" lineno="134">
559 <summary>
560 Execute gconf in the caller domain.
561 </summary>
562 @@ -4942,7 +5053,7 @@ Domain allowed access.
563 </summary>
564 </param>
565 </interface>
566 -<interface name="gnome_read_gconf_config" lineno="140">
567 +<interface name="gnome_read_gconf_config" lineno="153">
568 <summary>
569 Read gconf configuration content.
570 </summary>
571 @@ -4952,7 +5063,7 @@ Domain allowed access.
572 </summary>
573 </param>
574 </interface>
575 -<interface name="gnome_dontaudit_read_inherited_gconf_config_files" lineno="162">
576 +<interface name="gnome_dontaudit_read_inherited_gconf_config_files" lineno="175">
577 <summary>
578 Do not audit attempts to read
579 inherited gconf configuration files.
580 @@ -4963,7 +5074,7 @@ Domain to not audit.
581 </summary>
582 </param>
583 </interface>
584 -<interface name="gnome_manage_gconf_config" lineno="181">
585 +<interface name="gnome_manage_gconf_config" lineno="194">
586 <summary>
587 Create, read, write, and delete
588 gconf configuration content.
589 @@ -4974,7 +5085,7 @@ Domain allowed access.
590 </summary>
591 </param>
592 </interface>
593 -<interface name="gnome_stream_connect_gconf" lineno="203">
594 +<interface name="gnome_stream_connect_gconf" lineno="216">
595 <summary>
596 Connect to gconf using a unix
597 domain stream socket.
598 @@ -4985,7 +5096,7 @@ Domain allowed access.
599 </summary>
600 </param>
601 </interface>
602 -<interface name="gnome_domtrans_gconfd" lineno="222">
603 +<interface name="gnome_domtrans_gconfd" lineno="235">
604 <summary>
605 Run gconfd in gconfd domain.
606 </summary>
607 @@ -4995,7 +5106,7 @@ Domain allowed to transition.
608 </summary>
609 </param>
610 </interface>
611 -<interface name="gnome_create_generic_home_dirs" lineno="241">
612 +<interface name="gnome_create_generic_home_dirs" lineno="254">
613 <summary>
614 Create generic gnome home directories.
615 </summary>
616 @@ -5005,7 +5116,7 @@ Domain allowed access.
617 </summary>
618 </param>
619 </interface>
620 -<interface name="gnome_setattr_generic_home_dirs" lineno="260">
621 +<interface name="gnome_setattr_generic_home_dirs" lineno="273">
622 <summary>
623 Set attributes of generic gnome
624 user home directories.
625 @@ -5016,7 +5127,7 @@ Domain allowed access.
626 </summary>
627 </param>
628 </interface>
629 -<interface name="gnome_read_generic_home_content" lineno="279">
630 +<interface name="gnome_read_generic_home_content" lineno="292">
631 <summary>
632 Read generic gnome home content.
633 </summary>
634 @@ -5026,7 +5137,7 @@ Domain allowed access.
635 </summary>
636 </param>
637 </interface>
638 -<interface name="gnome_manage_generic_home_content" lineno="303">
639 +<interface name="gnome_manage_generic_home_content" lineno="316">
640 <summary>
641 Create, read, write, and delete
642 generic gnome home content.
643 @@ -5037,7 +5148,7 @@ Domain allowed access.
644 </summary>
645 </param>
646 </interface>
647 -<interface name="gnome_search_generic_home" lineno="326">
648 +<interface name="gnome_search_generic_home" lineno="339">
649 <summary>
650 Search generic gnome home directories.
651 </summary>
652 @@ -5047,7 +5158,7 @@ Domain allowed access.
653 </summary>
654 </param>
655 </interface>
656 -<interface name="gnome_home_filetrans" lineno="361">
657 +<interface name="gnome_home_filetrans" lineno="374">
658 <summary>
659 Create objects in gnome user home
660 directories with a private type.
661 @@ -5073,7 +5184,7 @@ The name of the object being created.
662 </summary>
663 </param>
664 </interface>
665 -<interface name="gnome_create_generic_gconf_home_dirs" lineno="380">
666 +<interface name="gnome_create_generic_gconf_home_dirs" lineno="393">
667 <summary>
668 Create generic gconf home directories.
669 </summary>
670 @@ -5083,7 +5194,7 @@ Domain allowed access.
671 </summary>
672 </param>
673 </interface>
674 -<interface name="gnome_read_generic_gconf_home_content" lineno="398">
675 +<interface name="gnome_read_generic_gconf_home_content" lineno="411">
676 <summary>
677 Read generic gconf home content.
678 </summary>
679 @@ -5093,7 +5204,7 @@ Domain allowed access.
680 </summary>
681 </param>
682 </interface>
683 -<interface name="gnome_manage_generic_gconf_home_content" lineno="422">
684 +<interface name="gnome_manage_generic_gconf_home_content" lineno="435">
685 <summary>
686 Create, read, write, and delete
687 generic gconf home content.
688 @@ -5104,7 +5215,7 @@ Domain allowed access.
689 </summary>
690 </param>
691 </interface>
692 -<interface name="gnome_search_generic_gconf_home" lineno="445">
693 +<interface name="gnome_search_generic_gconf_home" lineno="458">
694 <summary>
695 Search generic gconf home directories.
696 </summary>
697 @@ -5114,7 +5225,7 @@ Domain allowed access.
698 </summary>
699 </param>
700 </interface>
701 -<interface name="gnome_home_filetrans_gconf_home" lineno="476">
702 +<interface name="gnome_home_filetrans_gconf_home" lineno="489">
703 <summary>
704 Create objects in user home
705 directories with the generic gconf
706 @@ -5136,7 +5247,7 @@ The name of the object being created.
707 </summary>
708 </param>
709 </interface>
710 -<interface name="gnome_home_filetrans_gnome_home" lineno="506">
711 +<interface name="gnome_home_filetrans_gnome_home" lineno="519">
712 <summary>
713 Create objects in user home
714 directories with the generic gnome
715 @@ -5158,7 +5269,7 @@ The name of the object being created.
716 </summary>
717 </param>
718 </interface>
719 -<interface name="gnome_gconf_home_filetrans" lineno="540">
720 +<interface name="gnome_gconf_home_filetrans" lineno="553">
721 <summary>
722 Create objects in gnome gconf home
723 directories with a private type.
724 @@ -5184,7 +5295,7 @@ The name of the object being created.
725 </summary>
726 </param>
727 </interface>
728 -<interface name="gnome_user_home_dir_filetrans_gstreamer_orcexec" lineno="571">
729 +<interface name="gnome_user_home_dir_filetrans_gstreamer_orcexec" lineno="584">
730 <summary>
731 Create objects in user home
732 directories with the gstreamer
733 @@ -5206,7 +5317,7 @@ The name of the object being created.
734 </summary>
735 </param>
736 </interface>
737 -<interface name="gnome_user_runtime_filetrans_gstreamer_orcexec" lineno="601">
738 +<interface name="gnome_user_runtime_filetrans_gstreamer_orcexec" lineno="614">
739 <summary>
740 Create objects in the user
741 runtime directories with the
742 @@ -5228,7 +5339,7 @@ The name of the object being created.
743 </summary>
744 </param>
745 </interface>
746 -<interface name="gnome_read_keyring_home_files" lineno="619">
747 +<interface name="gnome_read_keyring_home_files" lineno="632">
748 <summary>
749 Read generic gnome keyring home files.
750 </summary>
751 @@ -5238,7 +5349,7 @@ Domain allowed access.
752 </summary>
753 </param>
754 </interface>
755 -<interface name="gnome_dbus_chat_gconfd" lineno="640">
756 +<interface name="gnome_dbus_chat_gconfd" lineno="653">
757 <summary>
758 Send and receive messages from
759 gnome configuration daemon over
760 @@ -5250,7 +5361,7 @@ Domain allowed access.
761 </summary>
762 </param>
763 </interface>
764 -<template name="gnome_dbus_chat_gkeyringd" lineno="667">
765 +<template name="gnome_dbus_chat_gkeyringd" lineno="680">
766 <summary>
767 Send and receive messages from
768 gnome keyring daemon over dbus.
769 @@ -5267,7 +5378,7 @@ Domain allowed access.
770 </summary>
771 </param>
772 </template>
773 -<interface name="gnome_dbus_chat_all_gkeyringd" lineno="688">
774 +<interface name="gnome_dbus_chat_all_gkeyringd" lineno="701">
775 <summary>
776 Send and receive messages from all
777 gnome keyring daemon over dbus.
778 @@ -5278,7 +5389,7 @@ Domain allowed access.
779 </summary>
780 </param>
781 </interface>
782 -<interface name="gnome_spec_domtrans_all_gkeyringd" lineno="708">
783 +<interface name="gnome_spec_domtrans_all_gkeyringd" lineno="721">
784 <summary>
785 Run all gkeyringd in gkeyringd domain.
786 </summary>
787 @@ -5288,7 +5399,7 @@ Domain allowed to transition.
788 </summary>
789 </param>
790 </interface>
791 -<template name="gnome_stream_connect_gkeyringd" lineno="735">
792 +<template name="gnome_stream_connect_gkeyringd" lineno="748">
793 <summary>
794 Connect to gnome keyring daemon
795 with a unix stream socket.
796 @@ -5305,7 +5416,7 @@ Domain allowed access.
797 </summary>
798 </param>
799 </template>
800 -<interface name="gnome_stream_connect_all_gkeyringd" lineno="756">
801 +<interface name="gnome_stream_connect_all_gkeyringd" lineno="769">
802 <summary>
803 Connect to all gnome keyring daemon
804 with a unix stream socket.
805 @@ -5316,7 +5427,7 @@ Domain allowed access.
806 </summary>
807 </param>
808 </interface>
809 -<interface name="gnome_manage_gstreamer_orcexec" lineno="778">
810 +<interface name="gnome_manage_gstreamer_orcexec" lineno="791">
811 <summary>
812 Manage gstreamer ORC optimized
813 code.
814 @@ -5327,7 +5438,7 @@ Domain allowed access.
815 </summary>
816 </param>
817 </interface>
818 -<interface name="gnome_mmap_gstreamer_orcexec" lineno="797">
819 +<interface name="gnome_mmap_gstreamer_orcexec" lineno="810">
820 <summary>
821 Mmap gstreamer ORC optimized
822 code.
823 @@ -5341,22 +5452,33 @@ Domain allowed access.
824 </module>
825 <module name="gpg" filename="policy/modules/apps/gpg.if">
826 <summary>Policy for GNU Privacy Guard and related programs.</summary>
827 -<interface name="gpg_role" lineno="18">
828 +<template name="gpg_role" lineno="29">
829 <summary>
830 Role access for gpg.
831 </summary>
832 -<param name="role">
833 +<param name="role_prefix">
834 <summary>
835 -Role allowed access.
836 +The prefix of the user role (e.g., user
837 +is the prefix for user_r).
838 </summary>
839 </param>
840 -<param name="domain">
841 +<param name="user_domain">
842 <summary>
843 User domain for the role.
844 </summary>
845 </param>
846 -</interface>
847 -<interface name="gpg_domtrans" lineno="64">
848 +<param name="user_exec_domain">
849 +<summary>
850 +User exec domain for execute and transition access.
851 +</summary>
852 +</param>
853 +<param name="role">
854 +<summary>
855 +Role allowed access
856 +</summary>
857 +</param>
858 +</template>
859 +<interface name="gpg_domtrans" lineno="80">
860 <summary>
861 Execute the gpg in the gpg domain.
862 </summary>
863 @@ -5366,7 +5488,7 @@ Domain allowed to transition.
864 </summary>
865 </param>
866 </interface>
867 -<interface name="gpg_exec" lineno="83">
868 +<interface name="gpg_exec" lineno="99">
869 <summary>
870 Execute the gpg in the caller domain.
871 </summary>
872 @@ -5376,7 +5498,7 @@ Domain allowed access.
873 </summary>
874 </param>
875 </interface>
876 -<interface name="gpg_spec_domtrans" lineno="117">
877 +<interface name="gpg_spec_domtrans" lineno="133">
878 <summary>
879 Execute gpg in a specified domain.
880 </summary>
881 @@ -5401,7 +5523,7 @@ Domain to transition to.
882 </summary>
883 </param>
884 </interface>
885 -<interface name="gpg_exec_agent" lineno="136">
886 +<interface name="gpg_exec_agent" lineno="152">
887 <summary>
888 Execute the gpg-agent in the caller domain.
889 </summary>
890 @@ -5411,7 +5533,17 @@ Domain allowed access.
891 </summary>
892 </param>
893 </interface>
894 -<interface name="gpg_entry_type" lineno="156">
895 +<interface name="gpg_dontaudit_exec_agent" lineno="171">
896 +<summary>
897 +Do not audit attempts to execute the gpg-agent.
898 +</summary>
899 +<param name="domain">
900 +<summary>
901 +Domain to not audit.
902 +</summary>
903 +</param>
904 +</interface>
905 +<interface name="gpg_entry_type" lineno="190">
906 <summary>
907 Make gpg executable files an
908 entrypoint for the specified domain.
909 @@ -5422,7 +5554,7 @@ The domain for which gpg_exec_t is an entrypoint.
910 </summary>
911 </param>
912 </interface>
913 -<interface name="gpg_signal" lineno="174">
914 +<interface name="gpg_signal" lineno="208">
915 <summary>
916 Send generic signals to gpg.
917 </summary>
918 @@ -5432,7 +5564,7 @@ Domain allowed access.
919 </summary>
920 </param>
921 </interface>
922 -<interface name="gpg_rw_agent_pipes" lineno="192">
923 +<interface name="gpg_rw_agent_pipes" lineno="226">
924 <summary>
925 Read and write gpg agent pipes.
926 </summary>
927 @@ -5442,7 +5574,7 @@ Domain allowed access.
928 </summary>
929 </param>
930 </interface>
931 -<interface name="gpg_stream_connect_agent" lineno="210">
932 +<interface name="gpg_stream_connect_agent" lineno="244">
933 <summary>
934 Connect to gpg agent socket
935 </summary>
936 @@ -5452,7 +5584,7 @@ Domain allowed access.
937 </summary>
938 </param>
939 </interface>
940 -<interface name="gpg_search_agent_tmp_dirs" lineno="232">
941 +<interface name="gpg_search_agent_tmp_dirs" lineno="266">
942 <summary>
943 Search gpg agent dirs.
944 </summary>
945 @@ -5462,7 +5594,7 @@ Domain allowed access.
946 </summary>
947 </param>
948 </interface>
949 -<interface name="gpg_agent_tmp_filetrans" lineno="266">
950 +<interface name="gpg_agent_tmp_filetrans" lineno="300">
951 <summary>
952 filetrans in gpg_agent_tmp_t dirs
953 </summary>
954 @@ -5488,7 +5620,7 @@ The name of the object being created.
955 </summary>
956 </param>
957 </interface>
958 -<interface name="gpg_runtime_filetrans" lineno="301">
959 +<interface name="gpg_runtime_filetrans" lineno="335">
960 <summary>
961 filetrans in gpg_runtime_t dirs
962 </summary>
963 @@ -5514,7 +5646,7 @@ The name of the object being created.
964 </summary>
965 </param>
966 </interface>
967 -<interface name="gpg_secret_filetrans" lineno="336">
968 +<interface name="gpg_secret_filetrans" lineno="370">
969 <summary>
970 filetrans in gpg_secret_t dirs
971 </summary>
972 @@ -5540,7 +5672,7 @@ The name of the object being created.
973 </summary>
974 </param>
975 </interface>
976 -<interface name="gpg_pinentry_dbus_chat" lineno="357">
977 +<interface name="gpg_pinentry_dbus_chat" lineno="391">
978 <summary>
979 Send messages to and from gpg
980 pinentry over DBUS.
981 @@ -5551,7 +5683,18 @@ Domain allowed access.
982 </summary>
983 </param>
984 </interface>
985 -<interface name="gpg_list_user_secrets" lineno="377">
986 +<interface name="gpg_dontaudit_search_user_secrets" lineno="412">
987 +<summary>
988 +Do not audit attempts to search gpg
989 +user secrets.
990 +</summary>
991 +<param name="domain">
992 +<summary>
993 +Domain to not audit.
994 +</summary>
995 +</param>
996 +</interface>
997 +<interface name="gpg_list_user_secrets" lineno="430">
998 <summary>
999 List gpg user secrets.
1000 </summary>
1001 @@ -5609,21 +5752,32 @@ Grant the gpg domains manage rights on all user content
1002 </module>
1003 <module name="irc" filename="policy/modules/apps/irc.if">
1004 <summary>IRC client policy.</summary>
1005 -<interface name="irc_role" lineno="18">
1006 +<template name="irc_role" lineno="29">
1007 <summary>
1008 Role access for IRC.
1009 </summary>
1010 -<param name="role">
1011 +<param name="role_prefix">
1012 <summary>
1013 -Role allowed access.
1014 +The prefix of the user role (e.g., user
1015 +is the prefix for user_r).
1016 </summary>
1017 </param>
1018 -<param name="domain">
1019 +<param name="user_domain">
1020 <summary>
1021 User domain for the role.
1022 </summary>
1023 </param>
1024 -</interface>
1025 +<param name="user_exec_domain">
1026 +<summary>
1027 +User exec domain for execute and transition access.
1028 +</summary>
1029 +</param>
1030 +<param name="role">
1031 +<summary>
1032 +Role allowed access
1033 +</summary>
1034 +</param>
1035 +</template>
1036 <tunable name="irc_use_any_tcp_ports" dftval="false">
1037 <desc>
1038 <p>
1039 @@ -5664,22 +5818,33 @@ Grant the irc domains manage rights on all user content
1040 </module>
1041 <module name="java" filename="policy/modules/apps/java.if">
1042 <summary>Java virtual machine</summary>
1043 -<interface name="java_role" lineno="18">
1044 +<template name="java_role" lineno="29">
1045 <summary>
1046 Role access for java.
1047 </summary>
1048 -<param name="role">
1049 +<param name="role_prefix">
1050 <summary>
1051 -Role allowed access.
1052 +The prefix of the user role (e.g., user
1053 +is the prefix for user_r).
1054 </summary>
1055 </param>
1056 -<param name="domain">
1057 +<param name="user_domain">
1058 <summary>
1059 User domain for the role.
1060 </summary>
1061 </param>
1062 -</interface>
1063 -<template name="java_role_template" lineno="90">
1064 +<param name="user_exec_domain">
1065 +<summary>
1066 +User exec domain for execute and transition access.
1067 +</summary>
1068 +</param>
1069 +<param name="role">
1070 +<summary>
1071 +Role allowed access
1072 +</summary>
1073 +</param>
1074 +</template>
1075 +<template name="java_role_template" lineno="110">
1076 <summary>
1077 The role template for the java module.
1078 </summary>
1079 @@ -5691,22 +5856,27 @@ for java applications.
1080 </desc>
1081 <param name="role_prefix">
1082 <summary>
1083 -The prefix of the user domain (e.g., user
1084 -is the prefix for user_t).
1085 +The prefix of the user role (e.g., user
1086 +is the prefix for user_r).
1087 </summary>
1088 </param>
1089 -<param name="user_role">
1090 +<param name="user_domain">
1091 <summary>
1092 -The role associated with the user domain.
1093 +User domain for the role.
1094 </summary>
1095 </param>
1096 -<param name="user_domain">
1097 +<param name="user_exec_domain">
1098 <summary>
1099 -The type of the user domain.
1100 +User exec domain for execute and transition access.
1101 +</summary>
1102 +</param>
1103 +<param name="role">
1104 +<summary>
1105 +Role allowed access
1106 </summary>
1107 </param>
1108 </template>
1109 -<interface name="java_domtrans" lineno="148">
1110 +<interface name="java_domtrans" lineno="168">
1111 <summary>
1112 Execute the java program in the java domain.
1113 </summary>
1114 @@ -5716,7 +5886,7 @@ Domain allowed to transition.
1115 </summary>
1116 </param>
1117 </interface>
1118 -<interface name="java_run" lineno="178">
1119 +<interface name="java_run" lineno="198">
1120 <summary>
1121 Execute java in the java domain, and
1122 allow the specified role the java domain.
1123 @@ -5732,7 +5902,7 @@ Role allowed access.
1124 </summary>
1125 </param>
1126 </interface>
1127 -<interface name="java_domtrans_unconfined" lineno="198">
1128 +<interface name="java_domtrans_unconfined" lineno="218">
1129 <summary>
1130 Execute the java program in the
1131 unconfined java domain.
1132 @@ -5743,7 +5913,7 @@ Domain allowed to transition.
1133 </summary>
1134 </param>
1135 </interface>
1136 -<interface name="java_run_unconfined" lineno="224">
1137 +<interface name="java_run_unconfined" lineno="244">
1138 <summary>
1139 Execute the java program in the
1140 unconfined java domain and allow the
1141 @@ -5760,7 +5930,7 @@ Role allowed access.
1142 </summary>
1143 </param>
1144 </interface>
1145 -<interface name="java_exec" lineno="244">
1146 +<interface name="java_exec" lineno="264">
1147 <summary>
1148 Execute the java program in
1149 the callers domain.
1150 @@ -5771,7 +5941,7 @@ Domain allowed access.
1151 </summary>
1152 </param>
1153 </interface>
1154 -<interface name="java_manage_generic_home_content" lineno="264">
1155 +<interface name="java_manage_generic_home_content" lineno="284">
1156 <summary>
1157 Create, read, write, and delete
1158 generic java home content.
1159 @@ -5782,7 +5952,7 @@ Domain allowed access.
1160 </summary>
1161 </param>
1162 </interface>
1163 -<interface name="java_manage_java_tmp" lineno="285">
1164 +<interface name="java_manage_java_tmp" lineno="305">
1165 <summary>
1166 Create, read, write, and delete
1167 temporary java content.
1168 @@ -5793,7 +5963,7 @@ Domain allowed access.
1169 </summary>
1170 </param>
1171 </interface>
1172 -<interface name="java_home_filetrans_java_home" lineno="316">
1173 +<interface name="java_home_filetrans_java_home" lineno="336">
1174 <summary>
1175 Create specified objects in user home
1176 directories with the generic java
1177 @@ -5815,7 +5985,7 @@ The name of the object being created.
1178 </summary>
1179 </param>
1180 </interface>
1181 -<template name="java_noatsecure_domtrans" lineno="341">
1182 +<template name="java_noatsecure_domtrans" lineno="361">
1183 <summary>
1184 Run java in javaplugin domain and
1185 do not clean the environment (atsecure)
1186 @@ -5832,7 +6002,7 @@ Domain allowed to transition.
1187 </summary>
1188 </param>
1189 </template>
1190 -<template name="java_domain_type" lineno="369">
1191 +<template name="java_domain_type" lineno="389">
1192 <summary>
1193 The template for using java in a domain.
1194 </summary>
1195 @@ -5887,21 +6057,32 @@ Grant the java domains manage rights on all user content
1196 </module>
1197 <module name="libmtp" filename="policy/modules/apps/libmtp.if">
1198 <summary>libmtp: An Initiatior implementation of the Media Transfer Protocol (MTP).</summary>
1199 -<interface name="libmtp_role" lineno="18">
1200 +<template name="libmtp_role" lineno="29">
1201 <summary>
1202 Role access for libmtp.
1203 </summary>
1204 -<param name="role">
1205 +<param name="role_prefix">
1206 <summary>
1207 -Role allowed access.
1208 +The prefix of the user role (e.g., user
1209 +is the prefix for user_r).
1210 </summary>
1211 </param>
1212 -<param name="domain">
1213 +<param name="user_domain">
1214 <summary>
1215 User domain for the role.
1216 </summary>
1217 </param>
1218 -</interface>
1219 +<param name="user_exec_domain">
1220 +<summary>
1221 +User exec domain for execute and transition access.
1222 +</summary>
1223 +</param>
1224 +<param name="role">
1225 +<summary>
1226 +Role allowed access
1227 +</summary>
1228 +</param>
1229 +</template>
1230 <tunable name="libmtp_enable_home_dirs" dftval="false">
1231 <desc>
1232 <p>
1233 @@ -6135,7 +6316,7 @@ Role allowed access.
1234 </module>
1235 <module name="mono" filename="policy/modules/apps/mono.if">
1236 <summary>Run .NET server and client applications on Linux.</summary>
1237 -<template name="mono_role_template" lineno="30">
1238 +<template name="mono_role_template" lineno="35">
1239 <summary>
1240 The role template for the mono module.
1241 </summary>
1242 @@ -6147,22 +6328,27 @@ for mono applications.
1243 </desc>
1244 <param name="role_prefix">
1245 <summary>
1246 -The prefix of the user domain (e.g., user
1247 -is the prefix for user_t).
1248 +The prefix of the user role (e.g., user
1249 +is the prefix for user_r).
1250 </summary>
1251 </param>
1252 -<param name="user_role">
1253 +<param name="user_domain">
1254 <summary>
1255 -The role associated with the user domain.
1256 +User domain for the role.
1257 </summary>
1258 </param>
1259 -<param name="user_domain">
1260 +<param name="user_exec_domain">
1261 <summary>
1262 -The type of the user domain.
1263 +User exec domain for execute and transition access.
1264 +</summary>
1265 +</param>
1266 +<param name="role">
1267 +<summary>
1268 +Role allowed access
1269 </summary>
1270 </param>
1271 </template>
1272 -<interface name="mono_domtrans" lineno="80">
1273 +<interface name="mono_domtrans" lineno="85">
1274 <summary>
1275 Execute mono in the mono domain.
1276 </summary>
1277 @@ -6172,7 +6358,7 @@ Domain allowed to transition.
1278 </summary>
1279 </param>
1280 </interface>
1281 -<interface name="mono_run" lineno="105">
1282 +<interface name="mono_run" lineno="110">
1283 <summary>
1284 Execute mono in the mono domain, and
1285 allow the specified role the mono domain.
1286 @@ -6188,7 +6374,7 @@ Role allowed access.
1287 </summary>
1288 </param>
1289 </interface>
1290 -<interface name="mono_exec" lineno="124">
1291 +<interface name="mono_exec" lineno="129">
1292 <summary>
1293 Execute mono in the caller domain.
1294 </summary>
1295 @@ -6198,7 +6384,7 @@ Domain allowed access.
1296 </summary>
1297 </param>
1298 </interface>
1299 -<interface name="mono_rw_shm" lineno="143">
1300 +<interface name="mono_rw_shm" lineno="148">
1301 <summary>
1302 Read and write mono shared memory.
1303 </summary>
1304 @@ -6211,22 +6397,33 @@ Domain allowed access.
1305 </module>
1306 <module name="mozilla" filename="policy/modules/apps/mozilla.if">
1307 <summary>Policy for Mozilla and related web browsers.</summary>
1308 -<interface name="mozilla_role" lineno="18">
1309 +<template name="mozilla_role" lineno="29">
1310 <summary>
1311 Role access for mozilla.
1312 </summary>
1313 -<param name="role">
1314 +<param name="role_prefix">
1315 <summary>
1316 -Role allowed access.
1317 +The prefix of the user role (e.g., user
1318 +is the prefix for user_r).
1319 </summary>
1320 </param>
1321 -<param name="domain">
1322 +<param name="user_domain">
1323 <summary>
1324 User domain for the role.
1325 </summary>
1326 </param>
1327 -</interface>
1328 -<interface name="mozilla_role_plugin" lineno="90">
1329 +<param name="user_exec_domain">
1330 +<summary>
1331 +User exec domain for execute and transition access.
1332 +</summary>
1333 +</param>
1334 +<param name="role">
1335 +<summary>
1336 +Role allowed access
1337 +</summary>
1338 +</param>
1339 +</template>
1340 +<interface name="mozilla_role_plugin" lineno="105">
1341 <summary>
1342 Role access for mozilla plugin.
1343 </summary>
1344 @@ -6241,7 +6438,7 @@ User domain for the role.
1345 </summary>
1346 </param>
1347 </interface>
1348 -<interface name="mozilla_read_user_home" lineno="151">
1349 +<interface name="mozilla_read_user_home" lineno="166">
1350 <summary>
1351 Read mozilla home directory content.
1352 </summary>
1353 @@ -6251,7 +6448,7 @@ Domain allowed access.
1354 </summary>
1355 </param>
1356 </interface>
1357 -<interface name="mozilla_read_user_home_files" lineno="172">
1358 +<interface name="mozilla_read_user_home_files" lineno="187">
1359 <summary>
1360 Read mozilla home directory files
1361 </summary>
1362 @@ -6261,7 +6458,7 @@ Domain allowed access.
1363 </summary>
1364 </param>
1365 </interface>
1366 -<interface name="mozilla_write_user_home_files" lineno="193">
1367 +<interface name="mozilla_write_user_home_files" lineno="208">
1368 <summary>
1369 Write mozilla home directory files.
1370 </summary>
1371 @@ -6271,7 +6468,7 @@ Domain allowed access.
1372 </summary>
1373 </param>
1374 </interface>
1375 -<interface name="mozilla_dontaudit_rw_user_home_files" lineno="213">
1376 +<interface name="mozilla_dontaudit_rw_user_home_files" lineno="228">
1377 <summary>
1378 Do not audit attempts to read and
1379 write mozilla home directory files.
1380 @@ -6282,7 +6479,7 @@ Domain to not audit.
1381 </summary>
1382 </param>
1383 </interface>
1384 -<interface name="mozilla_dontaudit_manage_user_home_files" lineno="233">
1385 +<interface name="mozilla_dontaudit_manage_user_home_files" lineno="248">
1386 <summary>
1387 Do not audit attempt to Create,
1388 read, write, and delete mozilla
1389 @@ -6294,7 +6491,7 @@ Domain to not audit.
1390 </summary>
1391 </param>
1392 </interface>
1393 -<interface name="mozilla_exec_user_plugin_home_files" lineno="253">
1394 +<interface name="mozilla_exec_user_plugin_home_files" lineno="268">
1395 <summary>
1396 Execute mozilla plugin home directory files.
1397 </summary>
1398 @@ -6304,7 +6501,7 @@ Domain allowed access.
1399 </summary>
1400 </param>
1401 </interface>
1402 -<interface name="mozilla_execmod_user_plugin_home_files" lineno="273">
1403 +<interface name="mozilla_execmod_user_plugin_home_files" lineno="288">
1404 <summary>
1405 Mozilla plugin home directory file
1406 text relocation.
1407 @@ -6315,7 +6512,7 @@ Domain allowed access.
1408 </summary>
1409 </param>
1410 </interface>
1411 -<interface name="mozilla_read_tmp_files" lineno="291">
1412 +<interface name="mozilla_read_tmp_files" lineno="306">
1413 <summary>
1414 Read temporary mozilla files.
1415 </summary>
1416 @@ -6325,7 +6522,7 @@ Domain allowed access.
1417 </summary>
1418 </param>
1419 </interface>
1420 -<interface name="mozilla_domtrans" lineno="309">
1421 +<interface name="mozilla_domtrans" lineno="324">
1422 <summary>
1423 Run mozilla in the mozilla domain.
1424 </summary>
1425 @@ -6335,7 +6532,7 @@ Domain allowed to transition.
1426 </summary>
1427 </param>
1428 </interface>
1429 -<interface name="mozilla_domtrans_plugin" lineno="329">
1430 +<interface name="mozilla_domtrans_plugin" lineno="344">
1431 <summary>
1432 Execute a domain transition to
1433 run mozilla plugin.
1434 @@ -6346,7 +6543,7 @@ Domain allowed to transition.
1435 </summary>
1436 </param>
1437 </interface>
1438 -<interface name="mozilla_run_plugin" lineno="356">
1439 +<interface name="mozilla_run_plugin" lineno="371">
1440 <summary>
1441 Execute mozilla plugin in the
1442 mozilla plugin domain, and allow
1443 @@ -6364,7 +6561,7 @@ Role allowed access.
1444 </summary>
1445 </param>
1446 </interface>
1447 -<interface name="mozilla_domtrans_plugin_config" lineno="376">
1448 +<interface name="mozilla_domtrans_plugin_config" lineno="391">
1449 <summary>
1450 Execute a domain transition to
1451 run mozilla plugin config.
1452 @@ -6375,7 +6572,7 @@ Domain allowed to transition.
1453 </summary>
1454 </param>
1455 </interface>
1456 -<interface name="mozilla_run_plugin_config" lineno="403">
1457 +<interface name="mozilla_run_plugin_config" lineno="418">
1458 <summary>
1459 Execute mozilla plugin config in
1460 the mozilla plugin config domain,
1461 @@ -6393,7 +6590,7 @@ Role allowed access.
1462 </summary>
1463 </param>
1464 </interface>
1465 -<interface name="mozilla_dbus_chat" lineno="423">
1466 +<interface name="mozilla_dbus_chat" lineno="438">
1467 <summary>
1468 Send and receive messages from
1469 mozilla over dbus.
1470 @@ -6404,7 +6601,7 @@ Domain allowed access.
1471 </summary>
1472 </param>
1473 </interface>
1474 -<interface name="mozilla_dbus_chat_plugin" lineno="444">
1475 +<interface name="mozilla_dbus_chat_plugin" lineno="459">
1476 <summary>
1477 Send and receive messages from
1478 mozilla plugin over dbus.
1479 @@ -6415,7 +6612,7 @@ Domain allowed access.
1480 </summary>
1481 </param>
1482 </interface>
1483 -<interface name="mozilla_rw_tcp_sockets" lineno="464">
1484 +<interface name="mozilla_rw_tcp_sockets" lineno="479">
1485 <summary>
1486 Read and write mozilla TCP sockets.
1487 </summary>
1488 @@ -6425,7 +6622,7 @@ Domain allowed access.
1489 </summary>
1490 </param>
1491 </interface>
1492 -<interface name="mozilla_manage_plugin_rw_files" lineno="483">
1493 +<interface name="mozilla_manage_plugin_rw_files" lineno="498">
1494 <summary>
1495 Create, read, write, and delete
1496 mozilla plugin rw files.
1497 @@ -6436,7 +6633,7 @@ Domain allowed access.
1498 </summary>
1499 </param>
1500 </interface>
1501 -<interface name="mozilla_plugin_read_tmpfs_files" lineno="502">
1502 +<interface name="mozilla_plugin_read_tmpfs_files" lineno="517">
1503 <summary>
1504 Read mozilla_plugin tmpfs files.
1505 </summary>
1506 @@ -6446,7 +6643,7 @@ Domain allowed access.
1507 </summary>
1508 </param>
1509 </interface>
1510 -<interface name="mozilla_plugin_delete_tmpfs_files" lineno="521">
1511 +<interface name="mozilla_plugin_delete_tmpfs_files" lineno="536">
1512 <summary>
1513 Delete mozilla_plugin tmpfs files.
1514 </summary>
1515 @@ -6456,7 +6653,7 @@ Domain allowed access.
1516 </summary>
1517 </param>
1518 </interface>
1519 -<interface name="mozilla_rw_tmp_pipes" lineno="540">
1520 +<interface name="mozilla_rw_tmp_pipes" lineno="555">
1521 <summary>
1522 Read/write to mozilla's tmp fifo files
1523 </summary>
1524 @@ -6466,7 +6663,7 @@ Domain allowed access
1525 </summary>
1526 </param>
1527 </interface>
1528 -<interface name="mozilla_manage_generic_plugin_home_content" lineno="559">
1529 +<interface name="mozilla_manage_generic_plugin_home_content" lineno="574">
1530 <summary>
1531 Create, read, write, and delete
1532 generic mozilla plugin home content.
1533 @@ -6477,7 +6674,7 @@ Domain allowed access.
1534 </summary>
1535 </param>
1536 </interface>
1537 -<interface name="mozilla_home_filetrans_plugin_home" lineno="594">
1538 +<interface name="mozilla_home_filetrans_plugin_home" lineno="609">
1539 <summary>
1540 Create objects in user home
1541 directories with the generic mozilla
1542 @@ -6499,7 +6696,7 @@ The name of the object being created.
1543 </summary>
1544 </param>
1545 </interface>
1546 -<interface name="mozilla_dontaudit_use_fds" lineno="614">
1547 +<interface name="mozilla_dontaudit_use_fds" lineno="629">
1548 <summary>
1549 Do not audit use of mozilla file descriptors
1550 </summary>
1551 @@ -6509,7 +6706,7 @@ Domain to dont audit access from
1552 </summary>
1553 </param>
1554 </interface>
1555 -<interface name="mozilla_send_dgram_plugin" lineno="632">
1556 +<interface name="mozilla_send_dgram_plugin" lineno="647">
1557 <summary>
1558 Send messages to mozilla plugin unix datagram sockets
1559 </summary>
1560 @@ -6575,22 +6772,33 @@ unreserved ports (for instance when dealing with Google Talk)
1561 </module>
1562 <module name="mplayer" filename="policy/modules/apps/mplayer.if">
1563 <summary>Mplayer media player and encoder.</summary>
1564 -<interface name="mplayer_role" lineno="18">
1565 +<template name="mplayer_role" lineno="29">
1566 <summary>
1567 Role access for mplayer
1568 </summary>
1569 -<param name="role">
1570 +<param name="role_prefix">
1571 <summary>
1572 -Role allowed access
1573 +The prefix of the user role (e.g., user
1574 +is the prefix for user_r).
1575 </summary>
1576 </param>
1577 -<param name="domain">
1578 +<param name="user_domain">
1579 <summary>
1580 -User domain for the role
1581 +User domain for the role.
1582 </summary>
1583 </param>
1584 -</interface>
1585 -<interface name="mplayer_domtrans" lineno="65">
1586 +<param name="user_exec_domain">
1587 +<summary>
1588 +User exec domain for execute and transition access.
1589 +</summary>
1590 +</param>
1591 +<param name="role">
1592 +<summary>
1593 +Role allowed access
1594 +</summary>
1595 +</param>
1596 +</template>
1597 +<interface name="mplayer_domtrans" lineno="81">
1598 <summary>
1599 Run mplayer in mplayer domain.
1600 </summary>
1601 @@ -6600,7 +6808,7 @@ Domain allowed to transition.
1602 </summary>
1603 </param>
1604 </interface>
1605 -<interface name="mplayer_exec" lineno="85">
1606 +<interface name="mplayer_exec" lineno="101">
1607 <summary>
1608 Execute mplayer in the caller domain.
1609 </summary>
1610 @@ -6610,7 +6818,7 @@ Domain allowed access.
1611 </summary>
1612 </param>
1613 </interface>
1614 -<interface name="mplayer_read_user_home_files" lineno="104">
1615 +<interface name="mplayer_read_user_home_files" lineno="120">
1616 <summary>
1617 Read mplayer user home content files.
1618 </summary>
1619 @@ -6620,7 +6828,7 @@ Domain allowed access.
1620 </summary>
1621 </param>
1622 </interface>
1623 -<interface name="mplayer_manage_generic_home_content" lineno="124">
1624 +<interface name="mplayer_manage_generic_home_content" lineno="140">
1625 <summary>
1626 Create, read, write, and delete
1627 generic mplayer home content.
1628 @@ -6631,7 +6839,7 @@ Domain allowed access.
1629 </summary>
1630 </param>
1631 </interface>
1632 -<interface name="mplayer_home_filetrans_mplayer_home" lineno="157">
1633 +<interface name="mplayer_home_filetrans_mplayer_home" lineno="173">
1634 <summary>
1635 Create specified objects in user home
1636 directories with the generic mplayer
1637 @@ -6720,22 +6928,33 @@ Grant the mplayer domains manage rights on all user content
1638 </module>
1639 <module name="openoffice" filename="policy/modules/apps/openoffice.if">
1640 <summary>Openoffice suite.</summary>
1641 -<interface name="ooffice_role" lineno="18">
1642 +<template name="ooffice_role" lineno="29">
1643 <summary>
1644 Role access for openoffice.
1645 </summary>
1646 -<param name="role">
1647 +<param name="role_prefix">
1648 <summary>
1649 -Role allowed access.
1650 +The prefix of the user role (e.g., user
1651 +is the prefix for user_r).
1652 </summary>
1653 </param>
1654 -<param name="domain">
1655 +<param name="user_domain">
1656 <summary>
1657 User domain for the role.
1658 </summary>
1659 </param>
1660 -</interface>
1661 -<interface name="ooffice_domtrans" lineno="48">
1662 +<param name="user_exec_domain">
1663 +<summary>
1664 +User exec domain for execute and transition access.
1665 +</summary>
1666 +</param>
1667 +<param name="role">
1668 +<summary>
1669 +Role allowed access
1670 +</summary>
1671 +</param>
1672 +</template>
1673 +<interface name="ooffice_domtrans" lineno="63">
1674 <summary>
1675 Run openoffice in its own domain.
1676 </summary>
1677 @@ -6745,7 +6964,7 @@ Domain allowed to transition.
1678 </summary>
1679 </param>
1680 </interface>
1681 -<interface name="ooffice_dontaudit_exec_tmp_files" lineno="67">
1682 +<interface name="ooffice_dontaudit_exec_tmp_files" lineno="82">
1683 <summary>
1684 Do not audit attempts to execute
1685 files in temporary directories.
1686 @@ -6756,7 +6975,7 @@ Domain to not audit.
1687 </summary>
1688 </param>
1689 </interface>
1690 -<interface name="ooffice_rw_tmp_files" lineno="86">
1691 +<interface name="ooffice_rw_tmp_files" lineno="101">
1692 <summary>
1693 Read and write temporary
1694 openoffice files.
1695 @@ -6767,7 +6986,7 @@ Domain allowed access.
1696 </summary>
1697 </param>
1698 </interface>
1699 -<interface name="ooffice_dbus_chat" lineno="106">
1700 +<interface name="ooffice_dbus_chat" lineno="121">
1701 <summary>
1702 Send and receive dbus messages
1703 from and to the openoffice
1704 @@ -6779,7 +6998,7 @@ Domain allowed access.
1705 </summary>
1706 </param>
1707 </interface>
1708 -<interface name="ooffice_stream_connect" lineno="127">
1709 +<interface name="ooffice_stream_connect" lineno="142">
1710 <summary>
1711 Connect to openoffice using a
1712 unix domain stream socket.
1713 @@ -6843,22 +7062,44 @@ Grant the openoffice domains manage rights on all user content
1714 </module>
1715 <module name="pulseaudio" filename="policy/modules/apps/pulseaudio.if">
1716 <summary>Pulseaudio network sound server.</summary>
1717 -<interface name="pulseaudio_role" lineno="18">
1718 +<template name="pulseaudio_role" lineno="29">
1719 <summary>
1720 Role access for pulseaudio.
1721 </summary>
1722 +<param name="role_prefix">
1723 +<summary>
1724 +The prefix of the user role (e.g., user
1725 +is the prefix for user_r).
1726 +</summary>
1727 +</param>
1728 +<param name="user_domain">
1729 +<summary>
1730 +User domain for the role.
1731 +</summary>
1732 +</param>
1733 +<param name="user_exec_domain">
1734 +<summary>
1735 +User exec domain for execute and transition access.
1736 +</summary>
1737 +</param>
1738 <param name="role">
1739 <summary>
1740 -Role allowed access.
1741 +Role allowed access
1742 </summary>
1743 </param>
1744 +</template>
1745 +<interface name="pulseaudio_client_domain" lineno="73">
1746 +<summary>
1747 +Connect to pulseaudio and manage
1748 +pulseaudio config data.
1749 +</summary>
1750 <param name="domain">
1751 <summary>
1752 -User domain for the role.
1753 +Domain allowed access.
1754 </summary>
1755 </param>
1756 </interface>
1757 -<interface name="pulseaudio_domtrans" lineno="56">
1758 +<interface name="pulseaudio_domtrans" lineno="91">
1759 <summary>
1760 Execute a domain transition to run pulseaudio.
1761 </summary>
1762 @@ -6868,7 +7109,7 @@ Domain allowed to transition.
1763 </summary>
1764 </param>
1765 </interface>
1766 -<interface name="pulseaudio_run" lineno="85">
1767 +<interface name="pulseaudio_run" lineno="117">
1768 <summary>
1769 Execute pulseaudio in the pulseaudio
1770 domain, and allow the specified role
1771 @@ -6885,7 +7126,7 @@ Role allowed access.
1772 </summary>
1773 </param>
1774 </interface>
1775 -<interface name="pulseaudio_exec" lineno="104">
1776 +<interface name="pulseaudio_exec" lineno="137">
1777 <summary>
1778 Execute pulseaudio in the caller domain.
1779 </summary>
1780 @@ -6895,7 +7136,7 @@ Domain allowed access.
1781 </summary>
1782 </param>
1783 </interface>
1784 -<interface name="pulseaudio_dontaudit_exec" lineno="123">
1785 +<interface name="pulseaudio_dontaudit_exec" lineno="156">
1786 <summary>
1787 Do not audit attempts to execute pulseaudio.
1788 </summary>
1789 @@ -6905,7 +7146,7 @@ Domain to not audit.
1790 </summary>
1791 </param>
1792 </interface>
1793 -<interface name="pulseaudio_signull" lineno="142">
1794 +<interface name="pulseaudio_signull" lineno="175">
1795 <summary>
1796 Send null signals to pulseaudio.
1797 processes.
1798 @@ -6916,7 +7157,7 @@ Domain allowed access.
1799 </summary>
1800 </param>
1801 </interface>
1802 -<interface name="pulseaudio_use_fds" lineno="161">
1803 +<interface name="pulseaudio_use_fds" lineno="194">
1804 <summary>
1805 Use file descriptors for
1806 pulseaudio.
1807 @@ -6927,7 +7168,7 @@ Domain allowed access.
1808 </summary>
1809 </param>
1810 </interface>
1811 -<interface name="pulseaudio_dontaudit_use_fds" lineno="180">
1812 +<interface name="pulseaudio_dontaudit_use_fds" lineno="213">
1813 <summary>
1814 Do not audit attempts to use the
1815 file descriptors for pulseaudio.
1816 @@ -6938,7 +7179,7 @@ Domain allowed access.
1817 </summary>
1818 </param>
1819 </interface>
1820 -<interface name="pulseaudio_stream_connect" lineno="199">
1821 +<interface name="pulseaudio_stream_connect" lineno="232">
1822 <summary>
1823 Connect to pulseaudio with a unix
1824 domain stream socket.
1825 @@ -6949,7 +7190,7 @@ Domain allowed access.
1826 </summary>
1827 </param>
1828 </interface>
1829 -<interface name="pulseaudio_dbus_chat" lineno="219">
1830 +<interface name="pulseaudio_dbus_chat" lineno="252">
1831 <summary>
1832 Send and receive messages from
1833 pulseaudio over dbus.
1834 @@ -6960,7 +7201,7 @@ Domain allowed access.
1835 </summary>
1836 </param>
1837 </interface>
1838 -<interface name="pulseaudio_setattr_home_dir" lineno="239">
1839 +<interface name="pulseaudio_setattr_home_dir" lineno="272">
1840 <summary>
1841 Set attributes of pulseaudio home directories.
1842 </summary>
1843 @@ -6970,7 +7211,7 @@ Domain allowed access.
1844 </summary>
1845 </param>
1846 </interface>
1847 -<interface name="pulseaudio_read_home" lineno="257">
1848 +<interface name="pulseaudio_read_home" lineno="290">
1849 <summary>
1850 Read pulseaudio home content.
1851 </summary>
1852 @@ -6980,7 +7221,7 @@ Domain allowed access.
1853 </summary>
1854 </param>
1855 </interface>
1856 -<interface name="pulseaudio_rw_home_files" lineno="278">
1857 +<interface name="pulseaudio_rw_home_files" lineno="311">
1858 <summary>
1859 Read and write Pulse Audio files.
1860 </summary>
1861 @@ -6990,7 +7231,7 @@ Domain allowed access.
1862 </summary>
1863 </param>
1864 </interface>
1865 -<interface name="pulseaudio_manage_home" lineno="299">
1866 +<interface name="pulseaudio_manage_home" lineno="332">
1867 <summary>
1868 Create, read, write, and delete
1869 pulseaudio home content.
1870 @@ -7001,7 +7242,7 @@ Domain allowed access.
1871 </summary>
1872 </param>
1873 </interface>
1874 -<interface name="pulseaudio_home_filetrans_pulseaudio_home" lineno="332">
1875 +<interface name="pulseaudio_home_filetrans_pulseaudio_home" lineno="365">
1876 <summary>
1877 Create objects in user home
1878 directories with the pulseaudio
1879 @@ -7023,7 +7264,7 @@ The name of the object being created.
1880 </summary>
1881 </param>
1882 </interface>
1883 -<interface name="pulseaudio_tmpfs_content" lineno="351">
1884 +<interface name="pulseaudio_tmpfs_content" lineno="384">
1885 <summary>
1886 Make the specified tmpfs file type
1887 pulseaudio tmpfs content.
1888 @@ -7034,7 +7275,7 @@ File type to make pulseaudio tmpfs content.
1889 </summary>
1890 </param>
1891 </interface>
1892 -<interface name="pulseaudio_read_tmpfs_files" lineno="369">
1893 +<interface name="pulseaudio_read_tmpfs_files" lineno="402">
1894 <summary>
1895 Read pulseaudio tmpfs files.
1896 </summary>
1897 @@ -7044,7 +7285,7 @@ Domain allowed access.
1898 </summary>
1899 </param>
1900 </interface>
1901 -<interface name="pulseaudio_rw_tmpfs_files" lineno="389">
1902 +<interface name="pulseaudio_rw_tmpfs_files" lineno="422">
1903 <summary>
1904 Read and write pulseaudio tmpfs
1905 files.
1906 @@ -7055,23 +7296,6 @@ Domain allowed access.
1907 </summary>
1908 </param>
1909 </interface>
1910 -<interface name="pulseaudio_client_domain" lineno="417">
1911 -<summary>
1912 -Mark the specified domain as a PulseAudio client domain
1913 -and the related tmpfs file type as a (shared) PulseAudio tmpfs
1914 -file type used for the shared memory access
1915 -</summary>
1916 -<param name="domain">
1917 -<summary>
1918 -Domain to become a PulseAudio client domain
1919 -</summary>
1920 -</param>
1921 -<param name="tmpfstype">
1922 -<summary>
1923 -Tmpfs type used for shared memory of the given domain
1924 -</summary>
1925 -</param>
1926 -</interface>
1927 <tunable name="pulseaudio_execmem" dftval="false">
1928 <desc>
1929 <p>
1930 @@ -7307,22 +7531,33 @@ access to the network.
1931 </module>
1932 <module name="rssh" filename="policy/modules/apps/rssh.if">
1933 <summary>Restricted (scp/sftp) only shell.</summary>
1934 -<interface name="rssh_role" lineno="18">
1935 +<template name="rssh_role" lineno="29">
1936 <summary>
1937 Role access for rssh.
1938 </summary>
1939 -<param name="role">
1940 +<param name="role_prefix">
1941 <summary>
1942 -Role allowed access.
1943 +The prefix of the user role (e.g., user
1944 +is the prefix for user_r).
1945 </summary>
1946 </param>
1947 -<param name="domain">
1948 +<param name="user_domain">
1949 <summary>
1950 User domain for the role.
1951 </summary>
1952 </param>
1953 -</interface>
1954 -<interface name="rssh_spec_domtrans" lineno="46">
1955 +<param name="user_exec_domain">
1956 +<summary>
1957 +User exec domain for execute and transition access.
1958 +</summary>
1959 +</param>
1960 +<param name="role">
1961 +<summary>
1962 +Role allowed access
1963 +</summary>
1964 +</param>
1965 +</template>
1966 +<interface name="rssh_spec_domtrans" lineno="57">
1967 <summary>
1968 Execute rssh in the rssh domain.
1969 </summary>
1970 @@ -7332,7 +7567,7 @@ Domain allowed to transition.
1971 </summary>
1972 </param>
1973 </interface>
1974 -<interface name="rssh_exec" lineno="66">
1975 +<interface name="rssh_exec" lineno="77">
1976 <summary>
1977 Execute the rssh program
1978 in the caller domain.
1979 @@ -7343,7 +7578,7 @@ Domain allowed access.
1980 </summary>
1981 </param>
1982 </interface>
1983 -<interface name="rssh_domtrans_chroot_helper" lineno="86">
1984 +<interface name="rssh_domtrans_chroot_helper" lineno="97">
1985 <summary>
1986 Execute a domain transition to
1987 run rssh chroot helper.
1988 @@ -7354,7 +7589,7 @@ Domain allowed to transition.
1989 </summary>
1990 </param>
1991 </interface>
1992 -<interface name="rssh_read_ro_content" lineno="105">
1993 +<interface name="rssh_read_ro_content" lineno="116">
1994 <summary>
1995 Read users rssh read-only content.
1996 </summary>
1997 @@ -7367,7 +7602,7 @@ Domain allowed access.
1998 </module>
1999 <module name="screen" filename="policy/modules/apps/screen.if">
2000 <summary>GNU terminal multiplexer.</summary>
2001 -<template name="screen_role_template" lineno="24">
2002 +<template name="screen_role_template" lineno="29">
2003 <summary>
2004 The role template for the screen module.
2005 </summary>
2006 @@ -7377,18 +7612,23 @@ The prefix of the user role (e.g., user
2007 is the prefix for user_r).
2008 </summary>
2009 </param>
2010 -<param name="user_role">
2011 +<param name="user_domain">
2012 <summary>
2013 -The role associated with the user domain.
2014 +The type of the user domain.
2015 </summary>
2016 </param>
2017 -<param name="user_domain">
2018 +<param name="user_exec_domain">
2019 <summary>
2020 -The type of the user domain.
2021 +User exec domain for execute and transition access.
2022 +</summary>
2023 +</param>
2024 +<param name="user_role">
2025 +<summary>
2026 +The role associated with the user domain.
2027 </summary>
2028 </param>
2029 </template>
2030 -<interface name="screen_execute_sock_file" lineno="103">
2031 +<interface name="screen_execute_sock_file" lineno="114">
2032 <summary>
2033 Execute the screen runtime sock file.
2034 </summary>
2035 @@ -7476,21 +7716,32 @@ Domain allowed access.
2036 </module>
2037 <module name="syncthing" filename="policy/modules/apps/syncthing.if">
2038 <summary>Application that lets you synchronize your files across multiple devices.</summary>
2039 -<interface name="syncthing_role" lineno="18">
2040 +<template name="syncthing_role" lineno="29">
2041 <summary>
2042 Role access for Syncthing
2043 </summary>
2044 -<param name="role">
2045 +<param name="role_prefix">
2046 <summary>
2047 -Role allowed access
2048 +The prefix of the user role (e.g., user
2049 +is the prefix for user_r).
2050 </summary>
2051 </param>
2052 -<param name="domain">
2053 +<param name="user_domain">
2054 <summary>
2055 -User domain for the role
2056 +User domain for the role.
2057 </summary>
2058 </param>
2059 -</interface>
2060 +<param name="user_exec_domain">
2061 +<summary>
2062 +User exec domain for execute and transition access.
2063 +</summary>
2064 +</param>
2065 +<param name="role">
2066 +<summary>
2067 +Role allowed access
2068 +</summary>
2069 +</param>
2070 +</template>
2071 <tunable name="syncthing_read_generic_user_content" dftval="true">
2072 <desc>
2073 <p>
2074 @@ -7532,7 +7783,7 @@ Domain prefix to be used.
2075 </summary>
2076 </param>
2077 </template>
2078 -<template name="telepathy_role_template" lineno="59">
2079 +<template name="telepathy_role_template" lineno="64">
2080 <summary>
2081 The role template for the telepathy module.
2082 </summary>
2083 @@ -7544,22 +7795,27 @@ for window manager applications.
2084 </desc>
2085 <param name="role_prefix">
2086 <summary>
2087 -The prefix of the user domain (e.g., user
2088 -is the prefix for user_t).
2089 +The prefix of the user role (e.g., user
2090 +is the prefix for user_r).
2091 </summary>
2092 </param>
2093 -<param name="user_role">
2094 +<param name="user_domain">
2095 <summary>
2096 -The role associated with the user domain.
2097 +User domain for the role.
2098 </summary>
2099 </param>
2100 -<param name="user_domain">
2101 +<param name="user_exec_domain">
2102 <summary>
2103 -The type of the user domain.
2104 +User exec domain for execute and transition access.
2105 +</summary>
2106 +</param>
2107 +<param name="role">
2108 +<summary>
2109 +Role allowed access
2110 </summary>
2111 </param>
2112 </template>
2113 -<interface name="telepathy_gabble_stream_connect" lineno="137">
2114 +<interface name="telepathy_gabble_stream_connect" lineno="146">
2115 <summary>
2116 Connect to gabble with a unix
2117 domain stream socket.
2118 @@ -7570,7 +7826,7 @@ Domain allowed access.
2119 </summary>
2120 </param>
2121 </interface>
2122 -<interface name="telepathy_gabble_dbus_chat" lineno="157">
2123 +<interface name="telepathy_gabble_dbus_chat" lineno="166">
2124 <summary>
2125 Send dbus messages to and from
2126 gabble.
2127 @@ -7581,7 +7837,7 @@ Domain allowed access.
2128 </summary>
2129 </param>
2130 </interface>
2131 -<interface name="telepathy_mission_control_dbus_chat" lineno="178">
2132 +<interface name="telepathy_mission_control_dbus_chat" lineno="187">
2133 <summary>
2134 Send dbus messages to and from
2135 mission control.
2136 @@ -7592,7 +7848,7 @@ Domain allowed access.
2137 </summary>
2138 </param>
2139 </interface>
2140 -<interface name="telepathy_mission_control_read_state" lineno="198">
2141 +<interface name="telepathy_mission_control_read_state" lineno="207">
2142 <summary>
2143 Read mission control process state files.
2144 </summary>
2145 @@ -7602,7 +7858,7 @@ Domain allowed access.
2146 </summary>
2147 </param>
2148 </interface>
2149 -<interface name="telepathy_msn_stream_connect" lineno="220">
2150 +<interface name="telepathy_msn_stream_connect" lineno="229">
2151 <summary>
2152 Connect to msn with a unix
2153 domain stream socket.
2154 @@ -7613,7 +7869,7 @@ Domain allowed access.
2155 </summary>
2156 </param>
2157 </interface>
2158 -<interface name="telepathy_salut_stream_connect" lineno="240">
2159 +<interface name="telepathy_salut_stream_connect" lineno="249">
2160 <summary>
2161 Connect to salut with a unix
2162 domain stream socket.
2163 @@ -7643,22 +7899,33 @@ managers can connect to any port.
2164 </module>
2165 <module name="thunderbird" filename="policy/modules/apps/thunderbird.if">
2166 <summary>Thunderbird email client.</summary>
2167 -<interface name="thunderbird_role" lineno="18">
2168 +<template name="thunderbird_role" lineno="29">
2169 <summary>
2170 Role access for thunderbird.
2171 </summary>
2172 -<param name="role">
2173 +<param name="role_prefix">
2174 <summary>
2175 -Role allowed access.
2176 +The prefix of the user role (e.g., user
2177 +is the prefix for user_r).
2178 </summary>
2179 </param>
2180 -<param name="domain">
2181 +<param name="user_domain">
2182 <summary>
2183 User domain for the role.
2184 </summary>
2185 </param>
2186 -</interface>
2187 -<interface name="thunderbird_domtrans" lineno="52">
2188 +<param name="user_exec_domain">
2189 +<summary>
2190 +User exec domain for execute and transition access.
2191 +</summary>
2192 +</param>
2193 +<param name="role">
2194 +<summary>
2195 +Role allowed access
2196 +</summary>
2197 +</param>
2198 +</template>
2199 +<interface name="thunderbird_domtrans" lineno="67">
2200 <summary>
2201 Execute thunderbird in the thunderbird domain.
2202 </summary>
2203 @@ -7699,40 +7966,62 @@ Grant the thunderbird domains manage rights on all user content
2204 </module>
2205 <module name="tvtime" filename="policy/modules/apps/tvtime.if">
2206 <summary>High quality television application.</summary>
2207 -<interface name="tvtime_role" lineno="18">
2208 +<template name="tvtime_role" lineno="29">
2209 <summary>
2210 Role access for tvtime
2211 </summary>
2212 -<param name="role">
2213 +<param name="role_prefix">
2214 <summary>
2215 -Role allowed access
2216 +The prefix of the user role (e.g., user
2217 +is the prefix for user_r).
2218 </summary>
2219 </param>
2220 -<param name="domain">
2221 +<param name="user_domain">
2222 <summary>
2223 -User domain for the role
2224 +User domain for the role.
2225 </summary>
2226 </param>
2227 -</interface>
2228 +<param name="user_exec_domain">
2229 +<summary>
2230 +User exec domain for execute and transition access.
2231 +</summary>
2232 +</param>
2233 +<param name="role">
2234 +<summary>
2235 +Role allowed access
2236 +</summary>
2237 +</param>
2238 +</template>
2239 </module>
2240 <module name="uml" filename="policy/modules/apps/uml.if">
2241 <summary>User mode linux tools and services.</summary>
2242 -<interface name="uml_role" lineno="18">
2243 +<template name="uml_role" lineno="29">
2244 <summary>
2245 Role access for uml.
2246 </summary>
2247 -<param name="role">
2248 +<param name="role_prefix">
2249 <summary>
2250 -Role allowed access.
2251 +The prefix of the user role (e.g., user
2252 +is the prefix for user_r).
2253 </summary>
2254 </param>
2255 -<param name="domain">
2256 +<param name="user_domain">
2257 <summary>
2258 User domain for the role.
2259 </summary>
2260 </param>
2261 -</interface>
2262 -<interface name="uml_setattr_util_sockets" lineno="55">
2263 +<param name="user_exec_domain">
2264 +<summary>
2265 +User exec domain for execute and transition access.
2266 +</summary>
2267 +</param>
2268 +<param name="role">
2269 +<summary>
2270 +Role allowed access
2271 +</summary>
2272 +</param>
2273 +</template>
2274 +<interface name="uml_setattr_util_sockets" lineno="70">
2275 <summary>
2276 Set attributes of uml pid sock files.
2277 </summary>
2278 @@ -7742,7 +8031,7 @@ Domain allowed access.
2279 </summary>
2280 </param>
2281 </interface>
2282 -<interface name="uml_manage_util_files" lineno="74">
2283 +<interface name="uml_manage_util_files" lineno="89">
2284 <summary>
2285 Create, read, write, and delete
2286 uml pid files.
2287 @@ -7756,28 +8045,33 @@ Domain allowed access.
2288 </module>
2289 <module name="userhelper" filename="policy/modules/apps/userhelper.if">
2290 <summary>A wrapper that helps users run system programs.</summary>
2291 -<template name="userhelper_role_template" lineno="24">
2292 +<template name="userhelper_role_template" lineno="29">
2293 <summary>
2294 The role template for the userhelper module.
2295 </summary>
2296 -<param name="userrole_prefix">
2297 +<param name="role_prefix">
2298 <summary>
2299 The prefix of the user role (e.g., user
2300 is the prefix for user_r).
2301 </summary>
2302 </param>
2303 -<param name="user_role">
2304 +<param name="user_domain">
2305 <summary>
2306 -The user role.
2307 +User domain for the role.
2308 </summary>
2309 </param>
2310 -<param name="user_domain">
2311 +<param name="user_exec_domain">
2312 +<summary>
2313 +User exec domain for execute and transition access.
2314 +</summary>
2315 +</param>
2316 +<param name="role">
2317 <summary>
2318 -The user domain associated with the role.
2319 +Role allowed access
2320 </summary>
2321 </param>
2322 </template>
2323 -<interface name="userhelper_search_config" lineno="110">
2324 +<interface name="userhelper_search_config" lineno="123">
2325 <summary>
2326 Search userhelper configuration directories.
2327 </summary>
2328 @@ -7787,7 +8081,7 @@ Domain allowed access.
2329 </summary>
2330 </param>
2331 </interface>
2332 -<interface name="userhelper_dontaudit_search_config" lineno="129">
2333 +<interface name="userhelper_dontaudit_search_config" lineno="142">
2334 <summary>
2335 Do not audit attempts to search
2336 userhelper configuration directories.
2337 @@ -7798,7 +8092,7 @@ Domain to not audit.
2338 </summary>
2339 </param>
2340 </interface>
2341 -<interface name="userhelper_dbus_chat_all_consolehelper" lineno="148">
2342 +<interface name="userhelper_dbus_chat_all_consolehelper" lineno="161">
2343 <summary>
2344 Send and receive messages from
2345 consolehelper over dbus.
2346 @@ -7809,7 +8103,7 @@ Domain allowed access.
2347 </summary>
2348 </param>
2349 </interface>
2350 -<interface name="userhelper_use_fd" lineno="168">
2351 +<interface name="userhelper_use_fd" lineno="181">
2352 <summary>
2353 Use userhelper all userhelper file descriptors.
2354 </summary>
2355 @@ -7819,7 +8113,7 @@ Domain allowed access.
2356 </summary>
2357 </param>
2358 </interface>
2359 -<interface name="userhelper_sigchld" lineno="186">
2360 +<interface name="userhelper_sigchld" lineno="199">
2361 <summary>
2362 Send child terminated signals to all userhelper.
2363 </summary>
2364 @@ -7829,7 +8123,7 @@ Domain allowed access.
2365 </summary>
2366 </param>
2367 </interface>
2368 -<interface name="userhelper_exec" lineno="204">
2369 +<interface name="userhelper_exec" lineno="217">
2370 <summary>
2371 Execute the userhelper program in the caller domain.
2372 </summary>
2373 @@ -7839,7 +8133,7 @@ Domain allowed access.
2374 </summary>
2375 </param>
2376 </interface>
2377 -<interface name="userhelper_exec_consolehelper" lineno="224">
2378 +<interface name="userhelper_exec_consolehelper" lineno="237">
2379 <summary>
2380 Execute the consolehelper program
2381 in the caller domain.
2382 @@ -7915,22 +8209,33 @@ Role allowed to access.
2383 </module>
2384 <module name="vmware" filename="policy/modules/apps/vmware.if">
2385 <summary>VMWare Workstation virtual machines.</summary>
2386 -<interface name="vmware_role" lineno="18">
2387 +<template name="vmware_role" lineno="29">
2388 <summary>
2389 Role access for vmware.
2390 </summary>
2391 -<param name="role">
2392 +<param name="role_prefix">
2393 <summary>
2394 -Role allowed access.
2395 +The prefix of the user role (e.g., user
2396 +is the prefix for user_r).
2397 </summary>
2398 </param>
2399 -<param name="domain">
2400 +<param name="user_domain">
2401 <summary>
2402 User domain for the role.
2403 </summary>
2404 </param>
2405 -</interface>
2406 -<interface name="vmware_exec_host" lineno="50">
2407 +<param name="user_exec_domain">
2408 +<summary>
2409 +User exec domain for execute and transition access.
2410 +</summary>
2411 +</param>
2412 +<param name="role">
2413 +<summary>
2414 +Role allowed access
2415 +</summary>
2416 +</param>
2417 +</template>
2418 +<interface name="vmware_exec_host" lineno="65">
2419 <summary>
2420 Execute vmware host executables
2421 </summary>
2422 @@ -7940,7 +8245,7 @@ Domain allowed access.
2423 </summary>
2424 </param>
2425 </interface>
2426 -<interface name="vmware_read_system_config" lineno="69">
2427 +<interface name="vmware_read_system_config" lineno="84">
2428 <summary>
2429 Read vmware system configuration files.
2430 </summary>
2431 @@ -7950,7 +8255,7 @@ Domain allowed access.
2432 </summary>
2433 </param>
2434 </interface>
2435 -<interface name="vmware_append_system_config" lineno="88">
2436 +<interface name="vmware_append_system_config" lineno="103">
2437 <summary>
2438 Append vmware system configuration files.
2439 </summary>
2440 @@ -7960,7 +8265,7 @@ Domain allowed access.
2441 </summary>
2442 </param>
2443 </interface>
2444 -<interface name="vmware_append_log" lineno="107">
2445 +<interface name="vmware_append_log" lineno="122">
2446 <summary>
2447 Append vmware log files.
2448 </summary>
2449 @@ -8025,22 +8330,33 @@ be labeled public_content_rw_t.
2450 </module>
2451 <module name="wine" filename="policy/modules/apps/wine.if">
2452 <summary>Run Windows programs in Linux.</summary>
2453 -<interface name="wine_role" lineno="18">
2454 +<template name="wine_role" lineno="29">
2455 <summary>
2456 Role access for wine.
2457 </summary>
2458 -<param name="role">
2459 +<param name="role_prefix">
2460 <summary>
2461 -Role allowed access.
2462 +The prefix of the user role (e.g., user
2463 +is the prefix for user_r).
2464 </summary>
2465 </param>
2466 -<param name="domain">
2467 +<param name="user_domain">
2468 <summary>
2469 User domain for the role.
2470 </summary>
2471 </param>
2472 -</interface>
2473 -<template name="wine_role_template" lineno="73">
2474 +<param name="user_exec_domain">
2475 +<summary>
2476 +User exec domain for execute and transition access.
2477 +</summary>
2478 +</param>
2479 +<param name="role">
2480 +<summary>
2481 +Role allowed access
2482 +</summary>
2483 +</param>
2484 +</template>
2485 +<template name="wine_role_template" lineno="89">
2486 <summary>
2487 The role template for the wine module.
2488 </summary>
2489 @@ -8052,22 +8368,27 @@ for wine applications.
2490 </desc>
2491 <param name="role_prefix">
2492 <summary>
2493 -The prefix of the user domain (e.g., user
2494 -is the prefix for user_t).
2495 +The prefix of the user role (e.g., user
2496 +is the prefix for user_r).
2497 </summary>
2498 </param>
2499 -<param name="user_role">
2500 +<param name="user_domain">
2501 <summary>
2502 -The role associated with the user domain.
2503 +User domain for the role.
2504 </summary>
2505 </param>
2506 -<param name="user_domain">
2507 +<param name="user_exec_domain">
2508 <summary>
2509 -The type of the user domain.
2510 +User exec domain for execute and transition access.
2511 +</summary>
2512 +</param>
2513 +<param name="role">
2514 +<summary>
2515 +Role allowed access
2516 </summary>
2517 </param>
2518 </template>
2519 -<interface name="wine_domtrans" lineno="114">
2520 +<interface name="wine_domtrans" lineno="130">
2521 <summary>
2522 Execute the wine program in the wine domain.
2523 </summary>
2524 @@ -8077,7 +8398,7 @@ Domain allowed to transition.
2525 </summary>
2526 </param>
2527 </interface>
2528 -<interface name="wine_run" lineno="140">
2529 +<interface name="wine_run" lineno="156">
2530 <summary>
2531 Execute wine in the wine domain,
2532 and allow the specified role
2533 @@ -8094,7 +8415,7 @@ Role allowed access.
2534 </summary>
2535 </param>
2536 </interface>
2537 -<interface name="wine_rw_shm" lineno="160">
2538 +<interface name="wine_rw_shm" lineno="176">
2539 <summary>
2540 Read and write wine Shared
2541 memory segments.
2542 @@ -8117,22 +8438,33 @@ be silently blocked.
2543 </module>
2544 <module name="wireshark" filename="policy/modules/apps/wireshark.if">
2545 <summary>Wireshark packet capture tool.</summary>
2546 -<interface name="wireshark_role" lineno="18">
2547 +<template name="wireshark_role" lineno="29">
2548 <summary>
2549 Role access for wireshark.
2550 </summary>
2551<