| 1 |
commit: d83e298072d6c11a5ab55195dbd6392f03da472f |
| 2 |
Author: Russell Coker <russell <AT> coker <DOT> com <DOT> au> |
| 3 |
AuthorDate: Sun Feb 13 10:10:09 2022 +0000 |
| 4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sun Feb 27 02:13:17 2022 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=d83e2980 |
| 7 |
|
| 8 |
remove aliases from 20210203 |
| 9 |
|
| 10 |
This patch against version 20220106 removes the typealias rules that were in |
| 11 |
version 20210203. If we include this now then the typealias rules in |
| 12 |
question will have been there for 3 consecutive releases. But if you think |
| 13 |
we should wait until after the next release that's OK. |
| 14 |
|
| 15 |
It's obvious that this patch should be included sooner or later, I think now |
| 16 |
is a reasonable time. |
| 17 |
|
| 18 |
Signed-off-by: Russell Coker <russell <AT> coker.com.au> |
| 19 |
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org> |
| 20 |
|
| 21 |
policy/modules/services/acpi.te | 1 - |
| 22 |
policy/modules/services/clamav.te | 1 - |
| 23 |
policy/modules/services/exim.te | 1 - |
| 24 |
policy/modules/services/ftp.te | 1 - |
| 25 |
policy/modules/services/irqbalance.te | 1 - |
| 26 |
policy/modules/services/postfix.te | 3 +-- |
| 27 |
policy/modules/services/spamassassin.te | 1 - |
| 28 |
policy/modules/system/mount.te | 1 - |
| 29 |
policy/modules/system/selinuxutil.te | 1 - |
| 30 |
policy/modules/system/systemd.te | 2 -- |
| 31 |
10 files changed, 1 insertion(+), 12 deletions(-) |
| 32 |
|
| 33 |
diff --git a/policy/modules/services/acpi.te b/policy/modules/services/acpi.te |
| 34 |
index 92d52182..c4ca7f7f 100644 |
| 35 |
--- a/policy/modules/services/acpi.te |
| 36 |
+++ b/policy/modules/services/acpi.te |
| 37 |
@@ -27,7 +27,6 @@ type acpid_log_t; |
| 38 |
logging_log_file(acpid_log_t) |
| 39 |
|
| 40 |
type acpid_runtime_t; |
| 41 |
-typealias acpid_runtime_t alias acpid_var_run_t; |
| 42 |
files_runtime_file(acpid_runtime_t) |
| 43 |
|
| 44 |
type acpid_tmp_t; |
| 45 |
|
| 46 |
diff --git a/policy/modules/services/clamav.te b/policy/modules/services/clamav.te |
| 47 |
index 761de69d..b2ea270c 100644 |
| 48 |
--- a/policy/modules/services/clamav.te |
| 49 |
+++ b/policy/modules/services/clamav.te |
| 50 |
@@ -41,7 +41,6 @@ init_script_file(clamd_initrc_exec_t) |
| 51 |
|
| 52 |
type clamd_runtime_t; |
| 53 |
files_runtime_file(clamd_runtime_t) |
| 54 |
-typealias clamd_runtime_t alias clamd_var_run_t; |
| 55 |
|
| 56 |
type clamd_tmp_t; |
| 57 |
files_tmp_file(clamd_tmp_t) |
| 58 |
|
| 59 |
diff --git a/policy/modules/services/exim.te b/policy/modules/services/exim.te |
| 60 |
index dc03379b..65217d7e 100644 |
| 61 |
--- a/policy/modules/services/exim.te |
| 62 |
+++ b/policy/modules/services/exim.te |
| 63 |
@@ -55,7 +55,6 @@ type exim_log_t; |
| 64 |
logging_log_file(exim_log_t) |
| 65 |
|
| 66 |
type exim_pid_t; |
| 67 |
-typealias exim_pid_t alias exim_var_run_t; |
| 68 |
files_runtime_file(exim_pid_t) |
| 69 |
|
| 70 |
type exim_spool_t; |
| 71 |
|
| 72 |
diff --git a/policy/modules/services/ftp.te b/policy/modules/services/ftp.te |
| 73 |
index 6cffdfc2..a3ff66fe 100644 |
| 74 |
--- a/policy/modules/services/ftp.te |
| 75 |
+++ b/policy/modules/services/ftp.te |
| 76 |
@@ -110,7 +110,6 @@ gen_tunable(sftpd_write_ssh_home, false) |
| 77 |
attribute_role ftpdctl_roles; |
| 78 |
|
| 79 |
type anon_sftpd_t; |
| 80 |
-typealias anon_sftpd_t alias sftpd_anon_t; |
| 81 |
domain_type(anon_sftpd_t) |
| 82 |
role system_r types anon_sftpd_t; |
| 83 |
|
| 84 |
|
| 85 |
diff --git a/policy/modules/services/irqbalance.te b/policy/modules/services/irqbalance.te |
| 86 |
index 3b86f88c..0a6f4c9b 100644 |
| 87 |
--- a/policy/modules/services/irqbalance.te |
| 88 |
+++ b/policy/modules/services/irqbalance.te |
| 89 |
@@ -13,7 +13,6 @@ type irqbalance_initrc_exec_t; |
| 90 |
init_script_file(irqbalance_initrc_exec_t) |
| 91 |
|
| 92 |
type irqbalance_pid_t; |
| 93 |
-typealias irqbalance_pid_t alias irqbalance_var_run_t; |
| 94 |
files_runtime_file(irqbalance_pid_t) |
| 95 |
|
| 96 |
type irqbalance_unit_t; |
| 97 |
|
| 98 |
diff --git a/policy/modules/services/postfix.te b/policy/modules/services/postfix.te |
| 99 |
index 4d62f8cf..6b97df10 100644 |
| 100 |
--- a/policy/modules/services/postfix.te |
| 101 |
+++ b/policy/modules/services/postfix.te |
| 102 |
@@ -51,8 +51,7 @@ type postfix_map_tmp_t; |
| 103 |
files_tmp_file(postfix_map_tmp_t) |
| 104 |
|
| 105 |
postfix_domain_template(master) |
| 106 |
-typealias postfix_master_t alias postfix_t; |
| 107 |
-mta_mailserver(postfix_t, postfix_master_exec_t) |
| 108 |
+mta_mailserver(postfix_master_t, postfix_master_exec_t) |
| 109 |
|
| 110 |
type postfix_initrc_exec_t; |
| 111 |
init_script_file(postfix_initrc_exec_t) |
| 112 |
|
| 113 |
diff --git a/policy/modules/services/spamassassin.te b/policy/modules/services/spamassassin.te |
| 114 |
index fc4e54f7..4162995f 100644 |
| 115 |
--- a/policy/modules/services/spamassassin.te |
| 116 |
+++ b/policy/modules/services/spamassassin.te |
| 117 |
@@ -30,7 +30,6 @@ gen_tunable(spamd_enable_home_dirs, false) |
| 118 |
gen_tunable(rspamd_spamd, false) |
| 119 |
|
| 120 |
type spamd_update_t; |
| 121 |
-typealias spamd_update_t alias spamd_gpg_t; |
| 122 |
type spamd_update_exec_t; |
| 123 |
init_system_domain(spamd_update_t, spamd_update_exec_t) |
| 124 |
|
| 125 |
|
| 126 |
diff --git a/policy/modules/system/mount.te b/policy/modules/system/mount.te |
| 127 |
index d577da34..0efbdc7f 100644 |
| 128 |
--- a/policy/modules/system/mount.te |
| 129 |
+++ b/policy/modules/system/mount.te |
| 130 |
@@ -24,7 +24,6 @@ type mount_loopback_t; # customizable |
| 131 |
fs_image_file(mount_loopback_t) |
| 132 |
|
| 133 |
type mount_runtime_t; |
| 134 |
-typealias mount_runtime_t alias mount_var_run_t; |
| 135 |
files_runtime_file(mount_runtime_t) |
| 136 |
|
| 137 |
type mount_tmp_t; |
| 138 |
|
| 139 |
diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te |
| 140 |
index 904c59fc..b596ccb5 100644 |
| 141 |
--- a/policy/modules/system/selinuxutil.te |
| 142 |
+++ b/policy/modules/system/selinuxutil.te |
| 143 |
@@ -89,7 +89,6 @@ type restorecond_unit_t; |
| 144 |
init_unit_file(restorecond_unit_t) |
| 145 |
|
| 146 |
type restorecond_run_t; |
| 147 |
-typealias restorecond_run_t alias restorecond_var_run_t; |
| 148 |
files_runtime_file(restorecond_run_t) |
| 149 |
|
| 150 |
type run_init_t; |
| 151 |
|
| 152 |
diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te |
| 153 |
index 68fb96ec..d02e7edd 100644 |
| 154 |
--- a/policy/modules/system/systemd.te |
| 155 |
+++ b/policy/modules/system/systemd.te |
| 156 |
@@ -111,8 +111,6 @@ systemd_tmpfiles_conf_file(systemd_factory_conf_t) |
| 157 |
|
| 158 |
type systemd_generator_t; |
| 159 |
type systemd_generator_exec_t; |
| 160 |
-typealias systemd_generator_t alias { systemd_fstab_generator_t systemd_gpt_generator_t }; |
| 161 |
-typealias systemd_generator_exec_t alias { systemd_fstab_generator_exec_t systemd_gpt_generator_exec_t }; |
| 162 |
init_system_domain(systemd_generator_t, systemd_generator_exec_t) |
| 163 |
|
| 164 |
type systemd_homed_t; |
Archives