[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/, policy/modules/contrib/ - gentoo-commits

From:	Jason Zaman <perfinion@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/system/, policy/modules/contrib/
Date:	Thu, 02 Jun 2016 06:32:43
Message-Id:	`1464842783.2dca942d5948b36f7878b56aa7ffc6a702cf00c7.perfinion@gentoo`

1

commit:     2dca942d5948b36f7878b56aa7ffc6a702cf00c7

2

Author:     Jason Zaman <jason <AT> perfinion <DOT> com>

3

AuthorDate: Thu Jun  2 04:46:23 2016 +0000

4

Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>

5

CommitDate: Thu Jun  2 04:46:23 2016 +0000

6

URL:        https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=2dca942d

7

8

xdg: remove gentoo-specific xdg_runtime_home as user_runtime_t is now upstream

9

10

 policy/modules/contrib/xdg.fc       |   5 -

11

 policy/modules/contrib/xdg.if       | 241 ------------------------------------

12

 policy/modules/contrib/xdg.te       |   5 -

13

 policy/modules/system/userdomain.if |   2 -

14

 4 files changed, 253 deletions(-)

15

16

diff --git a/policy/modules/contrib/xdg.fc b/policy/modules/contrib/xdg.fc

17

index 49a52d9..2290ea5 100644

18

--- a/policy/modules/contrib/xdg.fc

19

+++ b/policy/modules/contrib/xdg.fc

20

@@ -1,8 +1,3 @@

21

 HOME_DIR/\.cache(/.*)?		gen_context(system_u:object_r:xdg_cache_home_t,s0)

22

 HOME_DIR/\.config(/.*)?		gen_context(system_u:object_r:xdg_config_home_t,s0)

23

 HOME_DIR/\.local(/.*)?		gen_context(system_u:object_r:xdg_data_home_t,s0)

24

-

25

-#

26

-# /run

27

-#

28

-/run/user/USER(/.*)?			gen_context(system_u:object_r:xdg_runtime_home_t,s0)

29

30

diff --git a/policy/modules/contrib/xdg.if b/policy/modules/contrib/xdg.if

31

index 55747d3..649266b 100644

32

--- a/policy/modules/contrib/xdg.if

33

+++ b/policy/modules/contrib/xdg.if

34

@@ -65,26 +65,6 @@ interface(`xdg_data_home_content',`

35

36

 ########################################

37

 ## <summary>

38

-##	Mark the selected type as an xdg_runtime_home_type

39

-## </summary>

40

-## <param name="type">

41

-##	<summary>

42

-##	Type to give the xdg_runtime_home_type attribute to

43

-##	</summary>

44

-## </param>

45

-#

46

-interface(`xdg_runtime_home_content',`

47

-	gen_require(`

48

-		attribute xdg_runtime_home_type;

49

-	')

50

-

51

-	typeattribute $1 xdg_runtime_home_type;

52

-

53

-	userdom_user_home_content($1)

54

-')

55

-

56

-########################################

57

-## <summary>

58

 ##	Read the xdg cache home files

59

 ## </summary>

60

 ## <param name="domain">

61

@@ -918,227 +898,6 @@ interface(`xdg_manage_downloads_home',`

62

 	manage_files_pattern($1, xdg_downloads_home_t, xdg_downloads_home_t)

63

')

64

65

-########################################

66

-## <summary>

67

-##	Read the xdg runtime home files

68

-## </summary>

69

-## <param name="domain">

70

-##	<summary>

71

-##	Domain allowed access.

72

-##	</summary>

73

-## </param>

74

-#

75

-interface(`xdg_read_runtime_home_files',`

76

-	gen_require(`

77

-		type xdg_runtime_home_t;

78

-	')

79

-

80

-	read_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)

81

-	list_dirs_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)

82

-

83

-	files_search_pids($1)

84

-')

85

-

86

-########################################

87

-## <summary>

88

-##	Read all xdg_runtime_home_type files

89

-## </summary>

90

-## <param name="domain">

91

-##	<summary>

92

-##	Domain allowed access.

93

-##	</summary>

94

-## </param>

95

-#

96

-interface(`xdg_read_all_runtime_home_files',`

97

-	gen_require(`

98

-		attribute xdg_runtime_home_type;

99

-	')

100

-

101

-	read_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)

102

-

103

-	files_search_pids($1)

104

-')

105

-

106

-########################################

107

-## <summary>

108

-##	Create objects in an xdg_runtime_home directory

109

-##	with an automatic type transition to

110

-##	a specified private type.

111

-## </summary>

112

-## <param name="domain">

113

-##	<summary>

114

-##	Domain allowed access.

115

-##	</summary>

116

-## </param>

117

-## <param name="private_type">

118

-##	<summary>

119

-##	The type of the object to create.

120

-##	</summary>

121

-## </param>

122

-## <param name="object_class">

123

-##	<summary>

124

-##	The class of the object to be created.

125

-##	</summary>

126

-## </param>

127

-## <param name="filename" optional="true">

128

-##	<summary>

129

-##	Name of the file or directory created

130

-##	</summary>

131

-## </param>

132

-#

133

-interface(`xdg_runtime_home_filetrans',`

134

-	gen_require(`

135

-		type xdg_runtime_home_t;

136

-	')

137

-

138

-	files_search_pids($1)

139

-

140

-	filetrans_pattern($1, xdg_runtime_home_t, $2, $3)

141

-')

142

-

143

-########################################

144

-## <summary>

145

-##	Create objects in the user home dir with an automatic type transition to

146

-##	the xdg_runtime_home_t type.

147

-## </summary>

148

-## <param name="domain">

149

-##	<summary>

150

-##	Domain allowed access.

151

-##	</summary>

152

-## </param>

153

-## <param name="object_class">

154

-##	<summary>

155

-##	The class of the object to be created.

156

-##	</summary>

157

-## </param>

158

-## <param name="filename" optional="true">

159

-##	<summary>

160

-##	Name of the directory created

161

-##	</summary>

162

-## </param>

163

-#

164

-interface(`xdg_generic_user_home_dir_filetrans_runtime_home',`

165

-	gen_require(`

166

-		type xdg_runtime_home_t;

167

-	')

168

-

169

-	userdom_user_home_dir_filetrans($1, xdg_runtime_home_t, $2, $3)

170

-')

171

-

172

-########################################

173

-## <summary>

174

-##	Create xdg runtime home directories

175

-## </summary>

176

-## <param name="domain">

177

-##	<summary>

178

-##	Domain allowed access

179

-##	</summary>

180

-## </param>

181

-#

182

-interface(`xdg_create_runtime_home_dirs',`

183

-	gen_require(`

184

-		type xdg_runtime_home_t;

185

-	')

186

-

187

-	allow $1 xdg_runtime_home_t:dir create_dir_perms;

188

-')

189

-

190

-########################################

191

-## <summary>

192

-##	Manage the xdg runtime home files

193

-## </summary>

194

-## <param name="domain">

195

-##	<summary>

196

-##	Domain allowed access.

197

-##	</summary>

198

-## </param>

199

-#

200

-interface(`xdg_manage_runtime_home',`

201

-	gen_require(`

202

-		type xdg_runtime_home_t;

203

-	')

204

-

205

-	manage_dirs_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)

206

-	manage_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)

207

-	manage_lnk_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)

208

-	manage_fifo_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)

209

-	manage_sock_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)

210

-

211

-	files_search_pids($1)

212

-')

213

-

214

-########################################

215

-## <summary>

216

-##	Manage all the xdg runtime home files, regardless of their specific type

217

-## </summary>

218

-## <param name="domain">

219

-##	<summary>

220

-##	Domain allowed access.

221

-##	</summary>

222

-## </param>

223

-#

224

-interface(`xdg_manage_all_runtime_home',`

225

-	gen_require(`

226

-		attribute xdg_runtime_home_type;

227

-	')

228

-

229

-	manage_dirs_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)

230

-	manage_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)

231

-	manage_lnk_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)

232

-	manage_fifo_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)

233

-	manage_sock_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)

234

-

235

-	files_search_pids($1)

236

-')

237

-

238

-########################################

239

-## <summary>

240

-##	Allow relabeling the xdg runtime home files

241

-## </summary>

242

-## <param name="domain">

243

-##	<summary>

244

-##	Domain allowed access.

245

-##	</summary>

246

-## </param>

247

-#

248

-interface(`xdg_relabel_runtime_home',`

249

-	gen_require(`

250

-		type xdg_runtime_home_t;

251

-	')

252

-

253

-	relabel_dirs_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)

254

-	relabel_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)

255

-	relabel_lnk_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)

256

-	relabel_fifo_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)

257

-	relabel_sock_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)

258

-

259

-	files_search_pids($1)

260

-')

261

-

262

-########################################

263

-## <summary>

264

-##	Allow relabeling the xdg runtime home files, regardless of the specific type

265

-## </summary>

266

-## <param name="domain">

267

-##	<summary>

268

-##	Domain allowed access.

269

-##	</summary>

270

-## </param>

271

-#

272

-interface(`xdg_relabel_all_runtime_home',`

273

-	gen_require(`

274

-		attribute xdg_runtime_home_type;

275

-	')

276

-

277

-	relabel_dirs_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)

278

-	relabel_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)

279

-	relabel_lnk_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)

280

-	relabel_fifo_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)

281

-	relabel_sock_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)

282

-

283

-	files_search_pids($1)

284

-')

285

-

286

 #########################################

287

 ## <summary>

288

 ##	Manage documents content

289

290

diff --git a/policy/modules/contrib/xdg.te b/policy/modules/contrib/xdg.te

291

index 78c1a0e..1cc9311 100644

292

--- a/policy/modules/contrib/xdg.te

293

+++ b/policy/modules/contrib/xdg.te

294

@@ -11,8 +11,6 @@ attribute xdg_config_home_type;

295

296

 attribute xdg_cache_home_type;

297

298

-attribute xdg_runtime_home_type;

299

-

300

 type xdg_data_home_t;

301

 xdg_data_home_content(xdg_data_home_t)

302

303

@@ -22,9 +20,6 @@ xdg_config_home_content(xdg_config_home_t)

304

 type xdg_cache_home_t;

305

 xdg_cache_home_content(xdg_cache_home_t)

306

307

-type xdg_runtime_home_t;

308

-xdg_runtime_home_content(xdg_runtime_home_t)

309

-

310

 # Various user location types (see ~/.config/user-dirs.dirs)

311

 type xdg_downloads_home_t; # customizable

312

 userdom_user_home_content(xdg_downloads_home_t)

313

314

diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if

315

index 00b9335..b04d149 100644

316

--- a/policy/modules/system/userdomain.if

317

+++ b/policy/modules/system/userdomain.if

318

@@ -281,7 +281,6 @@ interface(`userdom_manage_home_role',`

319

 			xdg_manage_all_cache_home($2)

320

 			xdg_manage_all_config_home($2)

321

 			xdg_manage_all_data_home($2)

322

-			xdg_manage_all_runtime_home($2)

323

 			xdg_manage_documents_home($2)

324

 			xdg_manage_downloads_home($2)

325

 			xdg_manage_music_home($2)

326

@@ -290,7 +289,6 @@ interface(`userdom_manage_home_role',`

327

 			xdg_relabel_all_cache_home($2)

328

 			xdg_relabel_all_config_home($2)

329

 			xdg_relabel_all_data_home($2)

330

-			xdg_relabel_all_runtime_home($2)

331

')

332

')

333

')

1	commit: 2dca942d5948b36f7878b56aa7ffc6a702cf00c7
2	Author: Jason Zaman <jason <AT> perfinion <DOT> com>
3	AuthorDate: Thu Jun 2 04:46:23 2016 +0000
4	Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
5	CommitDate: Thu Jun 2 04:46:23 2016 +0000
6	URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=2dca942d
7
8	xdg: remove gentoo-specific xdg_runtime_home as user_runtime_t is now upstream
9
10	policy/modules/contrib/xdg.fc \| 5 -
11	policy/modules/contrib/xdg.if \| 241 ------------------------------------
12	policy/modules/contrib/xdg.te \| 5 -
13	policy/modules/system/userdomain.if \| 2 -
14	4 files changed, 253 deletions(-)
15
16	diff --git a/policy/modules/contrib/xdg.fc b/policy/modules/contrib/xdg.fc
17	index 49a52d9..2290ea5 100644
18	--- a/policy/modules/contrib/xdg.fc
19	+++ b/policy/modules/contrib/xdg.fc
20	@@ -1,8 +1,3 @@
21	HOME_DIR/\.cache(/.*)? gen_context(system_u:object_r:xdg_cache_home_t,s0)
22	HOME_DIR/\.config(/.*)? gen_context(system_u:object_r:xdg_config_home_t,s0)
23	HOME_DIR/\.local(/.*)? gen_context(system_u:object_r:xdg_data_home_t,s0)
24	-
25	-#
26	-# /run
27	-#
28	-/run/user/USER(/.*)? gen_context(system_u:object_r:xdg_runtime_home_t,s0)
29
30	diff --git a/policy/modules/contrib/xdg.if b/policy/modules/contrib/xdg.if
31	index 55747d3..649266b 100644
32	--- a/policy/modules/contrib/xdg.if
33	+++ b/policy/modules/contrib/xdg.if
34	@@ -65,26 +65,6 @@ interface(`xdg_data_home_content',`
35
36	########################################
37	## <summary>
38	-## Mark the selected type as an xdg_runtime_home_type
39	-## </summary>
40	-## <param name="type">
41	-## <summary>
42	-## Type to give the xdg_runtime_home_type attribute to
43	-## </summary>
44	-## </param>
45	-#
46	-interface(`xdg_runtime_home_content',`
47	- gen_require(`
48	- attribute xdg_runtime_home_type;
49	- ')
50	-
51	- typeattribute $1 xdg_runtime_home_type;
52	-
53	- userdom_user_home_content($1)
54	-')
55	-
56	-########################################
57	-## <summary>
58	## Read the xdg cache home files
59	## </summary>
60	## <param name="domain">
61	@@ -918,227 +898,6 @@ interface(`xdg_manage_downloads_home',`
62	manage_files_pattern($1, xdg_downloads_home_t, xdg_downloads_home_t)
63	')
64
65	-########################################
66	-## <summary>
67	-## Read the xdg runtime home files
68	-## </summary>
69	-## <param name="domain">
70	-## <summary>
71	-## Domain allowed access.
72	-## </summary>
73	-## </param>
74	-#
75	-interface(`xdg_read_runtime_home_files',`
76	- gen_require(`
77	- type xdg_runtime_home_t;
78	- ')
79	-
80	- read_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
81	- list_dirs_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
82	-
83	- files_search_pids($1)
84	-')
85	-
86	-########################################
87	-## <summary>
88	-## Read all xdg_runtime_home_type files
89	-## </summary>
90	-## <param name="domain">
91	-## <summary>
92	-## Domain allowed access.
93	-## </summary>
94	-## </param>
95	-#
96	-interface(`xdg_read_all_runtime_home_files',`
97	- gen_require(`
98	- attribute xdg_runtime_home_type;
99	- ')
100	-
101	- read_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
102	-
103	- files_search_pids($1)
104	-')
105	-
106	-########################################
107	-## <summary>
108	-## Create objects in an xdg_runtime_home directory
109	-## with an automatic type transition to
110	-## a specified private type.
111	-## </summary>
112	-## <param name="domain">
113	-## <summary>
114	-## Domain allowed access.
115	-## </summary>
116	-## </param>
117	-## <param name="private_type">
118	-## <summary>
119	-## The type of the object to create.
120	-## </summary>
121	-## </param>
122	-## <param name="object_class">
123	-## <summary>
124	-## The class of the object to be created.
125	-## </summary>
126	-## </param>
127	-## <param name="filename" optional="true">
128	-## <summary>
129	-## Name of the file or directory created
130	-## </summary>
131	-## </param>
132	-#
133	-interface(`xdg_runtime_home_filetrans',`
134	- gen_require(`
135	- type xdg_runtime_home_t;
136	- ')
137	-
138	- files_search_pids($1)
139	-
140	- filetrans_pattern($1, xdg_runtime_home_t, $2, $3)
141	-')
142	-
143	-########################################
144	-## <summary>
145	-## Create objects in the user home dir with an automatic type transition to
146	-## the xdg_runtime_home_t type.
147	-## </summary>
148	-## <param name="domain">
149	-## <summary>
150	-## Domain allowed access.
151	-## </summary>
152	-## </param>
153	-## <param name="object_class">
154	-## <summary>
155	-## The class of the object to be created.
156	-## </summary>
157	-## </param>
158	-## <param name="filename" optional="true">
159	-## <summary>
160	-## Name of the directory created
161	-## </summary>
162	-## </param>
163	-#
164	-interface(`xdg_generic_user_home_dir_filetrans_runtime_home',`
165	- gen_require(`
166	- type xdg_runtime_home_t;
167	- ')
168	-
169	- userdom_user_home_dir_filetrans($1, xdg_runtime_home_t, $2, $3)
170	-')
171	-
172	-########################################
173	-## <summary>
174	-## Create xdg runtime home directories
175	-## </summary>
176	-## <param name="domain">
177	-## <summary>
178	-## Domain allowed access
179	-## </summary>
180	-## </param>
181	-#
182	-interface(`xdg_create_runtime_home_dirs',`
183	- gen_require(`
184	- type xdg_runtime_home_t;
185	- ')
186	-
187	- allow $1 xdg_runtime_home_t:dir create_dir_perms;
188	-')
189	-
190	-########################################
191	-## <summary>
192	-## Manage the xdg runtime home files
193	-## </summary>
194	-## <param name="domain">
195	-## <summary>
196	-## Domain allowed access.
197	-## </summary>
198	-## </param>
199	-#
200	-interface(`xdg_manage_runtime_home',`
201	- gen_require(`
202	- type xdg_runtime_home_t;
203	- ')
204	-
205	- manage_dirs_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
206	- manage_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
207	- manage_lnk_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
208	- manage_fifo_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
209	- manage_sock_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
210	-
211	- files_search_pids($1)
212	-')
213	-
214	-########################################
215	-## <summary>
216	-## Manage all the xdg runtime home files, regardless of their specific type
217	-## </summary>
218	-## <param name="domain">
219	-## <summary>
220	-## Domain allowed access.
221	-## </summary>
222	-## </param>
223	-#
224	-interface(`xdg_manage_all_runtime_home',`
225	- gen_require(`
226	- attribute xdg_runtime_home_type;
227	- ')
228	-
229	- manage_dirs_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
230	- manage_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
231	- manage_lnk_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
232	- manage_fifo_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
233	- manage_sock_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
234	-
235	- files_search_pids($1)
236	-')
237	-
238	-########################################
239	-## <summary>
240	-## Allow relabeling the xdg runtime home files
241	-## </summary>
242	-## <param name="domain">
243	-## <summary>
244	-## Domain allowed access.
245	-## </summary>
246	-## </param>
247	-#
248	-interface(`xdg_relabel_runtime_home',`
249	- gen_require(`
250	- type xdg_runtime_home_t;
251	- ')
252	-
253	- relabel_dirs_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
254	- relabel_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
255	- relabel_lnk_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
256	- relabel_fifo_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
257	- relabel_sock_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t)
258	-
259	- files_search_pids($1)
260	-')
261	-
262	-########################################
263	-## <summary>
264	-## Allow relabeling the xdg runtime home files, regardless of the specific type
265	-## </summary>
266	-## <param name="domain">
267	-## <summary>
268	-## Domain allowed access.
269	-## </summary>
270	-## </param>
271	-#
272	-interface(`xdg_relabel_all_runtime_home',`
273	- gen_require(`
274	- attribute xdg_runtime_home_type;
275	- ')
276	-
277	- relabel_dirs_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
278	- relabel_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
279	- relabel_lnk_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
280	- relabel_fifo_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
281	- relabel_sock_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type)
282	-
283	- files_search_pids($1)
284	-')
285	-
286	#########################################
287	## <summary>
288	## Manage documents content
289
290	diff --git a/policy/modules/contrib/xdg.te b/policy/modules/contrib/xdg.te
291	index 78c1a0e..1cc9311 100644
292	--- a/policy/modules/contrib/xdg.te
293	+++ b/policy/modules/contrib/xdg.te
294	@@ -11,8 +11,6 @@ attribute xdg_config_home_type;
295
296	attribute xdg_cache_home_type;
297
298	-attribute xdg_runtime_home_type;
299	-
300	type xdg_data_home_t;
301	xdg_data_home_content(xdg_data_home_t)
302
303	@@ -22,9 +20,6 @@ xdg_config_home_content(xdg_config_home_t)
304	type xdg_cache_home_t;
305	xdg_cache_home_content(xdg_cache_home_t)
306
307	-type xdg_runtime_home_t;
308	-xdg_runtime_home_content(xdg_runtime_home_t)
309	-
310	# Various user location types (see ~/.config/user-dirs.dirs)
311	type xdg_downloads_home_t; # customizable
312	userdom_user_home_content(xdg_downloads_home_t)
313
314	diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
315	index 00b9335..b04d149 100644
316	--- a/policy/modules/system/userdomain.if
317	+++ b/policy/modules/system/userdomain.if
318	@@ -281,7 +281,6 @@ interface(`userdom_manage_home_role',`
319	xdg_manage_all_cache_home($2)
320	xdg_manage_all_config_home($2)
321	xdg_manage_all_data_home($2)
322	- xdg_manage_all_runtime_home($2)
323	xdg_manage_documents_home($2)
324	xdg_manage_downloads_home($2)
325	xdg_manage_music_home($2)
326	@@ -290,7 +289,6 @@ interface(`userdom_manage_home_role',`
327	xdg_relabel_all_cache_home($2)
328	xdg_relabel_all_config_home($2)
329	xdg_relabel_all_data_home($2)
330	- xdg_relabel_all_runtime_home($2)
331	')
332	')
333	')

Gentoo Archives: gentoo-commits