| 1 |
commit: 6bb07e2ca4908674c7d262a5d6f558922a45f3b4 |
| 2 |
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
| 3 |
AuthorDate: Thu Nov 1 20:21:48 2012 +0000 |
| 4 |
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
| 5 |
CommitDate: Thu Nov 1 20:21:48 2012 +0000 |
| 6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=6bb07e2c |
| 7 |
|
| 8 |
Remove tryouts for auto-generation of interfaces, will use segenif now |
| 9 |
|
| 10 |
--- |
| 11 |
policy/modules/contrib/chromium.autogen | 9 ----- |
| 12 |
.../chromium/chromium_domtrans.autogen.iface | 19 ---------- |
| 13 |
policy/modules/contrib/chromium/chromium_role.part | 34 ------------------ |
| 14 |
.../contrib/chromium/chromium_run.autogen.iface | 23 ------------ |
| 15 |
.../contrib/chromium/chromium_rw_tmp_pipes.part | 17 --------- |
| 16 |
.../contrib/chromium/chromium_tmp_filetrans.part | 29 --------------- |
| 17 |
policy/modules/contrib/flash.autogen | 4 -- |
| 18 |
.../modules/contrib/flash/flash_manage_home.part | 18 --------- |
| 19 |
.../modules/contrib/flash/flash_relabel_home.part | 18 --------- |
| 20 |
policy/modules/contrib/xdg.autogen | 4 -- |
| 21 |
.../contrib/xdg/xdg_cache_home_content.part | 20 ----------- |
| 22 |
.../contrib/xdg/xdg_cache_home_filetrans.part | 37 -------------------- |
| 23 |
.../contrib/xdg/xdg_config_home_content.part | 20 ----------- |
| 24 |
.../contrib/xdg/xdg_config_home_filetrans.part | 37 -------------------- |
| 25 |
.../modules/contrib/xdg/xdg_data_home_content.part | 20 ----------- |
| 26 |
.../contrib/xdg/xdg_data_home_filetrans.part | 37 -------------------- |
| 27 |
.../contrib/xdg/xdg_manage_all_cache_home.part | 24 ------------- |
| 28 |
.../contrib/xdg/xdg_manage_all_config_home.part | 24 ------------- |
| 29 |
.../contrib/xdg/xdg_manage_all_data_home.part | 24 ------------- |
| 30 |
.../contrib/xdg/xdg_manage_all_runtime_home.part | 24 ------------- |
| 31 |
.../contrib/xdg/xdg_manage_downloads_home.part | 18 --------- |
| 32 |
.../contrib/xdg/xdg_manage_generic_cache_home.part | 24 ------------- |
| 33 |
.../xdg/xdg_manage_generic_config_home.part | 24 ------------- |
| 34 |
.../contrib/xdg/xdg_manage_generic_data_home.part | 24 ------------- |
| 35 |
.../xdg/xdg_manage_generic_runtime_home.part | 24 ------------- |
| 36 |
.../contrib/xdg/xdg_manage_videos_home.part | 18 --------- |
| 37 |
.../contrib/xdg/xdg_read_all_cache_home_files.part | 20 ----------- |
| 38 |
.../xdg/xdg_read_all_config_home_files.part | 20 ----------- |
| 39 |
.../contrib/xdg/xdg_read_all_data_home_files.part | 20 ----------- |
| 40 |
.../xdg/xdg_read_all_runtime_home_files.part | 20 ----------- |
| 41 |
.../xdg/xdg_read_generic_cache_home_files.part | 21 ----------- |
| 42 |
.../xdg/xdg_read_generic_config_home_files.part | 21 ----------- |
| 43 |
.../xdg/xdg_read_generic_data_home_files.part | 21 ----------- |
| 44 |
.../xdg/xdg_read_generic_runtime_home_files.part | 21 ----------- |
| 45 |
.../contrib/xdg/xdg_relabel_all_cache_home.part | 24 ------------- |
| 46 |
.../contrib/xdg/xdg_relabel_all_config_home.part | 24 ------------- |
| 47 |
.../contrib/xdg/xdg_relabel_all_data_home.part | 24 ------------- |
| 48 |
.../contrib/xdg/xdg_relabel_all_runtime_home.part | 24 ------------- |
| 49 |
.../xdg/xdg_relabel_generic_cache_home.part | 24 ------------- |
| 50 |
.../xdg/xdg_relabel_generic_config_home.part | 24 ------------- |
| 51 |
.../contrib/xdg/xdg_relabel_generic_data_home.part | 24 ------------- |
| 52 |
.../xdg/xdg_relabel_generic_runtime_home.part | 24 ------------- |
| 53 |
.../contrib/xdg/xdg_runtime_home_content.part | 20 ----------- |
| 54 |
.../contrib/xdg/xdg_runtime_home_filetrans.part | 37 -------------------- |
| 55 |
44 files changed, 0 insertions(+), 987 deletions(-) |
| 56 |
|
| 57 |
diff --git a/policy/modules/contrib/chromium.autogen b/policy/modules/contrib/chromium.autogen |
| 58 |
deleted file mode 100644 |
| 59 |
index aeac21e..0000000 |
| 60 |
--- a/policy/modules/contrib/chromium.autogen |
| 61 |
+++ /dev/null |
| 62 |
@@ -1,9 +0,0 @@ |
| 63 |
-MODULE=chromium |
| 64 |
-SUBDOMAINS= |
| 65 |
-DESCRIPTION=Chromium browser |
| 66 |
- |
| 67 |
-chromium.DOMAIN=chromium_t |
| 68 |
-chromium.EXEC=chromium_exec_t |
| 69 |
- |
| 70 |
-chromium.GENTYPES= |
| 71 |
-chromium.METHODS=domtrans |
| 72 |
|
| 73 |
diff --git a/policy/modules/contrib/chromium/chromium_domtrans.autogen.iface b/policy/modules/contrib/chromium/chromium_domtrans.autogen.iface |
| 74 |
deleted file mode 100644 |
| 75 |
index 8652e30..0000000 |
| 76 |
--- a/policy/modules/contrib/chromium/chromium_domtrans.autogen.iface |
| 77 |
+++ /dev/null |
| 78 |
@@ -1,19 +0,0 @@ |
| 79 |
-####################################### |
| 80 |
-## <summary> |
| 81 |
-## Execute a domain transition to the chromium domain (chromium_t) |
| 82 |
-## </summary> |
| 83 |
-## <param name="domain"> |
| 84 |
-## <summary> |
| 85 |
-## Domain allowed access |
| 86 |
-## </summary> |
| 87 |
-## </param> |
| 88 |
-# |
| 89 |
-interface(`chromium_domtrans',` |
| 90 |
- gen_require(` |
| 91 |
- type chromium_t; |
| 92 |
- type chromium_exec_t; |
| 93 |
- ') |
| 94 |
- |
| 95 |
- corecmd_search_bin($1) |
| 96 |
- domtrans_pattern($1, chromium_exec_t, chromium_t) |
| 97 |
-') |
| 98 |
|
| 99 |
diff --git a/policy/modules/contrib/chromium/chromium_role.part b/policy/modules/contrib/chromium/chromium_role.part |
| 100 |
deleted file mode 100644 |
| 101 |
index ecb4783..0000000 |
| 102 |
--- a/policy/modules/contrib/chromium/chromium_role.part |
| 103 |
+++ /dev/null |
| 104 |
@@ -1,34 +0,0 @@ |
| 105 |
-####################################### |
| 106 |
-## <summary> |
| 107 |
-## Role access for chromium |
| 108 |
-## </summary> |
| 109 |
-## <param name="role"> |
| 110 |
-## <summary> |
| 111 |
-## Role allowed access |
| 112 |
-## </summary> |
| 113 |
-## </param> |
| 114 |
-## <param name="domain"> |
| 115 |
-## <summary> |
| 116 |
-## User domain for the role |
| 117 |
-## </summary> |
| 118 |
-## </param> |
| 119 |
-# |
| 120 |
-interface(`chromium_role',` |
| 121 |
- gen_require(` |
| 122 |
- type chromium_t; |
| 123 |
- type chromium_renderer_t; |
| 124 |
- type chromium_exec_t; |
| 125 |
- ') |
| 126 |
- |
| 127 |
- role $1 types chromium_t; |
| 128 |
- role $1 types chromium_renderer_t; |
| 129 |
- |
| 130 |
- # Transition from the user domain to the derived domain |
| 131 |
- chromium_domtrans($2) |
| 132 |
- |
| 133 |
- # Allow ps to show chromium processes and allow the user to signal it |
| 134 |
- ps_process_pattern($2, chromium_t) |
| 135 |
- ps_process_pattern($2, chromium_renderer_t) |
| 136 |
- allow $2 chromium_t:process signal_perms; |
| 137 |
- allow $2 chromium_renderer_t:process signal_perms; |
| 138 |
-') |
| 139 |
|
| 140 |
diff --git a/policy/modules/contrib/chromium/chromium_run.autogen.iface b/policy/modules/contrib/chromium/chromium_run.autogen.iface |
| 141 |
deleted file mode 100644 |
| 142 |
index c737b3f..0000000 |
| 143 |
--- a/policy/modules/contrib/chromium/chromium_run.autogen.iface |
| 144 |
+++ /dev/null |
| 145 |
@@ -1,23 +0,0 @@ |
| 146 |
-####################################### |
| 147 |
-## <summary> |
| 148 |
-## Execute chromium in the chromium domain and allow the specified role to access the chromium domain |
| 149 |
-## </summary> |
| 150 |
-## <param name="domain"> |
| 151 |
-## <summary> |
| 152 |
-## Domain allowed access |
| 153 |
-## </summary> |
| 154 |
-## </param> |
| 155 |
-## <param name="role"> |
| 156 |
-## <summary> |
| 157 |
-## Role allowed access |
| 158 |
-## </summary> |
| 159 |
-## </param> |
| 160 |
-# |
| 161 |
-interface(`chromium_run',` |
| 162 |
- gen_require(` |
| 163 |
- type chromium_t; |
| 164 |
- ') |
| 165 |
- |
| 166 |
- chromium_domtrans($1) |
| 167 |
- role $2 types chromium_t; |
| 168 |
-') |
| 169 |
|
| 170 |
diff --git a/policy/modules/contrib/chromium/chromium_rw_tmp_pipes.part b/policy/modules/contrib/chromium/chromium_rw_tmp_pipes.part |
| 171 |
deleted file mode 100644 |
| 172 |
index 9d35d25..0000000 |
| 173 |
--- a/policy/modules/contrib/chromium/chromium_rw_tmp_pipes.part |
| 174 |
+++ /dev/null |
| 175 |
@@ -1,17 +0,0 @@ |
| 176 |
-####################################### |
| 177 |
-## <summary> |
| 178 |
-## Read-write access to Chromiums' temporary fifo files |
| 179 |
-## </summary> |
| 180 |
-## <param name="domain"> |
| 181 |
-## <summary> |
| 182 |
-## Domain allowed access |
| 183 |
-## </summary> |
| 184 |
-## </param> |
| 185 |
-# |
| 186 |
-interface(`chromium_rw_tmp_pipes',` |
| 187 |
- gen_require(` |
| 188 |
- type chromium_tmp_t; |
| 189 |
- ') |
| 190 |
- |
| 191 |
- rw_fifo_files_pattern($1, chromium_tmp_t, chromium_tmp_t) |
| 192 |
-') |
| 193 |
|
| 194 |
diff --git a/policy/modules/contrib/chromium/chromium_tmp_filetrans.part b/policy/modules/contrib/chromium/chromium_tmp_filetrans.part |
| 195 |
deleted file mode 100644 |
| 196 |
index 88081cf..0000000 |
| 197 |
--- a/policy/modules/contrib/chromium/chromium_tmp_filetrans.part |
| 198 |
+++ /dev/null |
| 199 |
@@ -1,29 +0,0 @@ |
| 200 |
-############################################## |
| 201 |
-## <summary> |
| 202 |
-## Automatically use the specified type for resources created in chromium's |
| 203 |
-## temporary locations |
| 204 |
-## </summary> |
| 205 |
-## <param name="domain"> |
| 206 |
-## <summary> |
| 207 |
-## Domain that creates the resource(s) |
| 208 |
-## </summary> |
| 209 |
-## </param> |
| 210 |
-## <param name="class"> |
| 211 |
-## <summary> |
| 212 |
-## Type of the resource created |
| 213 |
-## </summary> |
| 214 |
-## </param> |
| 215 |
-## <param name="filename" optional="true"> |
| 216 |
-## <summary> |
| 217 |
-## The name of the resource being created |
| 218 |
-## </summary> |
| 219 |
-## </param> |
| 220 |
-# |
| 221 |
-interface(`chromium_tmp_filetrans',` |
| 222 |
- gen_require(` |
| 223 |
- type chromium_tmp_t; |
| 224 |
- ') |
| 225 |
- |
| 226 |
- search_dirs_pattern($1, chromium_tmp_t, chromium_tmp_t) |
| 227 |
- filetrans_pattern($1, chromium_tmp_t, $2, $3, $4) |
| 228 |
-') |
| 229 |
|
| 230 |
diff --git a/policy/modules/contrib/flash.autogen b/policy/modules/contrib/flash.autogen |
| 231 |
deleted file mode 100644 |
| 232 |
index 5e64153..0000000 |
| 233 |
--- a/policy/modules/contrib/flash.autogen |
| 234 |
+++ /dev/null |
| 235 |
@@ -1,4 +0,0 @@ |
| 236 |
-MODULE=flash |
| 237 |
-SUBDOMAINS= |
| 238 |
-DESCRIPTION=Flash player |
| 239 |
- |
| 240 |
|
| 241 |
diff --git a/policy/modules/contrib/flash/flash_manage_home.part b/policy/modules/contrib/flash/flash_manage_home.part |
| 242 |
deleted file mode 100644 |
| 243 |
index d190e0f..0000000 |
| 244 |
--- a/policy/modules/contrib/flash/flash_manage_home.part |
| 245 |
+++ /dev/null |
| 246 |
@@ -1,18 +0,0 @@ |
| 247 |
-##################################### |
| 248 |
-## <summary> |
| 249 |
-## Manage the Flash player home files |
| 250 |
-## </summary> |
| 251 |
-## <param name="domain"> |
| 252 |
-## <summary> |
| 253 |
-## Domain allowed access |
| 254 |
-## </summary> |
| 255 |
-## </param> |
| 256 |
-# |
| 257 |
-interface(`flash_manage_home',` |
| 258 |
- gen_require(` |
| 259 |
- type flash_home_t; |
| 260 |
- ') |
| 261 |
- |
| 262 |
- manage_files_pattern($1, flash_home_t, flash_home_t) |
| 263 |
- manage_dirs_pattern($1, flash_home_t, flash_home_t) |
| 264 |
-') |
| 265 |
|
| 266 |
diff --git a/policy/modules/contrib/flash/flash_relabel_home.part b/policy/modules/contrib/flash/flash_relabel_home.part |
| 267 |
deleted file mode 100644 |
| 268 |
index 1704fc1..0000000 |
| 269 |
--- a/policy/modules/contrib/flash/flash_relabel_home.part |
| 270 |
+++ /dev/null |
| 271 |
@@ -1,18 +0,0 @@ |
| 272 |
-#################################### |
| 273 |
-## <summary> |
| 274 |
-## Relabel the flash home resources |
| 275 |
-## </summary> |
| 276 |
-## <param name="domain"> |
| 277 |
-## <summary> |
| 278 |
-## Domain allowed access |
| 279 |
-## </summary> |
| 280 |
-## </param> |
| 281 |
-# |
| 282 |
-interface(`flash_relabel_home',` |
| 283 |
- gen_require(` |
| 284 |
- type flash_home_t; |
| 285 |
- ') |
| 286 |
- |
| 287 |
- relabel_files_pattern($1, flash_home_t, flash_home_t) |
| 288 |
- relabel_dirs_pattern($1, flash_home_t, flash_home_t) |
| 289 |
-') |
| 290 |
|
| 291 |
diff --git a/policy/modules/contrib/xdg.autogen b/policy/modules/contrib/xdg.autogen |
| 292 |
deleted file mode 100644 |
| 293 |
index 073e71c..0000000 |
| 294 |
--- a/policy/modules/contrib/xdg.autogen |
| 295 |
+++ /dev/null |
| 296 |
@@ -1,4 +0,0 @@ |
| 297 |
-MODULE=xdg |
| 298 |
-SUBDOMAINS= |
| 299 |
-DESCRIPTION=XDG Desktop Standard locations |
| 300 |
- |
| 301 |
|
| 302 |
diff --git a/policy/modules/contrib/xdg/xdg_cache_home_content.part b/policy/modules/contrib/xdg/xdg_cache_home_content.part |
| 303 |
deleted file mode 100644 |
| 304 |
index b7d8996..0000000 |
| 305 |
--- a/policy/modules/contrib/xdg/xdg_cache_home_content.part |
| 306 |
+++ /dev/null |
| 307 |
@@ -1,20 +0,0 @@ |
| 308 |
- |
| 309 |
-######################################## |
| 310 |
-## <summary> |
| 311 |
-## Mark the selected type as an xdg_cache_home_type |
| 312 |
-## </summary> |
| 313 |
-## <param name="type"> |
| 314 |
-## <summary> |
| 315 |
-## Type to give the xdg_cache_home_type attribute to |
| 316 |
-## </summary> |
| 317 |
-## </param> |
| 318 |
-# |
| 319 |
-interface(`xdg_cache_home_content',` |
| 320 |
- gen_require(` |
| 321 |
- attribute xdg_cache_home_type; |
| 322 |
- ') |
| 323 |
- |
| 324 |
- typeattribute $1 xdg_cache_home_type; |
| 325 |
- |
| 326 |
- userdom_user_home_content($1) |
| 327 |
-') |
| 328 |
|
| 329 |
diff --git a/policy/modules/contrib/xdg/xdg_cache_home_filetrans.part b/policy/modules/contrib/xdg/xdg_cache_home_filetrans.part |
| 330 |
deleted file mode 100644 |
| 331 |
index 752431f..0000000 |
| 332 |
--- a/policy/modules/contrib/xdg/xdg_cache_home_filetrans.part |
| 333 |
+++ /dev/null |
| 334 |
@@ -1,37 +0,0 @@ |
| 335 |
- |
| 336 |
-######################################## |
| 337 |
-## <summary> |
| 338 |
-## Create objects in an xdg_cache_home directory |
| 339 |
-## with an automatic type transition to |
| 340 |
-## a specified private type. |
| 341 |
-## </summary> |
| 342 |
-## <param name="domain"> |
| 343 |
-## <summary> |
| 344 |
-## Domain allowed access. |
| 345 |
-## </summary> |
| 346 |
-## </param> |
| 347 |
-## <param name="private_type"> |
| 348 |
-## <summary> |
| 349 |
-## The type of the object to create. |
| 350 |
-## </summary> |
| 351 |
-## </param> |
| 352 |
-## <param name="object_class"> |
| 353 |
-## <summary> |
| 354 |
-## The class of the object to be created. |
| 355 |
-## </summary> |
| 356 |
-## </param> |
| 357 |
-## <param name="filename" optional="true"> |
| 358 |
-## <summary> |
| 359 |
-## Name of the file or directory created |
| 360 |
-## </summary> |
| 361 |
-## </param> |
| 362 |
-# |
| 363 |
-interface(`xdg_cache_home_filetrans',` |
| 364 |
- gen_require(` |
| 365 |
- type xdg_cache_home_t; |
| 366 |
- ') |
| 367 |
- |
| 368 |
- userdom_search_user_home_dirs($1) |
| 369 |
- |
| 370 |
- filetrans_pattern($1, xdg_cache_home_t, $2, $3, $4) |
| 371 |
-') |
| 372 |
|
| 373 |
diff --git a/policy/modules/contrib/xdg/xdg_config_home_content.part b/policy/modules/contrib/xdg/xdg_config_home_content.part |
| 374 |
deleted file mode 100644 |
| 375 |
index 83664e5..0000000 |
| 376 |
--- a/policy/modules/contrib/xdg/xdg_config_home_content.part |
| 377 |
+++ /dev/null |
| 378 |
@@ -1,20 +0,0 @@ |
| 379 |
- |
| 380 |
-######################################## |
| 381 |
-## <summary> |
| 382 |
-## Mark the selected type as an xdg_config_home_type |
| 383 |
-## </summary> |
| 384 |
-## <param name="type"> |
| 385 |
-## <summary> |
| 386 |
-## Type to give the xdg_config_home_type attribute to |
| 387 |
-## </summary> |
| 388 |
-## </param> |
| 389 |
-# |
| 390 |
-interface(`xdg_config_home_content',` |
| 391 |
- gen_require(` |
| 392 |
- attribute xdg_config_home_type; |
| 393 |
- ') |
| 394 |
- |
| 395 |
- typeattribute $1 xdg_config_home_type; |
| 396 |
- |
| 397 |
- userdom_user_home_content($1) |
| 398 |
-') |
| 399 |
|
| 400 |
diff --git a/policy/modules/contrib/xdg/xdg_config_home_filetrans.part b/policy/modules/contrib/xdg/xdg_config_home_filetrans.part |
| 401 |
deleted file mode 100644 |
| 402 |
index 91da7b8..0000000 |
| 403 |
--- a/policy/modules/contrib/xdg/xdg_config_home_filetrans.part |
| 404 |
+++ /dev/null |
| 405 |
@@ -1,37 +0,0 @@ |
| 406 |
- |
| 407 |
-######################################## |
| 408 |
-## <summary> |
| 409 |
-## Create objects in an xdg_config_home directory |
| 410 |
-## with an automatic type transition to |
| 411 |
-## a specified private type. |
| 412 |
-## </summary> |
| 413 |
-## <param name="domain"> |
| 414 |
-## <summary> |
| 415 |
-## Domain allowed access. |
| 416 |
-## </summary> |
| 417 |
-## </param> |
| 418 |
-## <param name="private_type"> |
| 419 |
-## <summary> |
| 420 |
-## The type of the object to create. |
| 421 |
-## </summary> |
| 422 |
-## </param> |
| 423 |
-## <param name="object_class"> |
| 424 |
-## <summary> |
| 425 |
-## The class of the object to be created. |
| 426 |
-## </summary> |
| 427 |
-## </param> |
| 428 |
-## <param name="filename" optional="true"> |
| 429 |
-## <summary> |
| 430 |
-## Name of the file or directory created |
| 431 |
-## </summary> |
| 432 |
-## </param> |
| 433 |
-# |
| 434 |
-interface(`xdg_config_home_filetrans',` |
| 435 |
- gen_require(` |
| 436 |
- type xdg_config_home_t; |
| 437 |
- ') |
| 438 |
- |
| 439 |
- userdom_search_user_home_dirs($1) |
| 440 |
- |
| 441 |
- filetrans_pattern($1, xdg_config_home_t, $2, $3, $4) |
| 442 |
-') |
| 443 |
|
| 444 |
diff --git a/policy/modules/contrib/xdg/xdg_data_home_content.part b/policy/modules/contrib/xdg/xdg_data_home_content.part |
| 445 |
deleted file mode 100644 |
| 446 |
index a9f13e7..0000000 |
| 447 |
--- a/policy/modules/contrib/xdg/xdg_data_home_content.part |
| 448 |
+++ /dev/null |
| 449 |
@@ -1,20 +0,0 @@ |
| 450 |
- |
| 451 |
-######################################## |
| 452 |
-## <summary> |
| 453 |
-## Mark the selected type as an xdg_data_home_type |
| 454 |
-## </summary> |
| 455 |
-## <param name="type"> |
| 456 |
-## <summary> |
| 457 |
-## Type to give the xdg_data_home_type attribute to |
| 458 |
-## </summary> |
| 459 |
-## </param> |
| 460 |
-# |
| 461 |
-interface(`xdg_data_home_content',` |
| 462 |
- gen_require(` |
| 463 |
- attribute xdg_data_home_type; |
| 464 |
- ') |
| 465 |
- |
| 466 |
- typeattribute $1 xdg_data_home_type; |
| 467 |
- |
| 468 |
- userdom_user_home_content($1) |
| 469 |
-') |
| 470 |
|
| 471 |
diff --git a/policy/modules/contrib/xdg/xdg_data_home_filetrans.part b/policy/modules/contrib/xdg/xdg_data_home_filetrans.part |
| 472 |
deleted file mode 100644 |
| 473 |
index 39d9e82..0000000 |
| 474 |
--- a/policy/modules/contrib/xdg/xdg_data_home_filetrans.part |
| 475 |
+++ /dev/null |
| 476 |
@@ -1,37 +0,0 @@ |
| 477 |
- |
| 478 |
-######################################## |
| 479 |
-## <summary> |
| 480 |
-## Create objects in an xdg_data_home directory |
| 481 |
-## with an automatic type transition to |
| 482 |
-## a specified private type. |
| 483 |
-## </summary> |
| 484 |
-## <param name="domain"> |
| 485 |
-## <summary> |
| 486 |
-## Domain allowed access. |
| 487 |
-## </summary> |
| 488 |
-## </param> |
| 489 |
-## <param name="private_type"> |
| 490 |
-## <summary> |
| 491 |
-## The type of the object to create. |
| 492 |
-## </summary> |
| 493 |
-## </param> |
| 494 |
-## <param name="object_class"> |
| 495 |
-## <summary> |
| 496 |
-## The class of the object to be created. |
| 497 |
-## </summary> |
| 498 |
-## </param> |
| 499 |
-## <param name="filename" optional="true"> |
| 500 |
-## <summary> |
| 501 |
-## Optional name of the file or directory created |
| 502 |
-## </summary> |
| 503 |
-## </param> |
| 504 |
-# |
| 505 |
-interface(`xdg_data_home_filetrans',` |
| 506 |
- gen_require(` |
| 507 |
- type xdg_data_home_t; |
| 508 |
- ') |
| 509 |
- |
| 510 |
- userdom_search_user_home_dirs($1) |
| 511 |
- |
| 512 |
- filetrans_pattern($1, xdg_data_home_t, $2, $3, $4) |
| 513 |
-') |
| 514 |
|
| 515 |
diff --git a/policy/modules/contrib/xdg/xdg_manage_all_cache_home.part b/policy/modules/contrib/xdg/xdg_manage_all_cache_home.part |
| 516 |
deleted file mode 100644 |
| 517 |
index 388a80d..0000000 |
| 518 |
--- a/policy/modules/contrib/xdg/xdg_manage_all_cache_home.part |
| 519 |
+++ /dev/null |
| 520 |
@@ -1,24 +0,0 @@ |
| 521 |
- |
| 522 |
-######################################## |
| 523 |
-## <summary> |
| 524 |
-## Manage all the xdg cache home files regardless of their specific type |
| 525 |
-## </summary> |
| 526 |
-## <param name="domain"> |
| 527 |
-## <summary> |
| 528 |
-## Domain allowed access. |
| 529 |
-## </summary> |
| 530 |
-## </param> |
| 531 |
-# |
| 532 |
-interface(`xdg_manage_all_cache_home',` |
| 533 |
- gen_require(` |
| 534 |
- attribute xdg_cache_home_type; |
| 535 |
- ') |
| 536 |
- |
| 537 |
- manage_dirs_pattern($1, xdg_cache_home_type, xdg_cache_home_type) |
| 538 |
- manage_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type) |
| 539 |
- manage_lnk_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type) |
| 540 |
- manage_fifo_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type) |
| 541 |
- manage_sock_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type) |
| 542 |
- |
| 543 |
- userdom_search_user_home_dirs($1) |
| 544 |
-') |
| 545 |
|
| 546 |
diff --git a/policy/modules/contrib/xdg/xdg_manage_all_config_home.part b/policy/modules/contrib/xdg/xdg_manage_all_config_home.part |
| 547 |
deleted file mode 100644 |
| 548 |
index 6504beb..0000000 |
| 549 |
--- a/policy/modules/contrib/xdg/xdg_manage_all_config_home.part |
| 550 |
+++ /dev/null |
| 551 |
@@ -1,24 +0,0 @@ |
| 552 |
- |
| 553 |
-######################################## |
| 554 |
-## <summary> |
| 555 |
-## Manage all the xdg config home files regardless of their specific type |
| 556 |
-## </summary> |
| 557 |
-## <param name="domain"> |
| 558 |
-## <summary> |
| 559 |
-## Domain allowed access. |
| 560 |
-## </summary> |
| 561 |
-## </param> |
| 562 |
-# |
| 563 |
-interface(`xdg_manage_all_config_home',` |
| 564 |
- gen_require(` |
| 565 |
- attribute xdg_config_home_type; |
| 566 |
- ') |
| 567 |
- |
| 568 |
- manage_dirs_pattern($1, xdg_config_home_type, xdg_config_home_type) |
| 569 |
- manage_files_pattern($1, xdg_config_home_type, xdg_config_home_type) |
| 570 |
- manage_lnk_files_pattern($1, xdg_config_home_type, xdg_config_home_type) |
| 571 |
- manage_fifo_files_pattern($1, xdg_config_home_type, xdg_config_home_type) |
| 572 |
- manage_sock_files_pattern($1, xdg_config_home_type, xdg_config_home_type) |
| 573 |
- |
| 574 |
- userdom_search_user_home_dirs($1) |
| 575 |
-') |
| 576 |
|
| 577 |
diff --git a/policy/modules/contrib/xdg/xdg_manage_all_data_home.part b/policy/modules/contrib/xdg/xdg_manage_all_data_home.part |
| 578 |
deleted file mode 100644 |
| 579 |
index fa2fded..0000000 |
| 580 |
--- a/policy/modules/contrib/xdg/xdg_manage_all_data_home.part |
| 581 |
+++ /dev/null |
| 582 |
@@ -1,24 +0,0 @@ |
| 583 |
- |
| 584 |
-######################################## |
| 585 |
-## <summary> |
| 586 |
-## Manage all the xdg data home files, regardless of their specific type |
| 587 |
-## </summary> |
| 588 |
-## <param name="domain"> |
| 589 |
-## <summary> |
| 590 |
-## Domain allowed access. |
| 591 |
-## </summary> |
| 592 |
-## </param> |
| 593 |
-# |
| 594 |
-interface(`xdg_manage_all_data_home',` |
| 595 |
- gen_require(` |
| 596 |
- attribute xdg_data_home_type; |
| 597 |
- ') |
| 598 |
- |
| 599 |
- manage_dirs_pattern($1, xdg_data_home_type, xdg_data_home_type) |
| 600 |
- manage_files_pattern($1, xdg_data_home_type, xdg_data_home_type) |
| 601 |
- manage_lnk_files_pattern($1, xdg_data_home_type, xdg_data_home_type) |
| 602 |
- manage_fifo_files_pattern($1, xdg_data_home_type, xdg_data_home_type) |
| 603 |
- manage_sock_files_pattern($1, xdg_data_home_type, xdg_data_home_type) |
| 604 |
- |
| 605 |
- userdom_search_user_home_dirs($1) |
| 606 |
-') |
| 607 |
|
| 608 |
diff --git a/policy/modules/contrib/xdg/xdg_manage_all_runtime_home.part b/policy/modules/contrib/xdg/xdg_manage_all_runtime_home.part |
| 609 |
deleted file mode 100644 |
| 610 |
index 39cc849..0000000 |
| 611 |
--- a/policy/modules/contrib/xdg/xdg_manage_all_runtime_home.part |
| 612 |
+++ /dev/null |
| 613 |
@@ -1,24 +0,0 @@ |
| 614 |
- |
| 615 |
-######################################## |
| 616 |
-## <summary> |
| 617 |
-## Manage all the xdg runtime home files, regardless of their specific type |
| 618 |
-## </summary> |
| 619 |
-## <param name="domain"> |
| 620 |
-## <summary> |
| 621 |
-## Domain allowed access. |
| 622 |
-## </summary> |
| 623 |
-## </param> |
| 624 |
-# |
| 625 |
-interface(`xdg_manage_all_runtime_home',` |
| 626 |
- gen_require(` |
| 627 |
- attribute xdg_runtime_home_type; |
| 628 |
- ') |
| 629 |
- |
| 630 |
- manage_dirs_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type) |
| 631 |
- manage_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type) |
| 632 |
- manage_lnk_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type) |
| 633 |
- manage_fifo_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type) |
| 634 |
- manage_sock_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type) |
| 635 |
- |
| 636 |
- files_search_pids($1) |
| 637 |
-') |
| 638 |
|
| 639 |
diff --git a/policy/modules/contrib/xdg/xdg_manage_downloads_home.part b/policy/modules/contrib/xdg/xdg_manage_downloads_home.part |
| 640 |
deleted file mode 100644 |
| 641 |
index 126e115..0000000 |
| 642 |
--- a/policy/modules/contrib/xdg/xdg_manage_downloads_home.part |
| 643 |
+++ /dev/null |
| 644 |
@@ -1,18 +0,0 @@ |
| 645 |
-######################################### |
| 646 |
-## <summary> |
| 647 |
-## Manage downloaded content |
| 648 |
-## </summary> |
| 649 |
-## <param name="domain"> |
| 650 |
-## <summary> |
| 651 |
-## Domain allowed access |
| 652 |
-## </summary> |
| 653 |
-## </param> |
| 654 |
-# |
| 655 |
-interface(`xdg_manage_downloads_home',` |
| 656 |
- gen_require(` |
| 657 |
- type xdg_downloads_home_t; |
| 658 |
- ') |
| 659 |
- |
| 660 |
- manage_dirs_pattern($1, xdg_downloads_home_t, xdg_downloads_home_t) |
| 661 |
- manage_files_pattern($1, xdg_downloads_home_t, xdg_downloads_home_t) |
| 662 |
-') |
| 663 |
|
| 664 |
diff --git a/policy/modules/contrib/xdg/xdg_manage_generic_cache_home.part b/policy/modules/contrib/xdg/xdg_manage_generic_cache_home.part |
| 665 |
deleted file mode 100644 |
| 666 |
index 0e3268b..0000000 |
| 667 |
--- a/policy/modules/contrib/xdg/xdg_manage_generic_cache_home.part |
| 668 |
+++ /dev/null |
| 669 |
@@ -1,24 +0,0 @@ |
| 670 |
- |
| 671 |
-######################################## |
| 672 |
-## <summary> |
| 673 |
-## Manage the xdg cache home files |
| 674 |
-## </summary> |
| 675 |
-## <param name="domain"> |
| 676 |
-## <summary> |
| 677 |
-## Domain allowed access. |
| 678 |
-## </summary> |
| 679 |
-## </param> |
| 680 |
-# |
| 681 |
-interface(`xdg_manage_generic_cache_home',` |
| 682 |
- gen_require(` |
| 683 |
- type xdg_cache_home_t; |
| 684 |
- ') |
| 685 |
- |
| 686 |
- manage_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t) |
| 687 |
- manage_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) |
| 688 |
- manage_lnk_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) |
| 689 |
- manage_fifo_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) |
| 690 |
- manage_sock_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) |
| 691 |
- |
| 692 |
- userdom_search_user_home_dirs($1) |
| 693 |
-') |
| 694 |
|
| 695 |
diff --git a/policy/modules/contrib/xdg/xdg_manage_generic_config_home.part b/policy/modules/contrib/xdg/xdg_manage_generic_config_home.part |
| 696 |
deleted file mode 100644 |
| 697 |
index 6dce9df..0000000 |
| 698 |
--- a/policy/modules/contrib/xdg/xdg_manage_generic_config_home.part |
| 699 |
+++ /dev/null |
| 700 |
@@ -1,24 +0,0 @@ |
| 701 |
- |
| 702 |
-######################################## |
| 703 |
-## <summary> |
| 704 |
-## Manage the xdg config home files |
| 705 |
-## </summary> |
| 706 |
-## <param name="domain"> |
| 707 |
-## <summary> |
| 708 |
-## Domain allowed access. |
| 709 |
-## </summary> |
| 710 |
-## </param> |
| 711 |
-# |
| 712 |
-interface(`xdg_manage_generic_config_home',` |
| 713 |
- gen_require(` |
| 714 |
- type xdg_config_home_t; |
| 715 |
- ') |
| 716 |
- |
| 717 |
- manage_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t) |
| 718 |
- manage_files_pattern($1, xdg_config_home_t, xdg_config_home_t) |
| 719 |
- manage_lnk_files_pattern($1, xdg_config_home_t, xdg_config_home_t) |
| 720 |
- manage_fifo_files_pattern($1, xdg_config_home_t, xdg_config_home_t) |
| 721 |
- manage_sock_files_pattern($1, xdg_config_home_t, xdg_config_home_t) |
| 722 |
- |
| 723 |
- userdom_search_user_home_dirs($1) |
| 724 |
-') |
| 725 |
|
| 726 |
diff --git a/policy/modules/contrib/xdg/xdg_manage_generic_data_home.part b/policy/modules/contrib/xdg/xdg_manage_generic_data_home.part |
| 727 |
deleted file mode 100644 |
| 728 |
index 5aa01d8..0000000 |
| 729 |
--- a/policy/modules/contrib/xdg/xdg_manage_generic_data_home.part |
| 730 |
+++ /dev/null |
| 731 |
@@ -1,24 +0,0 @@ |
| 732 |
- |
| 733 |
-######################################## |
| 734 |
-## <summary> |
| 735 |
-## Manage the xdg data home files |
| 736 |
-## </summary> |
| 737 |
-## <param name="domain"> |
| 738 |
-## <summary> |
| 739 |
-## Domain allowed access. |
| 740 |
-## </summary> |
| 741 |
-## </param> |
| 742 |
-# |
| 743 |
-interface(`xdg_manage_generic_data_home',` |
| 744 |
- gen_require(` |
| 745 |
- type xdg_data_home_t; |
| 746 |
- ') |
| 747 |
- |
| 748 |
- manage_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t) |
| 749 |
- manage_files_pattern($1, xdg_data_home_t, xdg_data_home_t) |
| 750 |
- manage_lnk_files_pattern($1, xdg_data_home_t, xdg_data_home_t) |
| 751 |
- manage_fifo_files_pattern($1, xdg_data_home_t, xdg_data_home_t) |
| 752 |
- manage_sock_files_pattern($1, xdg_data_home_t, xdg_data_home_t) |
| 753 |
- |
| 754 |
- userdom_search_user_home_dirs($1) |
| 755 |
-') |
| 756 |
|
| 757 |
diff --git a/policy/modules/contrib/xdg/xdg_manage_generic_runtime_home.part b/policy/modules/contrib/xdg/xdg_manage_generic_runtime_home.part |
| 758 |
deleted file mode 100644 |
| 759 |
index 85c1554..0000000 |
| 760 |
--- a/policy/modules/contrib/xdg/xdg_manage_generic_runtime_home.part |
| 761 |
+++ /dev/null |
| 762 |
@@ -1,24 +0,0 @@ |
| 763 |
- |
| 764 |
-######################################## |
| 765 |
-## <summary> |
| 766 |
-## Manage the xdg runtime home files |
| 767 |
-## </summary> |
| 768 |
-## <param name="domain"> |
| 769 |
-## <summary> |
| 770 |
-## Domain allowed access. |
| 771 |
-## </summary> |
| 772 |
-## </param> |
| 773 |
-# |
| 774 |
-interface(`xdg_manage_generic_runtime_home',` |
| 775 |
- gen_require(` |
| 776 |
- type xdg_runtime_home_t; |
| 777 |
- ') |
| 778 |
- |
| 779 |
- manage_dirs_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) |
| 780 |
- manage_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) |
| 781 |
- manage_lnk_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) |
| 782 |
- manage_fifo_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) |
| 783 |
- manage_sock_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) |
| 784 |
- |
| 785 |
- files_search_pids($1) |
| 786 |
-') |
| 787 |
|
| 788 |
diff --git a/policy/modules/contrib/xdg/xdg_manage_videos_home.part b/policy/modules/contrib/xdg/xdg_manage_videos_home.part |
| 789 |
deleted file mode 100644 |
| 790 |
index 5118d5d..0000000 |
| 791 |
--- a/policy/modules/contrib/xdg/xdg_manage_videos_home.part |
| 792 |
+++ /dev/null |
| 793 |
@@ -1,18 +0,0 @@ |
| 794 |
-######################################### |
| 795 |
-## <summary> |
| 796 |
-## Manage video content |
| 797 |
-## </summary> |
| 798 |
-## <param name="domain"> |
| 799 |
-## <summary> |
| 800 |
-## Domain allowed access |
| 801 |
-## </summary> |
| 802 |
-## </param> |
| 803 |
-# |
| 804 |
-interface(`xdg_manage_videos_home',` |
| 805 |
- gen_require(` |
| 806 |
- type xdg_videos_home_t; |
| 807 |
- ') |
| 808 |
- |
| 809 |
- manage_dirs_pattern($1, xdg_videos_home_t, xdg_videos_home_t) |
| 810 |
- manage_files_pattern($1, xdg_videos_home_t, xdg_videos_home_t) |
| 811 |
-') |
| 812 |
|
| 813 |
diff --git a/policy/modules/contrib/xdg/xdg_read_all_cache_home_files.part b/policy/modules/contrib/xdg/xdg_read_all_cache_home_files.part |
| 814 |
deleted file mode 100644 |
| 815 |
index a9c6523..0000000 |
| 816 |
--- a/policy/modules/contrib/xdg/xdg_read_all_cache_home_files.part |
| 817 |
+++ /dev/null |
| 818 |
@@ -1,20 +0,0 @@ |
| 819 |
- |
| 820 |
-######################################## |
| 821 |
-## <summary> |
| 822 |
-## Read all xdg_cache_home_type files |
| 823 |
-## </summary> |
| 824 |
-## <param name="domain"> |
| 825 |
-## <summary> |
| 826 |
-## Domain allowed access. |
| 827 |
-## </summary> |
| 828 |
-## </param> |
| 829 |
-# |
| 830 |
-interface(`xdg_read_all_cache_home_files',` |
| 831 |
- gen_require(` |
| 832 |
- attribute xdg_cache_home_type; |
| 833 |
- ') |
| 834 |
- |
| 835 |
- read_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type) |
| 836 |
- |
| 837 |
- userdom_search_user_home_dirs($1) |
| 838 |
-') |
| 839 |
|
| 840 |
diff --git a/policy/modules/contrib/xdg/xdg_read_all_config_home_files.part b/policy/modules/contrib/xdg/xdg_read_all_config_home_files.part |
| 841 |
deleted file mode 100644 |
| 842 |
index ae678b6..0000000 |
| 843 |
--- a/policy/modules/contrib/xdg/xdg_read_all_config_home_files.part |
| 844 |
+++ /dev/null |
| 845 |
@@ -1,20 +0,0 @@ |
| 846 |
- |
| 847 |
-######################################## |
| 848 |
-## <summary> |
| 849 |
-## Read all xdg_config_home_type files |
| 850 |
-## </summary> |
| 851 |
-## <param name="domain"> |
| 852 |
-## <summary> |
| 853 |
-## Domain allowed access. |
| 854 |
-## </summary> |
| 855 |
-## </param> |
| 856 |
-# |
| 857 |
-interface(`xdg_read_all_config_home_files',` |
| 858 |
- gen_require(` |
| 859 |
- attribute xdg_config_home_type; |
| 860 |
- ') |
| 861 |
- |
| 862 |
- read_files_pattern($1, xdg_config_home_type, xdg_config_home_type) |
| 863 |
- |
| 864 |
- userdom_search_user_home_dirs($1) |
| 865 |
-') |
| 866 |
|
| 867 |
diff --git a/policy/modules/contrib/xdg/xdg_read_all_data_home_files.part b/policy/modules/contrib/xdg/xdg_read_all_data_home_files.part |
| 868 |
deleted file mode 100644 |
| 869 |
index 3cfaf56..0000000 |
| 870 |
--- a/policy/modules/contrib/xdg/xdg_read_all_data_home_files.part |
| 871 |
+++ /dev/null |
| 872 |
@@ -1,20 +0,0 @@ |
| 873 |
- |
| 874 |
-######################################## |
| 875 |
-## <summary> |
| 876 |
-## Read all xdg_data_home_type files |
| 877 |
-## </summary> |
| 878 |
-## <param name="domain"> |
| 879 |
-## <summary> |
| 880 |
-## Domain allowed access. |
| 881 |
-## </summary> |
| 882 |
-## </param> |
| 883 |
-# |
| 884 |
-interface(`xdg_read_all_data_home_files',` |
| 885 |
- gen_require(` |
| 886 |
- attribute xdg_data_home_type; |
| 887 |
- ') |
| 888 |
- |
| 889 |
- read_files_pattern($1, xdg_data_home_type, xdg_data_home_type) |
| 890 |
- |
| 891 |
- userdom_search_user_home_dirs($1) |
| 892 |
-') |
| 893 |
|
| 894 |
diff --git a/policy/modules/contrib/xdg/xdg_read_all_runtime_home_files.part b/policy/modules/contrib/xdg/xdg_read_all_runtime_home_files.part |
| 895 |
deleted file mode 100644 |
| 896 |
index 14802cd..0000000 |
| 897 |
--- a/policy/modules/contrib/xdg/xdg_read_all_runtime_home_files.part |
| 898 |
+++ /dev/null |
| 899 |
@@ -1,20 +0,0 @@ |
| 900 |
- |
| 901 |
-######################################## |
| 902 |
-## <summary> |
| 903 |
-## Read all xdg_runtime_home_type files |
| 904 |
-## </summary> |
| 905 |
-## <param name="domain"> |
| 906 |
-## <summary> |
| 907 |
-## Domain allowed access. |
| 908 |
-## </summary> |
| 909 |
-## </param> |
| 910 |
-# |
| 911 |
-interface(`xdg_read_all_runtime_home_files',` |
| 912 |
- gen_require(` |
| 913 |
- attribute xdg_runtime_home_type; |
| 914 |
- ') |
| 915 |
- |
| 916 |
- read_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type) |
| 917 |
- |
| 918 |
- files_search_pids($1) |
| 919 |
-') |
| 920 |
|
| 921 |
diff --git a/policy/modules/contrib/xdg/xdg_read_generic_cache_home_files.part b/policy/modules/contrib/xdg/xdg_read_generic_cache_home_files.part |
| 922 |
deleted file mode 100644 |
| 923 |
index 74c76d8..0000000 |
| 924 |
--- a/policy/modules/contrib/xdg/xdg_read_generic_cache_home_files.part |
| 925 |
+++ /dev/null |
| 926 |
@@ -1,21 +0,0 @@ |
| 927 |
- |
| 928 |
-######################################## |
| 929 |
-## <summary> |
| 930 |
-## Read the xdg cache home files |
| 931 |
-## </summary> |
| 932 |
-## <param name="domain"> |
| 933 |
-## <summary> |
| 934 |
-## Domain allowed access. |
| 935 |
-## </summary> |
| 936 |
-## </param> |
| 937 |
-# |
| 938 |
-interface(`xdg_read_generic_cache_home_files',` |
| 939 |
- gen_require(` |
| 940 |
- type xdg_cache_home_t; |
| 941 |
- ') |
| 942 |
- |
| 943 |
- read_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) |
| 944 |
- list_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t) |
| 945 |
- |
| 946 |
- userdom_search_user_home_dirs($1) |
| 947 |
-') |
| 948 |
|
| 949 |
diff --git a/policy/modules/contrib/xdg/xdg_read_generic_config_home_files.part b/policy/modules/contrib/xdg/xdg_read_generic_config_home_files.part |
| 950 |
deleted file mode 100644 |
| 951 |
index 1087a5f..0000000 |
| 952 |
--- a/policy/modules/contrib/xdg/xdg_read_generic_config_home_files.part |
| 953 |
+++ /dev/null |
| 954 |
@@ -1,21 +0,0 @@ |
| 955 |
- |
| 956 |
-######################################## |
| 957 |
-## <summary> |
| 958 |
-## Read the xdg config home files |
| 959 |
-## </summary> |
| 960 |
-## <param name="domain"> |
| 961 |
-## <summary> |
| 962 |
-## Domain allowed access. |
| 963 |
-## </summary> |
| 964 |
-## </param> |
| 965 |
-# |
| 966 |
-interface(`xdg_read_generic_config_home_files',` |
| 967 |
- gen_require(` |
| 968 |
- type xdg_config_home_t; |
| 969 |
- ') |
| 970 |
- |
| 971 |
- read_files_pattern($1, xdg_config_home_t, xdg_config_home_t) |
| 972 |
- list_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t) |
| 973 |
- |
| 974 |
- userdom_search_user_home_dirs($1) |
| 975 |
-') |
| 976 |
|
| 977 |
diff --git a/policy/modules/contrib/xdg/xdg_read_generic_data_home_files.part b/policy/modules/contrib/xdg/xdg_read_generic_data_home_files.part |
| 978 |
deleted file mode 100644 |
| 979 |
index 82870a1..0000000 |
| 980 |
--- a/policy/modules/contrib/xdg/xdg_read_generic_data_home_files.part |
| 981 |
+++ /dev/null |
| 982 |
@@ -1,21 +0,0 @@ |
| 983 |
- |
| 984 |
-######################################## |
| 985 |
-## <summary> |
| 986 |
-## Read the xdg data home files |
| 987 |
-## </summary> |
| 988 |
-## <param name="domain"> |
| 989 |
-## <summary> |
| 990 |
-## Domain allowed access. |
| 991 |
-## </summary> |
| 992 |
-## </param> |
| 993 |
-# |
| 994 |
-interface(`xdg_read_generic_data_home_files',` |
| 995 |
- gen_require(` |
| 996 |
- type xdg_data_home_t; |
| 997 |
- ') |
| 998 |
- |
| 999 |
- read_files_pattern($1, xdg_data_home_t, xdg_data_home_t) |
| 1000 |
- list_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t) |
| 1001 |
- |
| 1002 |
- userdom_search_user_home_dirs($1) |
| 1003 |
-') |
| 1004 |
|
| 1005 |
diff --git a/policy/modules/contrib/xdg/xdg_read_generic_runtime_home_files.part b/policy/modules/contrib/xdg/xdg_read_generic_runtime_home_files.part |
| 1006 |
deleted file mode 100644 |
| 1007 |
index 6c21442..0000000 |
| 1008 |
--- a/policy/modules/contrib/xdg/xdg_read_generic_runtime_home_files.part |
| 1009 |
+++ /dev/null |
| 1010 |
@@ -1,21 +0,0 @@ |
| 1011 |
- |
| 1012 |
-######################################## |
| 1013 |
-## <summary> |
| 1014 |
-## Read the xdg runtime home files |
| 1015 |
-## </summary> |
| 1016 |
-## <param name="domain"> |
| 1017 |
-## <summary> |
| 1018 |
-## Domain allowed access. |
| 1019 |
-## </summary> |
| 1020 |
-## </param> |
| 1021 |
-# |
| 1022 |
-interface(`xdg_read_generic_runtime_home_files',` |
| 1023 |
- gen_require(` |
| 1024 |
- type xdg_runtime_home_t; |
| 1025 |
- ') |
| 1026 |
- |
| 1027 |
- read_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) |
| 1028 |
- list_dirs_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) |
| 1029 |
- |
| 1030 |
- files_search_pids($1) |
| 1031 |
-') |
| 1032 |
|
| 1033 |
diff --git a/policy/modules/contrib/xdg/xdg_relabel_all_cache_home.part b/policy/modules/contrib/xdg/xdg_relabel_all_cache_home.part |
| 1034 |
deleted file mode 100644 |
| 1035 |
index 2da6084..0000000 |
| 1036 |
--- a/policy/modules/contrib/xdg/xdg_relabel_all_cache_home.part |
| 1037 |
+++ /dev/null |
| 1038 |
@@ -1,24 +0,0 @@ |
| 1039 |
- |
| 1040 |
-######################################## |
| 1041 |
-## <summary> |
| 1042 |
-## Allow relabeling the xdg cache home files, regardless of their specific type |
| 1043 |
-## </summary> |
| 1044 |
-## <param name="domain"> |
| 1045 |
-## <summary> |
| 1046 |
-## Domain allowed access. |
| 1047 |
-## </summary> |
| 1048 |
-## </param> |
| 1049 |
-# |
| 1050 |
-interface(`xdg_relabel_all_cache_home',` |
| 1051 |
- gen_require(` |
| 1052 |
- attribute xdg_cache_home_type; |
| 1053 |
- ') |
| 1054 |
- |
| 1055 |
- relabel_dirs_pattern($1, xdg_cache_home_type, xdg_cache_home_type) |
| 1056 |
- relabel_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type) |
| 1057 |
- relabel_lnk_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type) |
| 1058 |
- relabel_fifo_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type) |
| 1059 |
- relabel_sock_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type) |
| 1060 |
- |
| 1061 |
- userdom_search_user_home_dirs($1) |
| 1062 |
-') |
| 1063 |
|
| 1064 |
diff --git a/policy/modules/contrib/xdg/xdg_relabel_all_config_home.part b/policy/modules/contrib/xdg/xdg_relabel_all_config_home.part |
| 1065 |
deleted file mode 100644 |
| 1066 |
index f80e513..0000000 |
| 1067 |
--- a/policy/modules/contrib/xdg/xdg_relabel_all_config_home.part |
| 1068 |
+++ /dev/null |
| 1069 |
@@ -1,24 +0,0 @@ |
| 1070 |
- |
| 1071 |
-######################################## |
| 1072 |
-## <summary> |
| 1073 |
-## Allow relabeling the xdg config home files, regardless of their specific type |
| 1074 |
-## </summary> |
| 1075 |
-## <param name="domain"> |
| 1076 |
-## <summary> |
| 1077 |
-## Domain allowed access. |
| 1078 |
-## </summary> |
| 1079 |
-## </param> |
| 1080 |
-# |
| 1081 |
-interface(`xdg_relabel_all_config_home',` |
| 1082 |
- gen_require(` |
| 1083 |
- attribute xdg_config_home_type; |
| 1084 |
- ') |
| 1085 |
- |
| 1086 |
- relabel_dirs_pattern($1, xdg_config_home_type, xdg_config_home_type) |
| 1087 |
- relabel_files_pattern($1, xdg_config_home_type, xdg_config_home_type) |
| 1088 |
- relabel_lnk_files_pattern($1, xdg_config_home_type, xdg_config_home_type) |
| 1089 |
- relabel_fifo_files_pattern($1, xdg_config_home_type, xdg_config_home_type) |
| 1090 |
- relabel_sock_files_pattern($1, xdg_config_home_type, xdg_config_home_type) |
| 1091 |
- |
| 1092 |
- userdom_search_user_home_dirs($1) |
| 1093 |
-') |
| 1094 |
|
| 1095 |
diff --git a/policy/modules/contrib/xdg/xdg_relabel_all_data_home.part b/policy/modules/contrib/xdg/xdg_relabel_all_data_home.part |
| 1096 |
deleted file mode 100644 |
| 1097 |
index d8fa50b..0000000 |
| 1098 |
--- a/policy/modules/contrib/xdg/xdg_relabel_all_data_home.part |
| 1099 |
+++ /dev/null |
| 1100 |
@@ -1,24 +0,0 @@ |
| 1101 |
- |
| 1102 |
-######################################## |
| 1103 |
-## <summary> |
| 1104 |
-## Allow relabeling the xdg data home files, regardless of their type |
| 1105 |
-## </summary> |
| 1106 |
-## <param name="domain"> |
| 1107 |
-## <summary> |
| 1108 |
-## Domain allowed access. |
| 1109 |
-## </summary> |
| 1110 |
-## </param> |
| 1111 |
-# |
| 1112 |
-interface(`xdg_relabel_all_data_home',` |
| 1113 |
- gen_require(` |
| 1114 |
- attribute xdg_data_home_type; |
| 1115 |
- ') |
| 1116 |
- |
| 1117 |
- relabel_dirs_pattern($1, xdg_data_home_type, xdg_data_home_type) |
| 1118 |
- relabel_files_pattern($1, xdg_data_home_type, xdg_data_home_type) |
| 1119 |
- relabel_lnk_files_pattern($1, xdg_data_home_type, xdg_data_home_type) |
| 1120 |
- relabel_fifo_files_pattern($1, xdg_data_home_type, xdg_data_home_type) |
| 1121 |
- relabel_sock_files_pattern($1, xdg_data_home_type, xdg_data_home_type) |
| 1122 |
- |
| 1123 |
- userdom_search_user_home_dirs($1) |
| 1124 |
-') |
| 1125 |
|
| 1126 |
diff --git a/policy/modules/contrib/xdg/xdg_relabel_all_runtime_home.part b/policy/modules/contrib/xdg/xdg_relabel_all_runtime_home.part |
| 1127 |
deleted file mode 100644 |
| 1128 |
index b57fbd6..0000000 |
| 1129 |
--- a/policy/modules/contrib/xdg/xdg_relabel_all_runtime_home.part |
| 1130 |
+++ /dev/null |
| 1131 |
@@ -1,24 +0,0 @@ |
| 1132 |
- |
| 1133 |
-######################################## |
| 1134 |
-## <summary> |
| 1135 |
-## Allow relabeling the xdg runtime home files, regardless of the specific type |
| 1136 |
-## </summary> |
| 1137 |
-## <param name="domain"> |
| 1138 |
-## <summary> |
| 1139 |
-## Domain allowed access. |
| 1140 |
-## </summary> |
| 1141 |
-## </param> |
| 1142 |
-# |
| 1143 |
-interface(`xdg_relabel_all_runtime_home',` |
| 1144 |
- gen_require(` |
| 1145 |
- attribute xdg_runtime_home_type; |
| 1146 |
- ') |
| 1147 |
- |
| 1148 |
- relabel_dirs_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type) |
| 1149 |
- relabel_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type) |
| 1150 |
- relabel_lnk_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type) |
| 1151 |
- relabel_fifo_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type) |
| 1152 |
- relabel_sock_files_pattern($1, xdg_runtime_home_type, xdg_runtime_home_type) |
| 1153 |
- |
| 1154 |
- files_search_pids($1) |
| 1155 |
-') |
| 1156 |
|
| 1157 |
diff --git a/policy/modules/contrib/xdg/xdg_relabel_generic_cache_home.part b/policy/modules/contrib/xdg/xdg_relabel_generic_cache_home.part |
| 1158 |
deleted file mode 100644 |
| 1159 |
index 34556f3..0000000 |
| 1160 |
--- a/policy/modules/contrib/xdg/xdg_relabel_generic_cache_home.part |
| 1161 |
+++ /dev/null |
| 1162 |
@@ -1,24 +0,0 @@ |
| 1163 |
- |
| 1164 |
-######################################## |
| 1165 |
-## <summary> |
| 1166 |
-## Allow relabeling the xdg cache home files |
| 1167 |
-## </summary> |
| 1168 |
-## <param name="domain"> |
| 1169 |
-## <summary> |
| 1170 |
-## Domain allowed access. |
| 1171 |
-## </summary> |
| 1172 |
-## </param> |
| 1173 |
-# |
| 1174 |
-interface(`xdg_relabel_generic_cache_home',` |
| 1175 |
- gen_require(` |
| 1176 |
- type xdg_cache_home_t; |
| 1177 |
- ') |
| 1178 |
- |
| 1179 |
- relabel_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t) |
| 1180 |
- relabel_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) |
| 1181 |
- relabel_lnk_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) |
| 1182 |
- relabel_fifo_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) |
| 1183 |
- relabel_sock_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t) |
| 1184 |
- |
| 1185 |
- userdom_search_user_home_dirs($1) |
| 1186 |
-') |
| 1187 |
|
| 1188 |
diff --git a/policy/modules/contrib/xdg/xdg_relabel_generic_config_home.part b/policy/modules/contrib/xdg/xdg_relabel_generic_config_home.part |
| 1189 |
deleted file mode 100644 |
| 1190 |
index dcf73ab..0000000 |
| 1191 |
--- a/policy/modules/contrib/xdg/xdg_relabel_generic_config_home.part |
| 1192 |
+++ /dev/null |
| 1193 |
@@ -1,24 +0,0 @@ |
| 1194 |
- |
| 1195 |
-######################################## |
| 1196 |
-## <summary> |
| 1197 |
-## Allow relabeling the xdg config home files |
| 1198 |
-## </summary> |
| 1199 |
-## <param name="domain"> |
| 1200 |
-## <summary> |
| 1201 |
-## Domain allowed access. |
| 1202 |
-## </summary> |
| 1203 |
-## </param> |
| 1204 |
-# |
| 1205 |
-interface(`xdg_relabel_generic_config_home',` |
| 1206 |
- gen_require(` |
| 1207 |
- type xdg_config_home_t; |
| 1208 |
- ') |
| 1209 |
- |
| 1210 |
- relabel_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t) |
| 1211 |
- relabel_files_pattern($1, xdg_config_home_t, xdg_config_home_t) |
| 1212 |
- relabel_lnk_files_pattern($1, xdg_config_home_t, xdg_config_home_t) |
| 1213 |
- relabel_fifo_files_pattern($1, xdg_config_home_t, xdg_config_home_t) |
| 1214 |
- relabel_sock_files_pattern($1, xdg_config_home_t, xdg_config_home_t) |
| 1215 |
- |
| 1216 |
- userdom_search_user_home_dirs($1) |
| 1217 |
-') |
| 1218 |
|
| 1219 |
diff --git a/policy/modules/contrib/xdg/xdg_relabel_generic_data_home.part b/policy/modules/contrib/xdg/xdg_relabel_generic_data_home.part |
| 1220 |
deleted file mode 100644 |
| 1221 |
index 2d8c293..0000000 |
| 1222 |
--- a/policy/modules/contrib/xdg/xdg_relabel_generic_data_home.part |
| 1223 |
+++ /dev/null |
| 1224 |
@@ -1,24 +0,0 @@ |
| 1225 |
- |
| 1226 |
-######################################## |
| 1227 |
-## <summary> |
| 1228 |
-## Allow relabeling the xdg data home files |
| 1229 |
-## </summary> |
| 1230 |
-## <param name="domain"> |
| 1231 |
-## <summary> |
| 1232 |
-## Domain allowed access. |
| 1233 |
-## </summary> |
| 1234 |
-## </param> |
| 1235 |
-# |
| 1236 |
-interface(`xdg_relabel_generic_data_home',` |
| 1237 |
- gen_require(` |
| 1238 |
- type xdg_data_home_t; |
| 1239 |
- ') |
| 1240 |
- |
| 1241 |
- relabel_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t) |
| 1242 |
- relabel_files_pattern($1, xdg_data_home_t, xdg_data_home_t) |
| 1243 |
- relabel_lnk_files_pattern($1, xdg_data_home_t, xdg_data_home_t) |
| 1244 |
- relabel_fifo_files_pattern($1, xdg_data_home_t, xdg_data_home_t) |
| 1245 |
- relabel_sock_files_pattern($1, xdg_data_home_t, xdg_data_home_t) |
| 1246 |
- |
| 1247 |
- userdom_search_user_home_dirs($1) |
| 1248 |
-') |
| 1249 |
|
| 1250 |
diff --git a/policy/modules/contrib/xdg/xdg_relabel_generic_runtime_home.part b/policy/modules/contrib/xdg/xdg_relabel_generic_runtime_home.part |
| 1251 |
deleted file mode 100644 |
| 1252 |
index 80bcc3b..0000000 |
| 1253 |
--- a/policy/modules/contrib/xdg/xdg_relabel_generic_runtime_home.part |
| 1254 |
+++ /dev/null |
| 1255 |
@@ -1,24 +0,0 @@ |
| 1256 |
- |
| 1257 |
-######################################## |
| 1258 |
-## <summary> |
| 1259 |
-## Allow relabeling the xdg runtime home files |
| 1260 |
-## </summary> |
| 1261 |
-## <param name="domain"> |
| 1262 |
-## <summary> |
| 1263 |
-## Domain allowed access. |
| 1264 |
-## </summary> |
| 1265 |
-## </param> |
| 1266 |
-# |
| 1267 |
-interface(`xdg_relabel_generic_runtime_home',` |
| 1268 |
- gen_require(` |
| 1269 |
- type xdg_runtime_home_t; |
| 1270 |
- ') |
| 1271 |
- |
| 1272 |
- relabel_dirs_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) |
| 1273 |
- relabel_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) |
| 1274 |
- relabel_lnk_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) |
| 1275 |
- relabel_fifo_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) |
| 1276 |
- relabel_sock_files_pattern($1, xdg_runtime_home_t, xdg_runtime_home_t) |
| 1277 |
- |
| 1278 |
- files_search_pids($1) |
| 1279 |
-') |
| 1280 |
|
| 1281 |
diff --git a/policy/modules/contrib/xdg/xdg_runtime_home_content.part b/policy/modules/contrib/xdg/xdg_runtime_home_content.part |
| 1282 |
deleted file mode 100644 |
| 1283 |
index 2497920..0000000 |
| 1284 |
--- a/policy/modules/contrib/xdg/xdg_runtime_home_content.part |
| 1285 |
+++ /dev/null |
| 1286 |
@@ -1,20 +0,0 @@ |
| 1287 |
- |
| 1288 |
-######################################## |
| 1289 |
-## <summary> |
| 1290 |
-## Mark the selected type as an xdg_runtime_home_type |
| 1291 |
-## </summary> |
| 1292 |
-## <param name="type"> |
| 1293 |
-## <summary> |
| 1294 |
-## Type to give the xdg_runtime_home_type attribute to |
| 1295 |
-## </summary> |
| 1296 |
-## </param> |
| 1297 |
-# |
| 1298 |
-interface(`xdg_runtime_home_content',` |
| 1299 |
- gen_require(` |
| 1300 |
- attribute xdg_runtime_home_type; |
| 1301 |
- ') |
| 1302 |
- |
| 1303 |
- typeattribute $1 xdg_runtime_home_type; |
| 1304 |
- |
| 1305 |
- userdom_user_home_content($1) |
| 1306 |
-') |
| 1307 |
|
| 1308 |
diff --git a/policy/modules/contrib/xdg/xdg_runtime_home_filetrans.part b/policy/modules/contrib/xdg/xdg_runtime_home_filetrans.part |
| 1309 |
deleted file mode 100644 |
| 1310 |
index 60d979b..0000000 |
| 1311 |
--- a/policy/modules/contrib/xdg/xdg_runtime_home_filetrans.part |
| 1312 |
+++ /dev/null |
| 1313 |
@@ -1,37 +0,0 @@ |
| 1314 |
- |
| 1315 |
-######################################## |
| 1316 |
-## <summary> |
| 1317 |
-## Create objects in an xdg_runtime_home directory |
| 1318 |
-## with an automatic type transition to |
| 1319 |
-## a specified private type. |
| 1320 |
-## </summary> |
| 1321 |
-## <param name="domain"> |
| 1322 |
-## <summary> |
| 1323 |
-## Domain allowed access. |
| 1324 |
-## </summary> |
| 1325 |
-## </param> |
| 1326 |
-## <param name="private_type"> |
| 1327 |
-## <summary> |
| 1328 |
-## The type of the object to create. |
| 1329 |
-## </summary> |
| 1330 |
-## </param> |
| 1331 |
-## <param name="object_class"> |
| 1332 |
-## <summary> |
| 1333 |
-## The class of the object to be created. |
| 1334 |
-## </summary> |
| 1335 |
-## </param> |
| 1336 |
-## <param name="filename" optional="true"> |
| 1337 |
-## <summary> |
| 1338 |
-## Name of the file or directory created |
| 1339 |
-## </summary> |
| 1340 |
-## </param> |
| 1341 |
-# |
| 1342 |
-interface(`xdg_runtime_home_filetrans',` |
| 1343 |
- gen_require(` |
| 1344 |
- type xdg_runtime_home_t; |
| 1345 |
- ') |
| 1346 |
- |
| 1347 |
- files_search_pids($1) |
| 1348 |
- |
| 1349 |
- filetrans_pattern($1, xdg_runtime_home_t, $2, $3) |
| 1350 |
-') |
Archives