1 |
commit: 248905080e2e9840c120f1bb12d589bbec3c89bb |
2 |
Author: Jason Zaman <jason <AT> perfinion <DOT> com> |
3 |
AuthorDate: Sun Apr 30 09:57:08 2017 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Apr 30 14:17:45 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=24890508 |
7 |
|
8 |
Remove interfaces added upstream |
9 |
|
10 |
policy/modules/contrib/gnome.if | 29 ----------------------------- |
11 |
policy/modules/kernel/files.if | 20 -------------------- |
12 |
policy/modules/system/init.te | 1 - |
13 |
3 files changed, 50 deletions(-) |
14 |
|
15 |
diff --git a/policy/modules/contrib/gnome.if b/policy/modules/contrib/gnome.if |
16 |
index ce436cfd..4fcc6905 100644 |
17 |
--- a/policy/modules/contrib/gnome.if |
18 |
+++ b/policy/modules/contrib/gnome.if |
19 |
@@ -124,12 +124,6 @@ template(`gnome_role_template',` |
20 |
wm_dbus_chat($1, $1_gkeyringd_t) |
21 |
') |
22 |
') |
23 |
- |
24 |
- ifdef(`distro_gentoo',` |
25 |
- optional_policy(` |
26 |
- gnome_dbus_chat_gconfd($3) |
27 |
- ') |
28 |
- ') |
29 |
') |
30 |
|
31 |
######################################## |
32 |
@@ -841,29 +835,6 @@ interface(`gnome_stream_connect_all_gkeyringd',` |
33 |
stream_connect_pattern($1, gnome_keyring_tmp_t, gnome_keyring_tmp_t, gkeyringd_domain) |
34 |
') |
35 |
|
36 |
-# From here Gentoo specific but cannot use ifdef distro_gentoo here |
37 |
- |
38 |
-######################################### |
39 |
-## <summary> |
40 |
-## Send and receive messages from the gconf daemon |
41 |
-## over dbus. |
42 |
-## </summary> |
43 |
-## <param name="domain"> |
44 |
-## <summary> |
45 |
-## Domain allowed access. |
46 |
-## </summary> |
47 |
-## </param> |
48 |
-# |
49 |
-interface(`gnome_dbus_chat_gconfd',` |
50 |
- gen_require(` |
51 |
- type gconfd_t; |
52 |
- class dbus send_msg; |
53 |
- ') |
54 |
- |
55 |
- allow $1 gconfd_t:dbus send_msg; |
56 |
- allow gconfd_t $1:dbus send_msg; |
57 |
-') |
58 |
- |
59 |
######################################## |
60 |
## <summary> |
61 |
## Manage gstreamer ORC optimized |
62 |
|
63 |
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if |
64 |
index ef969a95..a74f7913 100644 |
65 |
--- a/policy/modules/kernel/files.if |
66 |
+++ b/policy/modules/kernel/files.if |
67 |
@@ -7232,26 +7232,6 @@ interface(`files_unconfined',` |
68 |
|
69 |
######################################## |
70 |
## <summary> |
71 |
-## Create PID directories. |
72 |
-## </summary> |
73 |
-## <param name="domain"> |
74 |
-## <summary> |
75 |
-## Domain allowed access. |
76 |
-## </summary> |
77 |
-## </param> |
78 |
-# |
79 |
-interface(`files_create_pid_dirs',` |
80 |
- gen_require(` |
81 |
- type var_t, var_run_t; |
82 |
- ') |
83 |
- |
84 |
- allow $1 var_t:dir search_dir_perms; |
85 |
- allow $1 var_run_t:lnk_file read_lnk_file_perms; |
86 |
- create_dirs_pattern($1, var_run_t, var_run_t) |
87 |
-') |
88 |
- |
89 |
-######################################## |
90 |
-## <summary> |
91 |
## Create, read, write, and delete symbolic links in |
92 |
## /etc that are dynamically created on boot. |
93 |
## </summary> |
94 |
|
95 |
diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te |
96 |
index 5c6830f2..07238399 100644 |
97 |
--- a/policy/modules/system/init.te |
98 |
+++ b/policy/modules/system/init.te |
99 |
@@ -1350,7 +1350,6 @@ ifdef(`distro_gentoo',` |
100 |
# needs to chmod some devices in early boot |
101 |
dev_setattr_generic_chr_files(initrc_t) |
102 |
|
103 |
- files_create_pid_dirs(initrc_t) |
104 |
files_dontaudit_write_usr_dirs(initrc_t) |
105 |
files_manage_generic_tmp_dirs(initrc_t) |
106 |
files_manage_generic_tmp_files(initrc_t) |