diff options
| -rw-r--r-- | policy/modules/admin/bootloader.te | 9 | ||||
| -rw-r--r-- | policy/modules/roles/sysadm.te | 4 | ||||
| -rw-r--r-- | policy/modules/services/xserver.te | 2 | ||||
| -rw-r--r-- | policy/modules/system/hotplug.te | 2 | ||||
| -rw-r--r-- | policy/modules/system/init.te | 9 | ||||
| -rw-r--r-- | policy/modules/system/ipsec.te | 4 | ||||
| -rw-r--r-- | policy/modules/system/iptables.te | 2 | ||||
| -rw-r--r-- | policy/modules/system/lvm.te | 2 | ||||
| -rw-r--r-- | policy/modules/system/modutils.if | 2 | ||||
| -rw-r--r-- | policy/modules/system/sysnetwork.te | 4 | ||||
| -rw-r--r-- | policy/modules/system/udev.te | 2 | ||||
| -rw-r--r-- | policy/modules/system/unconfined.te | 2 | ||||
| -rw-r--r-- | policy/modules/system/userdomain.if | 2 |
13 files changed, 17 insertions, 29 deletions
diff --git a/policy/modules/admin/bootloader.te b/policy/modules/admin/bootloader.te index 51c2266c9..726f72119 100644 --- a/policy/modules/admin/bootloader.te +++ b/policy/modules/admin/bootloader.te @@ -124,8 +124,6 @@ logging_rw_generic_logs(bootloader_t) miscfiles_read_localization(bootloader_t) -modutils_domtrans_insmod(bootloader_t) - seutil_read_bin_policy(bootloader_t) seutil_read_loadpolicy(bootloader_t) seutil_dontaudit_search_config(bootloader_t) @@ -199,12 +197,9 @@ optional_policy(` ') optional_policy(` - modutils_exec_insmod(bootloader_t) - modutils_read_module_deps(bootloader_t) + modutils_domtrans(bootloader_t) modutils_read_module_config(bootloader_t) - modutils_exec_insmod(bootloader_t) - modutils_exec_depmod(bootloader_t) - modutils_exec_update_mods(bootloader_t) + modutils_read_module_deps(bootloader_t) ') optional_policy(` diff --git a/policy/modules/roles/sysadm.te b/policy/modules/roles/sysadm.te index 6a8144130..7286ca261 100644 --- a/policy/modules/roles/sysadm.te +++ b/policy/modules/roles/sysadm.te @@ -619,9 +619,7 @@ optional_policy(` ') optional_policy(` - modutils_run_depmod(sysadm_t, sysadm_r) - modutils_run_insmod(sysadm_t, sysadm_r) - modutils_run_update_mods(sysadm_t, sysadm_r) + modutils_run(sysadm_t, sysadm_r) ') optional_policy(` diff --git a/policy/modules/services/xserver.te b/policy/modules/services/xserver.te index 71786c59d..04ad1d9bf 100644 --- a/policy/modules/services/xserver.te +++ b/policy/modules/services/xserver.te @@ -762,7 +762,7 @@ logging_send_audit_msgs(xserver_t) miscfiles_read_localization(xserver_t) miscfiles_read_fonts(xserver_t) -modutils_domtrans_insmod(xserver_t) +modutils_domtrans(xserver_t) # read x_contexts seutil_read_default_contexts(xserver_t) diff --git a/policy/modules/system/hotplug.te b/policy/modules/system/hotplug.te index 8c7e5ff50..72352066c 100644 --- a/policy/modules/system/hotplug.te +++ b/policy/modules/system/hotplug.te @@ -151,7 +151,7 @@ optional_policy(` ') optional_policy(` - modutils_domtrans_insmod(hotplug_t) + modutils_domtrans(hotplug_t) modutils_read_module_deps(hotplug_t) ') diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te index 592fdfcec..6055fa6a9 100644 --- a/policy/modules/system/init.te +++ b/policy/modules/system/init.te @@ -333,7 +333,7 @@ ifdef(`init_systemd',` ') optional_policy(` - modutils_domtrans_insmod(init_t) + modutils_domtrans(init_t) ') ',` tunable_policy(`init_upstart',` @@ -1087,11 +1087,6 @@ optional_policy(` ') optional_policy(` - modutils_read_module_config(initrc_t) - modutils_domtrans_insmod(initrc_t) -') - -optional_policy(` inn_exec_config(initrc_t) ') @@ -1151,7 +1146,7 @@ optional_policy(` optional_policy(` modutils_read_module_config(initrc_t) - modutils_domtrans_insmod(initrc_t) + modutils_domtrans(initrc_t) ') optional_policy(` diff --git a/policy/modules/system/ipsec.te b/policy/modules/system/ipsec.te index 72dd736bd..b520215ee 100644 --- a/policy/modules/system/ipsec.te +++ b/policy/modules/system/ipsec.te @@ -333,7 +333,7 @@ optional_policy(` ') optional_policy(` - modutils_domtrans_insmod(ipsec_mgmt_t) + modutils_domtrans(ipsec_mgmt_t) ') optional_policy(` @@ -498,7 +498,7 @@ logging_send_syslog_msg(ipsec_supervisor_t); miscfiles_read_localization(ipsec_supervisor_t); optional_policy(` - modutils_domtrans_insmod(ipsec_supervisor_t) + modutils_domtrans(ipsec_supervisor_t) ') ifdef(`distro_gentoo',` diff --git a/policy/modules/system/iptables.te b/policy/modules/system/iptables.te index e8063b99e..c4cbf6d82 100644 --- a/policy/modules/system/iptables.te +++ b/policy/modules/system/iptables.te @@ -121,7 +121,7 @@ optional_policy(` ') optional_policy(` - modutils_run_insmod(iptables_t, iptables_roles) + modutils_run(iptables_t, iptables_roles) ') optional_policy(` diff --git a/policy/modules/system/lvm.te b/policy/modules/system/lvm.te index e69842499..bb4f3035f 100644 --- a/policy/modules/system/lvm.te +++ b/policy/modules/system/lvm.te @@ -350,7 +350,7 @@ optional_policy(` ') optional_policy(` - modutils_domtrans_insmod(lvm_t) + modutils_domtrans(lvm_t) ') optional_policy(` diff --git a/policy/modules/system/modutils.if b/policy/modules/system/modutils.if index 9ddbdae26..2a584a3e7 100644 --- a/policy/modules/system/modutils.if +++ b/policy/modules/system/modutils.if @@ -167,7 +167,7 @@ interface(`modutils_run',` attribute_role kmod_roles; ') - modutils_domtrans_insmod($1) + modutils_domtrans($1) roleattribute $2 kmod_roles; ') diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te index d21a2d644..c83bfa618 100644 --- a/policy/modules/system/sysnetwork.te +++ b/policy/modules/system/sysnetwork.te @@ -206,7 +206,7 @@ optional_policy(` ') optional_policy(` - modutils_run_insmod(dhcpc_t, dhcpc_roles) + modutils_run(dhcpc_t, dhcpc_roles) ') # for the dhcp client to run ping to check IP addresses @@ -387,7 +387,7 @@ optional_policy(` ') optional_policy(` - modutils_domtrans_insmod(ifconfig_t) + modutils_domtrans(ifconfig_t) ') optional_policy(` diff --git a/policy/modules/system/udev.te b/policy/modules/system/udev.te index 08057d3d6..cfe59aaab 100644 --- a/policy/modules/system/udev.te +++ b/policy/modules/system/udev.te @@ -158,7 +158,7 @@ logging_send_audit_msgs(udev_t) miscfiles_read_localization(udev_t) miscfiles_read_hwdata(udev_t) -modutils_domtrans_insmod(udev_t) +modutils_domtrans(udev_t) modutils_read_module_config(udev_t) # read modules.inputmap: modutils_read_module_deps(udev_t) diff --git a/policy/modules/system/unconfined.te b/policy/modules/system/unconfined.te index c1d4df8eb..8b9bcc09f 100644 --- a/policy/modules/system/unconfined.te +++ b/policy/modules/system/unconfined.te @@ -112,7 +112,7 @@ optional_policy(` ') optional_policy(` - modutils_run_update_mods(unconfined_t, unconfined_r) + modutils_run(unconfined_t, unconfined_r) ') optional_policy(` diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if index a43c756e2..9c5272850 100644 --- a/policy/modules/system/userdomain.if +++ b/policy/modules/system/userdomain.if @@ -1277,7 +1277,7 @@ template(`userdom_admin_user_template',` logging_send_syslog_msg($1_t) - modutils_domtrans_insmod($1_t) + modutils_domtrans($1_t) # The following rule is temporary until such time that a complete # policy management infrastructure is in place so that an administrator |