]> git.ipfire.org Git - people/stevee/selinux-policy.git/commitdiff
projects / people / stevee / selinux-policy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 36c225e)
Remove module for telepathy.
authorStefan Schantl <stefan.schantl@ipfire.org>
Sat, 14 Jan 2012 14:58:19 +0000 (15:58 +0100)
committerStefan Schantl <stefan.schantl@ipfire.org>
Sat, 14 Jan 2012 14:58:19 +0000 (15:58 +0100)
policy/modules/apps/gnome.if patch | blob | blame | history
policy/modules/apps/telepathy.fc [deleted file] patch | blob | blame | history
policy/modules/apps/telepathy.if [deleted file] patch | blob | blame | history
policy/modules/apps/telepathy.te [deleted file] patch | blob | blame | history
policy/modules/roles/staff.te patch | blob | blame | history
policy/modules/roles/unconfineduser.te patch | blob | blame | history
policy/modules/roles/unprivuser.te patch | blob | blame | history
policy/modules/roles/xguest.te patch | blob | blame | history
policy/modules/system/userdomain.if patch | blob | blame | history
policy/modules/system/userdomain.te patch | blob | blame | history

diff --git a/policy/modules/apps/gnome.if b/policy/modules/apps/gnome.if
index 45580b57ef068c47a98830f5dc31c1fe4f1de3c0..6ba6bbda17009c3f10fa311952c205c3aa82b4f1 100644 (file)
--- a/policy/modules/apps/gnome.if
+++ b/policy/modules/apps/gnome.if
@@ -106,10 +106,6 @@ interface(`gnome_role_gkeyringd',`
                gnome_home_dir_filetrans($1_gkeyringd_t)
                gnome_manage_generic_home_dirs($1_gkeyringd_t)
                gnome_read_generic_data_home_files($1_gkeyringd_t)
-
-               optional_policy(`
-                       telepathy_mission_control_read_state($1_gkeyringd_t)
-               ')
        ')
 ')
 
diff --git a/policy/modules/apps/telepathy.fc b/policy/modules/apps/telepathy.fc
deleted file mode 100644 (file)
index a275bd6..0000000
--- a/policy/modules/apps/telepathy.fc
+++ /dev/null
@@ -1,21 +0,0 @@
-HOME_DIR/\.cache/\.mc_connections      --      gen_context(system_u:object_r:telepathy_mission_control_cache_home_t, s0)
-HOME_DIR/\.cache/telepathy(/.*)?       gen_context(system_u:object_r:telepathy_cache_home_t, s0)
-HOME_DIR/\.cache/telepathy/logger(/.*)?        gen_context(system_u:object_r:telepathy_logger_cache_home_t,s0)
-HOME_DIR/\.cache/telepathy/gabble(/.*)?                gen_context(system_u:object_r:telepathy_gabble_cache_home_t, s0)
-HOME_DIR/\.cache/wocky(/.*)?                   gen_context(system_u:object_r:telepathy_gabble_cache_home_t, s0)
-HOME_DIR/\.mission-control(/.*)?               gen_context(system_u:object_r:telepathy_mission_control_home_t, s0)
-HOME_DIR/\.local/share/telepathy(/.*)? gen_context(system_u:object_r:telepathy_data_home_t,s0)
-HOME_DIR/\.local/share/telepathy/mission-control(/.*)?         gen_context(system_u:object_r:telepathy_mission_control_data_home_t, s0)
-HOME_DIR/\.telepathy-sunshine(/.*)?            gen_context(system_u:object_r:telepathy_sunshine_home_t, s0)
-HOME_DIR/\.local/share/TpLogger(/.*)?          gen_context(system_u:object_r:telepathy_logger_data_home_t,s0)
-
-/usr/libexec/mission-control-5         --      gen_context(system_u:object_r:telepathy_mission_control_exec_t, s0)
-/usr/libexec/telepathy-butterfly       --      gen_context(system_u:object_r:telepathy_msn_exec_t, s0)
-/usr/libexec/telepathy-gabble          --      gen_context(system_u:object_r:telepathy_gabble_exec_t, s0)
-/usr/libexec/telepathy-haze            --      gen_context(system_u:object_r:telepathy_msn_exec_t, s0)
-/usr/libexec/telepathy-idle            --      gen_context(system_u:object_r:telepathy_idle_exec_t, s0)
-/usr/libexec/telepathy-logger          --      gen_context(system_u:object_r:telepathy_logger_exec_t,s0)
-/usr/libexec/telepathy-salut           --      gen_context(system_u:object_r:telepathy_salut_exec_t, s0)
-/usr/libexec/telepathy-sofiasip                --      gen_context(system_u:object_r:telepathy_sofiasip_exec_t, s0)
-/usr/libexec/telepathy-stream-engine   --      gen_context(system_u:object_r:telepathy_stream_engine_exec_t, s0)
-/usr/libexec/telepathy-sunshine                --      gen_context(system_u:object_r:telepathy_sunshine_exec_t, s0)
diff --git a/policy/modules/apps/telepathy.if b/policy/modules/apps/telepathy.if
deleted file mode 100644 (file)
index d49274d..0000000
--- a/policy/modules/apps/telepathy.if
+++ /dev/null
@@ -1,291 +0,0 @@
-## <summary>Telepathy communications framework.</summary>
-
-#######################################
-## <summary>
-##     Creates basic types for telepathy
-##     domain
-## </summary>
-## <param name="prefix">
-##     <summary>
-##     Prefix for the domain.
-##     </summary>
-## </param>
-#
-template(`telepathy_domain_template',`
-       gen_require(`
-               attribute telepathy_domain;
-               attribute telepathy_executable;
-       ')
-
-       type telepathy_$1_t, telepathy_domain;
-       type telepathy_$1_exec_t, telepathy_executable;
-       application_domain(telepathy_$1_t, telepathy_$1_exec_t)
-       ubac_constrained(telepathy_$1_t)
-       auth_use_nsswitch(telepathy_$1_t)
-
-       type telepathy_$1_tmp_t;
-       files_tmp_file(telepathy_$1_tmp_t)
-       ubac_constrained(telepathy_$1_tmp_t)
-
-')
-
-#######################################
-## <summary>
-##     Role access for telepathy domains
-##     that executes via dbus-session
-## </summary>
-## <param name="user_role">
-##     <summary>
-##     The role associated with the user domain.
-##     </summary>
-## </param>
-## <param name="user_domain">
-##     <summary>
-##     The type of the user domain.
-##     </summary>
-## </param>
-## <param name="domain_prefix">
-##     <summary>
-##     User domain prefix to be used.
-##     </summary>
-## </param>
-#
-template(`telepathy_role',`
-       gen_require(`
-               attribute telepathy_domain;
-               type telepathy_gabble_t, telepathy_sofiasip_t, telepathy_idle_t;
-               type telepathy_mission_control_t, telepathy_salut_t, telepathy_sunshine_t;
-               type telepathy_stream_engine_t, telepathy_msn_t, telepathy_gabble_exec_t;
-               type telepathy_sofiasip_exec_t, telepathy_idle_exec_t;
-               type telepathy_logger_t, telepathy_logger_exec_t;
-               type telepathy_mission_control_exec_t, telepathy_salut_exec_t;
-               type telepathy_sunshine_exec_t, telepathy_stream_engine_exec_t;
-               type telepathy_msn_exec_t;
-       ')
-
-       role $1 types telepathy_domain;
-
-       allow $2 telepathy_domain:process signal_perms;
-       ps_process_pattern($2, telepathy_domain)
-
-       telepathy_gabble_stream_connect($2)
-       telepathy_msn_stream_connect($2)
-       telepathy_salut_stream_connect($2)
-
-       dbus_session_domain($3, telepathy_gabble_exec_t, telepathy_gabble_t)
-       dbus_session_domain($3, telepathy_sofiasip_exec_t, telepathy_sofiasip_t)
-       dbus_session_domain($3, telepathy_idle_exec_t, telepathy_idle_t)
-       dbus_session_domain($3, telepathy_logger_exec_t, telepathy_logger_t)
-       dbus_session_domain($3, telepathy_mission_control_exec_t, telepathy_mission_control_t)
-       dbus_session_domain($3, telepathy_salut_exec_t, telepathy_salut_t)
-       dbus_session_domain($3, telepathy_sunshine_exec_t, telepathy_sunshine_t)
-       dbus_session_domain($3, telepathy_stream_engine_exec_t, telepathy_stream_engine_t)
-       dbus_session_domain($3, telepathy_msn_exec_t, telepathy_msn_t)
-
-       telepathy_dbus_chat($2)
-')
-
-########################################
-## <summary>
-##     Stream connect to Telepathy Gabble
-## </summary>
-## <param name="domain">
-##     <summary>
-##     Domain allowed access.
-##     </summary>
-## </param>
-#
-interface(`telepathy_gabble_stream_connect', `
-       gen_require(`
-               type telepathy_gabble_t, telepathy_gabble_tmp_t;
-       ')
-
-       stream_connect_pattern($1, telepathy_gabble_tmp_t, telepathy_gabble_tmp_t, telepathy_gabble_t)
-       files_search_tmp($1)
-')
-
-########################################
-## <summary>
-##     Send DBus messages to and from
-##     Telepathy Gabble.
-## </summary>
-## <param name="domain">
-##     <summary>
-##     Domain allowed access.
-##     </summary>
-## </param>
-#
-interface(`telepathy_gabble_dbus_chat', `
-       gen_require(`
-               type telepathy_gabble_t;
-               class dbus send_msg;
-       ')
-
-       allow $1 telepathy_gabble_t:dbus send_msg;
-       allow telepathy_gabble_t $1:dbus send_msg;
-')
-
-########################################
-## <summary>
-##     Read telepathy mission control state.
-## </summary>
-## <param name="domain">
-##     <summary>
-##     Domain allowed access.
-##     </summary>
-## </param>
-#
-interface(`telepathy_mission_control_read_state',`
-       gen_require(`
-               type telepathy_mission_control_t;
-       ')
-
-       kernel_search_proc($1)
-       ps_process_pattern($1, telepathy_mission_control_t)
-')
-
-#######################################
-## <summary>
-##     Stream connect to telepathy MSN managers
-## </summary>
-## <param name="domain">
-##     <summary>
-##     Domain allowed access.
-##     </summary>
-## </param>
-#
-interface(`telepathy_msn_stream_connect', `
-       gen_require(`
-               type telepathy_msn_t, telepathy_msn_tmp_t;
-       ')
-
-       stream_connect_pattern($1, telepathy_msn_tmp_t, telepathy_msn_tmp_t, telepathy_msn_t)
-       files_search_tmp($1)
-')
-
-########################################
-## <summary>
-##     Stream connect to Telepathy Salut
-## </summary>
-## <param name="domain">
-##     <summary>
-##     Domain allowed access.
-##     </summary>
-## </param>
-#
-interface(`telepathy_salut_stream_connect', `
-       gen_require(`
-               type telepathy_salut_t, telepathy_salut_tmp_t;
-       ')
-
-       stream_connect_pattern($1, telepathy_salut_tmp_t, telepathy_salut_tmp_t, telepathy_salut_t)
-       files_search_tmp($1)
-')
-
-#######################################
-## <summary>
-##     Send DBus messages to and from
-##     all Telepathy domain.
-## </summary>
-## <param name="domain">
-##     <summary>
-##     Domain allowed access.
-##     </summary>
-## </param>
-#
-interface(`telepathy_dbus_chat',`
-       gen_require(`
-               attribute telepathy_domain;
-               class dbus send_msg;
-       ')
-
-       allow $1 telepathy_domain:dbus send_msg;
-       allow telepathy_domain $1:dbus send_msg;
-')
-
-######################################
-## <summary>
-##     Execute telepathy executable
-##     in the specified domain.
-## </summary>
-## <desc>
-##     <p>
-##     Execute a telepathy executable
-##     in the specified domain.  This allows
-##     the specified domain to execute any file
-##     on these filesystems in the specified
-##     domain. 
-##     </p>
-##     <p>
-##     No interprocess communication (signals, pipes,
-##     etc.) is provided by this interface since
-##     the domains are not owned by this module.
-##     </p>
-## </desc>
-## <param name="domain">
-##     <summary>
-##     Domain allowed to transition.
-##     </summary>
-## </param>
-## <param name="target_domain">
-##     <summary>
-##     The type of the new process.
-##     </summary>
-## </param>
-#
-interface(`telepathy_command_domtrans', `
-       gen_require(`
-               attribute telepathy_executable;
-       ')
-
-       allow $2 telepathy_executable:file entrypoint;
-       domain_transition_pattern($1, telepathy_executable, $2)
-       type_transition $1 telepathy_executable:process $2;
-
-       # needs to dbus chat with unconfined_t and unconfined_dbusd_t
-       optional_policy(`
-               telepathy_dbus_chat($1)
-               telepathy_dbus_chat($2)
-       ')
-')
-
-########################################
-## <summary>
-##     Create telepathy content in the user home directory
-##     with an correct label.
-## </summary>
-## <param name="domain">
-##     <summary>
-##     Domain allowed access.
-##     </summary>
-## </param>
-#
-interface(`telepathy_filetrans_home_content',`
-       gen_require(`
-               type telepathy_mission_control_cache_home_t;
-               type telepathy_mission_control_home_t;
-               type telepathy_logger_cache_home_t;
-               type telepathy_gabble_cache_home_t;
-               type telepathy_sunshine_home_t;
-               type telepathy_logger_data_home_t;
-               type telepathy_cache_home_t, telepathy_data_home_t;
-               type telepathy_mission_control_data_home_t;
-       ')
-
-       filetrans_pattern($1, telepathy_cache_home_t, telepathy_logger_cache_home_t, dir, "logger")
-       filetrans_pattern($1, telepathy_cache_home_t, telepathy_logger_cache_home_t, file, "sqlite-data-journal")
-       filetrans_pattern($1, telepathy_cache_home_t, telepathy_gabble_cache_home_t, dir, "gabble")
-
-       filetrans_pattern($1, telepathy_data_home_t, telepathy_mission_control_data_home_t, dir, "mission-control")
-
-       userdom_user_home_dir_filetrans($1, telepathy_mission_control_home_t, dir, ".mission-control")
-       userdom_user_home_dir_filetrans($1, telepathy_sunshine_home_t, dir, ".telepathy-sunshine")
-
-       gnome_cache_filetrans($1, telepathy_mission_control_cache_home_t, file, ".mc_connections")
-       gnome_cache_filetrans($1, telepathy_gabble_cache_home_t, dir, "gabble")
-       gnome_cache_filetrans($1, telepathy_gabble_cache_home_t, dir, "wocky")
-       gnome_cache_filetrans($1, telepathy_cache_home_t, dir, "telepathy")
-
-       gnome_data_filetrans($1, telepathy_logger_data_home_t, dir, "TpLogger")
-       gnome_data_filetrans($1, telepathy_data_home_t, dir, "telepathy")
-')
diff --git a/policy/modules/apps/telepathy.te b/policy/modules/apps/telepathy.te
deleted file mode 100644 (file)
index a36ed88..0000000
--- a/policy/modules/apps/telepathy.te
+++ /dev/null
@@ -1,442 +0,0 @@
-policy_module(telepathy, 1.0.1)
-
-########################################
-#
-# Declarations.
-#
-
-## <desc>
-## <p>
-##     Allow the Telepathy connection managers
-##     to connect to any generic TCP port.
-## </p>
-## </desc>
-gen_tunable(telepathy_tcp_connect_generic_network_ports, false)
-
-## <desc>
-## <p>
-##     Allow the Telepathy connection managers
-##     to connect to any network port.
-## </p>
-## </desc>
-gen_tunable(telepathy_connect_all_ports, false)
-
-attribute telepathy_domain;
-attribute telepathy_executable;
-
-telepathy_domain_template(gabble)
-
-type telepathy_cache_home_t;
-userdom_user_home_content(telepathy_cache_home_t)
-
-type telepathy_gabble_cache_home_t;
-userdom_user_home_content(telepathy_gabble_cache_home_t)
-
-telepathy_domain_template(idle)
-telepathy_domain_template(logger)
-
-type telepathy_data_home_t;
-userdom_user_home_content(telepathy_data_home_t)
-
-type telepathy_logger_cache_home_t;
-userdom_user_home_content(telepathy_logger_cache_home_t)
-
-type telepathy_logger_data_home_t;
-userdom_user_home_content(telepathy_logger_data_home_t)
-
-telepathy_domain_template(mission_control)
-
-type telepathy_mission_control_home_t;
-userdom_user_home_content(telepathy_mission_control_home_t)
-
-type telepathy_mission_control_data_home_t;
-userdom_user_home_content(telepathy_mission_control_data_home_t)
-
-type telepathy_mission_control_cache_home_t;
-userdom_user_home_content(telepathy_mission_control_cache_home_t)
-
-telepathy_domain_template(msn)
-telepathy_domain_template(salut)
-telepathy_domain_template(sofiasip)
-telepathy_domain_template(stream_engine)
-telepathy_domain_template(sunshine)
-
-type telepathy_sunshine_home_t;
-userdom_user_home_content(telepathy_sunshine_home_t)
-
-#######################################
-#
-# Telepathy Gabble local policy.
-#
-
-allow telepathy_gabble_t self:tcp_socket create_stream_socket_perms;
-allow telepathy_gabble_t self:unix_dgram_socket { create_socket_perms sendto };
-
-manage_dirs_pattern(telepathy_gabble_t, telepathy_gabble_tmp_t, telepathy_gabble_tmp_t)
-manage_sock_files_pattern(telepathy_gabble_t, telepathy_gabble_tmp_t, telepathy_gabble_tmp_t)
-files_tmp_filetrans(telepathy_gabble_t, telepathy_gabble_tmp_t, { dir sock_file })
-
-# ~/.cache/telepathy/gabble/caps-cache.db-journal
-optional_policy(`
-       manage_dirs_pattern(telepathy_gabble_t, telepathy_gabble_cache_home_t, telepathy_gabble_cache_home_t)
-       manage_files_pattern(telepathy_gabble_t, telepathy_gabble_cache_home_t, telepathy_gabble_cache_home_t)
-       filetrans_pattern(telepathy_gabble_t, telepathy_cache_home_t, telepathy_gabble_cache_home_t, dir)
-       # ~/.cache/wocky
-       gnome_cache_filetrans(telepathy_gabble_t, telepathy_gabble_cache_home_t, dir)
-')
-
-corenet_all_recvfrom_netlabel(telepathy_gabble_t)
-corenet_all_recvfrom_unlabeled(telepathy_gabble_t)
-corenet_tcp_sendrecv_generic_if(telepathy_gabble_t)
-corenet_tcp_sendrecv_generic_node(telepathy_gabble_t)
-corenet_tcp_connect_http_port(telepathy_gabble_t)
-corenet_tcp_connect_jabber_client_port(telepathy_gabble_t)
-corenet_tcp_connect_vnc_port(telepathy_gabble_t)
-corenet_sendrecv_http_client_packets(telepathy_gabble_t)
-corenet_sendrecv_jabber_client_client_packets(telepathy_gabble_t)
-corenet_sendrecv_vnc_client_packets(telepathy_gabble_t)
-
-dev_read_rand(telepathy_gabble_t)
-
-files_read_config_files(telepathy_gabble_t)
-files_read_usr_files(telepathy_gabble_t)
-
-fs_getattr_all_fs(telepathy_gabble_t)
-
-miscfiles_read_all_certs(telepathy_gabble_t)
-
-tunable_policy(`telepathy_connect_all_ports',`
-       corenet_tcp_connect_all_ports(telepathy_gabble_t)
-       corenet_tcp_sendrecv_all_ports(telepathy_gabble_t)
-       corenet_udp_sendrecv_all_ports(telepathy_gabble_t)
-')
-
-tunable_policy(`telepathy_tcp_connect_generic_network_ports',`
-       corenet_tcp_connect_generic_port(telepathy_gabble_t)
-       corenet_sendrecv_generic_client_packets(telepathy_gabble_t)
-')
-
-userdom_home_manager(telepathy_gabble_t)
-
-optional_policy(`
-       dbus_system_bus_client(telepathy_gabble_t)
-')
-
-optional_policy(`
-       gnome_manage_home_config(telepathy_gabble_t)
-')
-
-#######################################
-#
-# Telepathy Idle local policy.
-#
-
-corenet_all_recvfrom_netlabel(telepathy_idle_t)
-corenet_all_recvfrom_unlabeled(telepathy_idle_t)
-corenet_tcp_sendrecv_generic_if(telepathy_idle_t)
-corenet_tcp_sendrecv_generic_node(telepathy_idle_t)
-corenet_tcp_connect_gatekeeper_port(telepathy_idle_t)
-corenet_tcp_connect_ircd_port(telepathy_idle_t)
-corenet_sendrecv_ircd_client_packets(telepathy_idle_t)
-
-dev_read_rand(telepathy_idle_t)
-
-files_read_etc_files(telepathy_idle_t)
-
-tunable_policy(`telepathy_connect_all_ports',`
-       corenet_tcp_connect_all_ports(telepathy_idle_t)
-       corenet_tcp_sendrecv_all_ports(telepathy_idle_t)
-       corenet_udp_sendrecv_all_ports(telepathy_idle_t)
-')
-
-tunable_policy(`telepathy_tcp_connect_generic_network_ports',`
-       corenet_tcp_connect_generic_port(telepathy_idle_t)
-       corenet_sendrecv_generic_client_packets(telepathy_idle_t)
-')
-
-#######################################
-#
-# Telepathy Logger local policy.
-#
-
-allow telepathy_logger_t self:unix_stream_socket create_socket_perms;
-
-manage_dirs_pattern(telepathy_logger_t, telepathy_logger_cache_home_t, telepathy_logger_cache_home_t)
-manage_files_pattern(telepathy_logger_t, telepathy_logger_cache_home_t, telepathy_logger_cache_home_t)
-filetrans_pattern(telepathy_logger_t, telepathy_cache_home_t, telepathy_logger_cache_home_t, dir)
-
-manage_dirs_pattern(telepathy_logger_t, telepathy_logger_data_home_t, telepathy_logger_data_home_t)
-manage_files_pattern(telepathy_logger_t, telepathy_logger_data_home_t, telepathy_logger_data_home_t)
-gnome_data_filetrans(telepathy_logger_t, telepathy_logger_data_home_t, dir)
-
-files_read_etc_files(telepathy_logger_t)
-files_read_usr_files(telepathy_logger_t)
-files_search_pids(telepathy_logger_t)
-
-fs_getattr_all_fs(telepathy_logger_t)
-
-userdom_home_manager(telepathy_logger_t)
-
-optional_policy(`
-       # ~/.config/dconf/user
-       gnome_manage_home_config(telepathy_logger_t)
-')
-
-#######################################
-#
-# Telepathy Mission-Control local policy.
-#
-
-manage_dirs_pattern(telepathy_mission_control_t, telepathy_mission_control_home_t, telepathy_mission_control_home_t)
-manage_files_pattern(telepathy_mission_control_t, telepathy_mission_control_home_t, telepathy_mission_control_home_t)
-userdom_user_home_dir_filetrans(telepathy_mission_control_t, telepathy_mission_control_home_t, { dir file })
-userdom_search_user_home_dirs(telepathy_mission_control_t)
-
-manage_dirs_pattern(telepathy_mission_control_t, { telepathy_data_home_t telepathy_mission_control_data_home_t }, { telepathy_data_home_t telepathy_mission_control_data_home_t })
-manage_files_pattern(telepathy_mission_control_t, telepathy_mission_control_data_home_t, telepathy_mission_control_data_home_t)
-filetrans_pattern(telepathy_mission_control_t, telepathy_data_home_t, telepathy_mission_control_data_home_t, { dir file })
-gnome_data_filetrans(telepathy_mission_control_t, telepathy_data_home_t, dir)
-gnome_manage_home_config(telepathy_mission_control_t)
-
-dev_read_rand(telepathy_mission_control_t)
-
-fs_getattr_all_fs(telepathy_mission_control_t)
-
-files_read_etc_files(telepathy_mission_control_t)
-files_read_usr_files(telepathy_mission_control_t)
-
-userdom_home_manager(telepathy_mission_control_t)
-
-optional_policy(`
-       dbus_system_bus_client(telepathy_mission_control_t)
-
-       optional_policy(`
-               devicekit_dbus_chat_power(telepathy_mission_control_t)
-       ')
-       optional_policy(`
-               gnome_dbus_chat_gkeyringd(telepathy_mission_control_t)
-       ')
-       optional_policy(`
-               networkmanager_dbus_chat(telepathy_mission_control_t)
-       ')
-')
-
-# ~/.cache/.mc_connections.
-optional_policy(`
-       manage_files_pattern(telepathy_mission_control_t, telepathy_mission_control_cache_home_t, telepathy_mission_control_cache_home_t)
-       gnome_cache_filetrans(telepathy_mission_control_t, telepathy_mission_control_cache_home_t, file)
-')
-
-#######################################
-#
-# Telepathy Butterfly and Haze local policy.
-#
-
-allow telepathy_msn_t self:process setsched;
-allow telepathy_msn_t self:unix_dgram_socket { write create connect };
-
-manage_dirs_pattern(telepathy_msn_t, telepathy_msn_tmp_t, telepathy_msn_tmp_t)
-manage_files_pattern(telepathy_msn_t, telepathy_msn_tmp_t, telepathy_msn_tmp_t)
-manage_sock_files_pattern(telepathy_msn_t, telepathy_msn_tmp_t, telepathy_msn_tmp_t)
-exec_files_pattern(telepathy_msn_t, telepathy_msn_tmp_t, telepathy_msn_tmp_t)
-files_tmp_filetrans(telepathy_msn_t, telepathy_msn_tmp_t, { dir file sock_file })
-userdom_user_tmp_filetrans(telepathy_msn_t, telepathy_msn_tmp_t, { dir file sock_file })
-userdom_dontaudit_setattr_user_tmp(telepathy_msn_t)
-can_exec(telepathy_msn_t, telepathy_msn_tmp_t)
-
-corenet_all_recvfrom_netlabel(telepathy_msn_t)
-corenet_all_recvfrom_unlabeled(telepathy_msn_t)
-corenet_tcp_sendrecv_generic_if(telepathy_msn_t)
-corenet_tcp_sendrecv_generic_node(telepathy_msn_t)
-corenet_tcp_bind_generic_node(telepathy_msn_t)
-corenet_tcp_connect_http_port(telepathy_msn_t)
-corenet_tcp_connect_mmcc_port(telepathy_msn_t)
-corenet_tcp_connect_msnp_port(telepathy_msn_t)
-corenet_tcp_connect_sip_port(telepathy_msn_t)
-corenet_sendrecv_http_client_packets(telepathy_msn_t)
-corenet_sendrecv_mmcc_client_packets(telepathy_msn_t)
-corenet_sendrecv_msnp_client_packets(telepathy_msn_t)
-
-corecmd_exec_bin(telepathy_msn_t)
-corecmd_exec_shell(telepathy_msn_t)
-corecmd_read_bin_symlinks(telepathy_msn_t)
-
-files_read_etc_files(telepathy_msn_t)
-files_read_usr_files(telepathy_msn_t)
-
-init_read_state(telepathy_msn_t)
-
-libs_exec_ldconfig(telepathy_msn_t)
-
-logging_send_syslog_msg(telepathy_msn_t)
-
-miscfiles_read_all_certs(telepathy_msn_t)
-
-tunable_policy(`telepathy_connect_all_ports',`
-       corenet_tcp_connect_all_ports(telepathy_msn_t)
-       corenet_tcp_sendrecv_all_ports(telepathy_msn_t)
-       corenet_udp_sendrecv_all_ports(telepathy_msn_t)
-')
-
-tunable_policy(`telepathy_tcp_connect_generic_network_ports',`
-       corenet_tcp_connect_generic_port(telepathy_msn_t)
-       corenet_sendrecv_generic_client_packets(telepathy_msn_t)
-')
-
-optional_policy(`
-       gnome_read_gconf_home_files(telepathy_msn_t)
-')
-
-optional_policy(`
-       dbus_system_bus_client(telepathy_msn_t)
-
-       optional_policy(`
-               networkmanager_dbus_chat(telepathy_msn_t)
-       ')
-')
-
-#######################################
-#
-# Telepathy Salut local policy.
-#
-
-allow telepathy_salut_t self:tcp_socket create_stream_socket_perms;
-
-manage_sock_files_pattern(telepathy_salut_t, telepathy_salut_tmp_t, telepathy_salut_tmp_t)
-files_tmp_filetrans(telepathy_salut_t, telepathy_salut_tmp_t, sock_file)
-
-corenet_all_recvfrom_netlabel(telepathy_salut_t)
-corenet_all_recvfrom_unlabeled(telepathy_salut_t)
-corenet_tcp_sendrecv_generic_if(telepathy_salut_t)
-corenet_tcp_sendrecv_generic_node(telepathy_salut_t)
-corenet_tcp_bind_generic_node(telepathy_salut_t)
-corenet_tcp_bind_presence_port(telepathy_salut_t)
-corenet_tcp_connect_presence_port(telepathy_salut_t)
-corenet_sendrecv_presence_server_packets(telepathy_salut_t)
-
-files_read_etc_files(telepathy_salut_t)
-
-tunable_policy(`telepathy_connect_all_ports',`
-       corenet_tcp_connect_all_ports(telepathy_salut_t)
-       corenet_tcp_sendrecv_all_ports(telepathy_salut_t)
-       corenet_udp_sendrecv_all_ports(telepathy_salut_t)
-')
-
-tunable_policy(`telepathy_tcp_connect_generic_network_ports',`
-       corenet_tcp_connect_generic_port(telepathy_salut_t)
-       corenet_sendrecv_generic_client_packets(telepathy_salut_t)
-')
-
-optional_policy(`
-       dbus_system_bus_client(telepathy_salut_t)
-
-       optional_policy(`
-               avahi_dbus_chat(telepathy_salut_t)
-       ')
-')
-
-#######################################
-#
-# Telepathy Sofiasip local policy.
-#
-
-allow telepathy_sofiasip_t self:rawip_socket { create_socket_perms listen };
-allow telepathy_sofiasip_t self:tcp_socket create_stream_socket_perms;
-
-corenet_all_recvfrom_netlabel(telepathy_sofiasip_t)
-corenet_all_recvfrom_unlabeled(telepathy_sofiasip_t)
-corenet_tcp_sendrecv_generic_if(telepathy_sofiasip_t)
-corenet_raw_sendrecv_generic_if(telepathy_sofiasip_t)
-corenet_raw_sendrecv_generic_node(telepathy_sofiasip_t)
-corenet_tcp_sendrecv_generic_node(telepathy_sofiasip_t)
-corenet_tcp_bind_generic_node(telepathy_sofiasip_t)
-corenet_raw_bind_generic_node(telepathy_sofiasip_t)
-corenet_tcp_bind_all_unreserved_ports(telepathy_sofiasip_t)
-corenet_dontaudit_tcp_bind_all_ports(telepathy_sofiasip_t)
-corenet_tcp_connect_sip_port(telepathy_sofiasip_t)
-corenet_sendrecv_sip_client_packets(telepathy_sofiasip_t)
-
-kernel_request_load_module(telepathy_sofiasip_t)
-
-tunable_policy(`telepathy_connect_all_ports',`
-       corenet_tcp_connect_all_ports(telepathy_sofiasip_t)
-       corenet_tcp_sendrecv_all_ports(telepathy_sofiasip_t)
-       corenet_udp_sendrecv_all_ports(telepathy_sofiasip_t)
-')
-
-tunable_policy(`telepathy_tcp_connect_generic_network_ports',`
-       corenet_tcp_connect_generic_port(telepathy_sofiasip_t)
-       corenet_sendrecv_generic_client_packets(telepathy_sofiasip_t)
-')
-
-#######################################
-#
-# Telepathy Sunshine local policy.
-#
-
-manage_dirs_pattern(telepathy_sunshine_t, telepathy_sunshine_home_t, telepathy_sunshine_home_t)
-manage_files_pattern(telepathy_sunshine_t, telepathy_sunshine_home_t, telepathy_sunshine_home_t)
-userdom_user_home_dir_filetrans(telepathy_sunshine_t, telepathy_sunshine_home_t, { dir file })
-userdom_search_user_home_dirs(telepathy_sunshine_t)
-
-manage_files_pattern(telepathy_sunshine_t, telepathy_sunshine_tmp_t, telepathy_sunshine_tmp_t)
-exec_files_pattern(telepathy_sunshine_t, telepathy_sunshine_tmp_t, telepathy_sunshine_tmp_t)
-files_tmp_filetrans(telepathy_sunshine_t, telepathy_sunshine_tmp_t, file)
-
-corecmd_exec_bin(telepathy_sunshine_t)
-
-files_read_etc_files(telepathy_sunshine_t)
-files_read_usr_files(telepathy_sunshine_t)
-
-optional_policy(`
-       xserver_read_xdm_pid(telepathy_sunshine_t)
-       xserver_stream_connect(telepathy_sunshine_t)
-')
-
-#######################################
-#
-# telepathy domains common policy
-#
-
-allow telepathy_domain self:process { getsched signal sigkill };
-allow telepathy_domain self:fifo_file rw_fifo_file_perms;
-allow telepathy_domain self:tcp_socket create_socket_perms;
-allow telepathy_domain self:udp_socket create_socket_perms;
-
-manage_dirs_pattern(telepathy_domain, telepathy_cache_home_t, telepathy_cache_home_t)
-gnome_cache_filetrans(telepathy_domain, telepathy_cache_home_t, dir, "telepathy")
-
-dev_read_urand(telepathy_domain)
-
-kernel_read_system_state(telepathy_domain)
-
-fs_getattr_all_fs(telepathy_domain)
-fs_search_auto_mountpoints(telepathy_domain)
-
-miscfiles_read_localization(telepathy_domain)
-
-optional_policy(`
-       automount_dontaudit_getattr_tmp_dirs(telepathy_domain)
-')
-
-optional_policy(`
-       gnome_read_generic_cache_files(telepathy_domain)
-       gnome_write_generic_cache_files(telepathy_domain)
-')
-
-optional_policy(`
-       telepathy_dbus_chat(telepathy_domain)
-')
-
-optional_policy(`
-       xserver_rw_xdm_pipes(telepathy_domain)
-')
-
-# Just for F15
-optional_policy(`
-       gen_require(`
-               role unconfined_r;
-       ')
-
-       role unconfined_r types telepathy_domain;
-')
diff --git a/policy/modules/roles/staff.te b/policy/modules/roles/staff.te
index effb7e5672ef1d3311f48b34d0017750d77557ce..f7e2734d350e079d37e942da5b8f81c1bff3dfa2 100644 (file)
--- a/policy/modules/roles/staff.te
+++ b/policy/modules/roles/staff.te
@@ -184,10 +184,6 @@ optional_policy(`
        sudo_role_template(staff, staff_r, staff_t)
 ')
 
-#optional_policy(`
-#      telepathy_dbus_session_role(staff_r, staff_t)
-#')
-
 optional_policy(`
        userhelper_console_role_template(staff, staff_r, staff_t)
 ')
diff --git a/policy/modules/roles/unconfineduser.te b/policy/modules/roles/unconfineduser.te
index 794785d53d69bd5e06487dbc32fc16a137c257de..226a9b540c59bcf5206d2ccdd0202e25165262a4 100644 (file)
--- a/policy/modules/roles/unconfineduser.te
+++ b/policy/modules/roles/unconfineduser.te
@@ -233,10 +233,6 @@ optional_policy(`
                kerneloops_dbus_chat(unconfined_t)
        ')
 
-       optional_policy(`
-        telepathy_command_domtrans(unconfined_dbusd_t, unconfined_t)
-    ')
-
        optional_policy(`
                oddjob_dbus_chat(unconfined_t)
        ')
diff --git a/policy/modules/roles/unprivuser.te b/policy/modules/roles/unprivuser.te
index 4625e2de501291c7c1ecb0bbf5f825da42c89643..e2b3626d7631f6fabb742be37067d91d349efb64 100644 (file)
--- a/policy/modules/roles/unprivuser.te
+++ b/policy/modules/roles/unprivuser.te
@@ -90,10 +90,6 @@ optional_policy(`
        setroubleshoot_dontaudit_stream_connect(user_t)
 ')
 
-#optional_policy(`
-#      telepathy_dbus_session_role(user_r, user_t)
-#')
-
 optional_policy(`
        usbmuxd_stream_connect(user_t)
 ')
diff --git a/policy/modules/roles/xguest.te b/policy/modules/roles/xguest.te
index b168c0a88023673fcd2ff8b1e01b1300ee7cc353..1ffb54d8850acac19829997eff5c5e8b59227e22 100644 (file)
--- a/policy/modules/roles/xguest.te
+++ b/policy/modules/roles/xguest.te
@@ -155,10 +155,6 @@ optional_policy(`
                corenet_tcp_sendrecv_transproxy_port(xguest_t)
                corenet_tcp_connect_transproxy_port(xguest_t)
        ')
-
-       #optional_policy(`
-       #       telepathy_dbus_session_role(xguest_r, xguest_t)
-       #')
 ')
 
 gen_user(xguest_u, user, xguest_r, s0, s0)
diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index c20830f08248859f54c446316159b6f369d1abc8..ba1b5ecb780461c15d311f89fd2eaa5f81594850 100644 (file)
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -1097,8 +1097,6 @@ template(`userdom_restricted_xwindows_user_template',`
         optional_policy(`
                gnome_read_usr_config($1_usertype)
                gnome_role_gkeyringd($1, $1_r, $1_usertype)
-               # cjp: telepathy F15 bugs
-               telepathy_role($1_r, $1_t, $1)
        ')
 
        optional_policy(`
diff --git a/policy/modules/system/userdomain.te b/policy/modules/system/userdomain.te
index ced52ff5aeb82a3e3210d514cdb1a2733cbd71b9..63f769a5e8c019817dec03115e9f7ba20a3040f3 100644 (file)
--- a/policy/modules/system/userdomain.te
+++ b/policy/modules/system/userdomain.te
@@ -168,10 +168,6 @@ optional_policy(`
        ssh_filetrans_home_content(userdomain)
 ')
 
-optional_policy(`
-       telepathy_filetrans_home_content(userdomain)
-')
-
 optional_policy(`
        xserver_filetrans_home_content(userdomain)
 ')
The IPFire selinux policy.