From ba17089f2ca939b23d2d4f66c45c7e6612974aea Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Sat, 14 Jan 2012 20:02:00 +0100 Subject: [PATCH] Remove module for tvtime. --- policy/modules/apps/tvtime.fc | 5 -- policy/modules/apps/tvtime.if | 40 -------------- policy/modules/apps/tvtime.te | 84 ------------------------------ policy/modules/roles/staff.te | 4 -- policy/modules/roles/sysadm.te | 4 -- policy/modules/roles/unprivuser.te | 4 -- 6 files changed, 141 deletions(-) delete mode 100644 policy/modules/apps/tvtime.fc delete mode 100644 policy/modules/apps/tvtime.if delete mode 100644 policy/modules/apps/tvtime.te diff --git a/policy/modules/apps/tvtime.fc b/policy/modules/apps/tvtime.fc deleted file mode 100644 index 8698a613..00000000 --- a/policy/modules/apps/tvtime.fc +++ /dev/null @@ -1,5 +0,0 @@ -# -# /usr -# -/usr/bin/tvtime -- gen_context(system_u:object_r:tvtime_exec_t,s0) - diff --git a/policy/modules/apps/tvtime.if b/policy/modules/apps/tvtime.if deleted file mode 100644 index 8d89f211..00000000 --- a/policy/modules/apps/tvtime.if +++ /dev/null @@ -1,40 +0,0 @@ -## tvtime - a high quality television application - -######################################## -## -## Role access for tvtime -## -## -## -## Role allowed access -## -## -## -## -## User domain for the role -## -## -# -interface(`tvtime_role',` - gen_require(` - type tvtime_t, tvtime_exec_t; - type tvtime_home_t, tvtime_tmpfs_t; - ') - - role $1 types tvtime_t; - - # Type transition - domtrans_pattern($2, tvtime_exec_t, tvtime_t) - - # X access, Home files - manage_dirs_pattern($2, tvtime_home_t, tvtime_home_t) - manage_files_pattern($2, tvtime_home_t, tvtime_home_t) - manage_lnk_files_pattern($2, tvtime_home_t, tvtime_home_t) - relabel_dirs_pattern($2, tvtime_home_t, tvtime_home_t) - relabel_files_pattern($2, tvtime_home_t, tvtime_home_t) - relabel_lnk_files_pattern($2, tvtime_home_t, tvtime_home_t) - - # Allow the user domain to signal/ps. - ps_process_pattern($2, tvtime_t) - allow $2 tvtime_t:process signal_perms; -') diff --git a/policy/modules/apps/tvtime.te b/policy/modules/apps/tvtime.te deleted file mode 100644 index 38318b9c..00000000 --- a/policy/modules/apps/tvtime.te +++ /dev/null @@ -1,84 +0,0 @@ -policy_module(tvtime, 2.1.0) - -######################################## -# -# Declarations -# - -type tvtime_t; -type tvtime_exec_t; -typealias tvtime_t alias { user_tvtime_t staff_tvtime_t sysadm_tvtime_t }; -typealias tvtime_t alias { auditadm_tvtime_t secadm_tvtime_t }; -application_domain(tvtime_t, tvtime_exec_t) -ubac_constrained(tvtime_t) - -type tvtime_home_t alias tvtime_rw_t; -typealias tvtime_home_t alias { user_tvtime_home_t staff_tvtime_home_t sysadm_tvtime_home_t }; -typealias tvtime_home_t alias { auditadm_tvtime_home_t secadm_tvtime_home_t }; -userdom_user_home_content(tvtime_home_t) - -type tvtime_tmp_t; -typealias tvtime_tmp_t alias { user_tvtime_tmp_t staff_tvtime_tmp_t sysadm_tvtime_tmp_t }; -typealias tvtime_tmp_t alias { auditadm_tvtime_tmp_t secadm_tvtime_tmp_t }; -files_tmp_file(tvtime_tmp_t) -ubac_constrained(tvtime_tmp_t) - -type tvtime_tmpfs_t; -typealias tvtime_tmpfs_t alias { user_tvtime_tmpfs_t staff_tvtime_tmpfs_t sysadm_tvtime_tmpfs_t }; -typealias tvtime_tmpfs_t alias { auditadm_tvtime_tmpfs_t secadm_tvtime_tmpfs_t }; -files_tmpfs_file(tvtime_tmpfs_t) -ubac_constrained(tvtime_tmpfs_t) - -######################################## -# -# Local policy -# - -allow tvtime_t self:capability { setuid sys_nice sys_resource }; -allow tvtime_t self:process setsched; -allow tvtime_t self:unix_dgram_socket rw_socket_perms; -allow tvtime_t self:unix_stream_socket rw_stream_socket_perms; - -# X access, Home files -manage_dirs_pattern(tvtime_t, tvtime_home_t, tvtime_home_t) -manage_files_pattern(tvtime_t, tvtime_home_t, tvtime_home_t) -manage_lnk_files_pattern(tvtime_t, tvtime_home_t, tvtime_home_t) -userdom_user_home_dir_filetrans(tvtime_t, tvtime_home_t, dir) - -manage_dirs_pattern(tvtime_t, tvtime_tmp_t, tvtime_tmp_t) -manage_files_pattern(tvtime_t, tvtime_tmp_t, tvtime_tmp_t) -files_tmp_filetrans(tvtime_t, tvtime_tmp_t,{ file dir }) - -manage_files_pattern(tvtime_t, tvtime_tmpfs_t, tvtime_tmpfs_t) -manage_lnk_files_pattern(tvtime_t, tvtime_tmpfs_t, tvtime_tmpfs_t) -manage_fifo_files_pattern(tvtime_t, tvtime_tmpfs_t, tvtime_tmpfs_t) -manage_sock_files_pattern(tvtime_t, tvtime_tmpfs_t, tvtime_tmpfs_t) -fs_tmpfs_filetrans(tvtime_t, tvtime_tmpfs_t,{ file lnk_file sock_file fifo_file }) - -kernel_read_all_sysctls(tvtime_t) -kernel_get_sysvipc_info(tvtime_t) - -dev_read_urand(tvtime_t) -dev_read_realtime_clock(tvtime_t) -dev_read_sound(tvtime_t) - -files_read_usr_files(tvtime_t) -files_search_pids(tvtime_t) -# Read /etc/tvtime -files_read_etc_files(tvtime_t) - -# X access, Home files -fs_search_auto_mountpoints(tvtime_t) - -miscfiles_read_localization(tvtime_t) -miscfiles_read_fonts(tvtime_t) - -userdom_use_inherited_user_terminals(tvtime_t) -userdom_read_user_home_content_files(tvtime_t) - -# X access, Home files -userdom_home_manager(tvtime_t) - -optional_policy(` - xserver_user_x_domain_template(tvtime, tvtime_t, tvtime_tmpfs_t) -') diff --git a/policy/modules/roles/staff.te b/policy/modules/roles/staff.te index ec2536b3..4f7164d5 100644 --- a/policy/modules/roles/staff.te +++ b/policy/modules/roles/staff.te @@ -277,10 +277,6 @@ ifndef(`distro_redhat',` su_role_template(staff, staff_r, staff_t) ') - optional_policy(` - tvtime_role(staff_r, staff_t) - ') - optional_policy(` uml_role(staff_r, staff_t) ') diff --git a/policy/modules/roles/sysadm.te b/policy/modules/roles/sysadm.te index ca0d7e93..ff7b2ff8 100644 --- a/policy/modules/roles/sysadm.te +++ b/policy/modules/roles/sysadm.te @@ -543,10 +543,6 @@ ifndef(`distro_redhat',` spamassassin_role(sysadm_r, sysadm_t) ') - optional_policy(` - tvtime_role(sysadm_r, sysadm_t) - ') - optional_policy(` uml_role(sysadm_r, sysadm_t) ') diff --git a/policy/modules/roles/unprivuser.te b/policy/modules/roles/unprivuser.te index 07d33875..15ab923f 100644 --- a/policy/modules/roles/unprivuser.te +++ b/policy/modules/roles/unprivuser.te @@ -179,10 +179,6 @@ ifndef(`distro_redhat',` sudo_role_template(user, user_r, user_t) ') - optional_policy(` - tvtime_role(user_r, user_t) - ') - optional_policy(` uml_role(user_r, user_t) ') -- 2.47.3