From fc4f10449012005dc23e8311d91bd228098651bc Mon Sep 17 00:00:00 2001 From: Stefan Schantl Date: Sat, 21 Jan 2012 18:47:09 +0100 Subject: [PATCH] Remove module for gnomeclock. --- policy/modules/roles/staff.te | 4 -- policy/modules/roles/unconfineduser.te | 1 - policy/modules/roles/xguest.te | 4 -- policy/modules/services/gnomeclock.fc | 4 -- policy/modules/services/gnomeclock.if | 86 -------------------------- policy/modules/services/gnomeclock.te | 78 ----------------------- policy/modules/system/userdomain.if | 4 -- 7 files changed, 181 deletions(-) delete mode 100644 policy/modules/services/gnomeclock.fc delete mode 100644 policy/modules/services/gnomeclock.if delete mode 100644 policy/modules/services/gnomeclock.te diff --git a/policy/modules/roles/staff.te b/policy/modules/roles/staff.te index 4f7164d5..24a9df64 100644 --- a/policy/modules/roles/staff.te +++ b/policy/modules/roles/staff.te @@ -82,10 +82,6 @@ optional_policy(` colord_dbus_chat(staff_t) ') -optional_policy(` - gnomeclock_dbus_chat(staff_t) -') - optional_policy(` gnome_role(staff_r, staff_t) ') diff --git a/policy/modules/roles/unconfineduser.te b/policy/modules/roles/unconfineduser.te index 60577c70..edb36f1d 100644 --- a/policy/modules/roles/unconfineduser.te +++ b/policy/modules/roles/unconfineduser.te @@ -220,7 +220,6 @@ optional_policy(` ') optional_policy(` - gnomeclock_dbus_chat(unconfined_t) gnome_dbus_chat_gconfdefault(unconfined_t) gnome_command_domtrans_gkeyringd(unconfined_dbusd_t,unconfined_t) ') diff --git a/policy/modules/roles/xguest.te b/policy/modules/roles/xguest.te index 1ffb54d8..6185b837 100644 --- a/policy/modules/roles/xguest.te +++ b/policy/modules/roles/xguest.te @@ -103,10 +103,6 @@ optional_policy(` gnome_role(xguest_r, xguest_t) ') -optional_policy(` - gnomeclock_dontaudit_dbus_chat(xguest_t) -') - optional_policy(` pcscd_read_pub_files(xguest_t) pcscd_stream_connect(xguest_t) diff --git a/policy/modules/services/gnomeclock.fc b/policy/modules/services/gnomeclock.fc deleted file mode 100644 index 71dcbba5..00000000 --- a/policy/modules/services/gnomeclock.fc +++ /dev/null @@ -1,4 +0,0 @@ - -/usr/libexec/gnome-clock-applet-mechanism -- gen_context(system_u:object_r:gnomeclock_exec_t,s0) - -/usr/libexec/gsd-datetime-mechanism -- gen_context(system_u:object_r:gnomeclock_exec_t,s0) diff --git a/policy/modules/services/gnomeclock.if b/policy/modules/services/gnomeclock.if deleted file mode 100644 index 25c7ab82..00000000 --- a/policy/modules/services/gnomeclock.if +++ /dev/null @@ -1,86 +0,0 @@ -## Gnome clock handler for setting the time. - -######################################## -## -## Execute a domain transition to run gnomeclock. -## -## -## -## Domain allowed to transition. -## -## -# -interface(`gnomeclock_domtrans',` - gen_require(` - type gnomeclock_t, gnomeclock_exec_t; - ') - - domtrans_pattern($1, gnomeclock_exec_t, gnomeclock_t) -') - -######################################## -## -## Execute gnomeclock in the gnomeclock domain, and -## allow the specified role the gnomeclock domain. -## -## -## -## Domain allowed to transition. -## -## -## -## -## Role allowed access. -## -## -# -interface(`gnomeclock_run',` - gen_require(` - type gnomeclock_t; - ') - - gnomeclock_domtrans($1) - role $2 types gnomeclock_t; -') - -######################################## -## -## Send and receive messages from -## gnomeclock over dbus. -## -## -## -## Domain allowed access. -## -## -# -interface(`gnomeclock_dbus_chat',` - gen_require(` - type gnomeclock_t; - class dbus send_msg; - ') - - allow $1 gnomeclock_t:dbus send_msg; - allow gnomeclock_t $1:dbus send_msg; -') - -######################################## -## -## Do not audit send and receive messages from -## gnomeclock over dbus. -## -## -## -## Domain to not audit. -## -## -# -interface(`gnomeclock_dontaudit_dbus_chat',` - gen_require(` - type gnomeclock_t; - class dbus send_msg; - ') - - dontaudit $1 gnomeclock_t:dbus send_msg; - dontaudit gnomeclock_t $1:dbus send_msg; -') diff --git a/policy/modules/services/gnomeclock.te b/policy/modules/services/gnomeclock.te deleted file mode 100644 index a250b06c..00000000 --- a/policy/modules/services/gnomeclock.te +++ /dev/null @@ -1,78 +0,0 @@ -policy_module(gnomeclock, 1.0.0) - -######################################## -# -# Declarations -# - -type gnomeclock_t; -type gnomeclock_exec_t; -dbus_system_domain(gnomeclock_t, gnomeclock_exec_t) - -######################################## -# -# gnomeclock local policy -# - -allow gnomeclock_t self:capability { sys_nice sys_time }; -allow gnomeclock_t self:process { getattr getsched signal }; -allow gnomeclock_t self:fifo_file rw_fifo_file_perms; -allow gnomeclock_t self:unix_stream_socket create_stream_socket_perms; -allow gnomeclock_t self:unix_dgram_socket create_socket_perms; - -kernel_read_system_state(gnomeclock_t) - -corecmd_exec_bin(gnomeclock_t) -corecmd_exec_shell(gnomeclock_t) -corecmd_dontaudit_access_check_bin(gnomeclock_t) - -dev_read_sysfs(gnomeclock_t) - -files_read_etc_runtime_files(gnomeclock_t) -files_read_usr_files(gnomeclock_t) - -fs_getattr_xattr_fs(gnomeclock_t) - -auth_use_nsswitch(gnomeclock_t) - -logging_send_syslog_msg(gnomeclock_t) - -miscfiles_read_localization(gnomeclock_t) -miscfiles_manage_localization(gnomeclock_t) -miscfiles_etc_filetrans_localization(gnomeclock_t) - -userdom_read_all_users_state(gnomeclock_t) - -optional_policy(` - chronyd_systemctl(gnomeclock_t) -') - -optional_policy(` - clock_domtrans(gnomeclock_t) -') - -optional_policy(` - consolekit_dbus_chat(gnomeclock_t) -') - -optional_policy(` - consoletype_exec(gnomeclock_t) -') - -optional_policy(` - gnome_manage_usr_config(gnomeclock_t) -') - -optional_policy(` - ntp_domtrans_ntpdate(gnomeclock_t) - ntp_initrc_domtrans(gnomeclock_t) - init_dontaudit_getattr_all_script_files(gnomeclock_t) - ntp_systemctl(gnomeclock_t) -') - -optional_policy(` - policykit_dbus_chat(gnomeclock_t) - policykit_domtrans_auth(gnomeclock_t) - policykit_read_lib(gnomeclock_t) - policykit_read_reload(gnomeclock_t) -') diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if index 9ed42917..1523a511 100644 --- a/policy/modules/system/userdomain.if +++ b/policy/modules/system/userdomain.if @@ -1240,10 +1240,6 @@ template(`userdom_unpriv_user_template', ` gpg_role($1_r, $1_usertype) ') - optional_policy(` - gnomeclock_dbus_chat($1_t) - ') - optional_policy(` gpm_stream_connect($1_usertype) ') -- 2.47.3