From 7fdbdb5efdaa964299bed278f31f28e6d72f7772 Mon Sep 17 00:00:00 2001
From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Fri, 6 Jan 2012 22:49:03 +0100
Subject: [PATCH] Remove module for gitosis.

---
 policy/modules/apps/gitosis.fc    |  5 --
 policy/modules/apps/gitosis.if    | 86 -------------------------------
 policy/modules/apps/gitosis.te    | 41 ---------------
 policy/modules/services/apache.te |  5 --
 policy/modules/services/ssh.te    |  4 --
 5 files changed, 141 deletions(-)
 delete mode 100644 policy/modules/apps/gitosis.fc
 delete mode 100644 policy/modules/apps/gitosis.if
 delete mode 100644 policy/modules/apps/gitosis.te

diff --git a/policy/modules/apps/gitosis.fc b/policy/modules/apps/gitosis.fc
deleted file mode 100644
index 7e90e453..00000000
--- a/policy/modules/apps/gitosis.fc
+++ /dev/null
@@ -1,5 +0,0 @@
-/usr/bin/gitosis-serve			--	gen_context(system_u:object_r:gitosis_exec_t,s0)
-/usr/bin/gl-auth-command		--	gen_context(system_u:object_r:gitosis_exec_t,s0)
-
-/var/lib/gitosis(/.*)?				gen_context(system_u:object_r:gitosis_var_lib_t,s0)
-/var/lib/gitolite(/.*)?				gen_context(system_u:object_r:gitosis_var_lib_t,s0)
diff --git a/policy/modules/apps/gitosis.if b/policy/modules/apps/gitosis.if
deleted file mode 100644
index e898b911..00000000
--- a/policy/modules/apps/gitosis.if
+++ /dev/null
@@ -1,86 +0,0 @@
-## <summary>Tools for managing and hosting git repositories.</summary>
-
-#######################################
-## <summary>
-##	Execute a domain transition to run gitosis.
-## </summary>
-## <param name="domain">
-## <summary>
-##	Domain allowed to transition.
-## </summary>
-## </param>
-#
-interface(`gitosis_domtrans',`
-	gen_require(`
-		type gitosis_t, gitosis_exec_t;
-	')
-
-	domtrans_pattern($1, gitosis_exec_t, gitosis_t)
-')
-
-#######################################
-## <summary>
-##	Execute gitosis-serve in the gitosis domain, and
-##	allow the specified role the gitosis domain.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-## <param name="role">
-##	<summary>
-##	Role allowed access.
-##	</summary>
-## </param>
-#
-interface(`gitosis_run',`
-	gen_require(`
-		type gitosis_t;
-	')
-
-	gitosis_domtrans($1)
-	role $2 types gitosis_t;
-')
-
-#######################################
-## <summary>
-##	Allow the specified domain to read
-##	gitosis lib files.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`gitosis_read_lib_files',`
-	gen_require(`
-		type gitosis_var_lib_t;
-	')
-
-	files_search_var_lib($1)
-	read_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
-	read_lnk_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
-	list_dirs_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
-')
-
-######################################
-## <summary>
-##	Allow the specified domain to manage
-##	gitosis lib files.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`gitosis_manage_lib_files',`
-	gen_require(`
-		type gitosis_var_lib_t;
-	')
-
-	files_search_var_lib($1)
-	manage_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
-')
diff --git a/policy/modules/apps/gitosis.te b/policy/modules/apps/gitosis.te
deleted file mode 100644
index 4a2e63b3..00000000
--- a/policy/modules/apps/gitosis.te
+++ /dev/null
@@ -1,41 +0,0 @@
-policy_module(gitosis, 1.2.0)
-
-########################################
-#
-# Declarations
-#
-
-type gitosis_t;
-type gitosis_exec_t;
-application_domain(gitosis_t, gitosis_exec_t)
-role system_r types gitosis_t;
-
-type gitosis_var_lib_t;
-files_type(gitosis_var_lib_t)
-
-########################################
-#
-# gitosis local policy
-#
-
-allow gitosis_t self:fifo_file rw_fifo_file_perms;
-
-exec_files_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)
-manage_files_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)
-manage_lnk_files_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)
-manage_dirs_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)
-
-kernel_read_system_state(gitosis_t)
-
-corecmd_exec_bin(gitosis_t)
-corecmd_exec_shell(gitosis_t)
-
-dev_read_urand(gitosis_t)
-
-files_read_etc_files(gitosis_t)
-files_read_usr_files(gitosis_t)
-files_search_var_lib(gitosis_t)
-
-miscfiles_read_localization(gitosis_t)
-
-sysnet_read_config(gitosis_t)
diff --git a/policy/modules/services/apache.te b/policy/modules/services/apache.te
index 6b7400b0..e589d33c 100644
--- a/policy/modules/services/apache.te
+++ b/policy/modules/services/apache.te
@@ -776,11 +776,6 @@ optional_policy(`
 	')
 ')
 
-optional_policy(`
-	git_read_generic_system_content_files(httpd_t)
-	gitosis_read_lib_files(httpd_t)
-')
-
 optional_policy(`
 	tunable_policy(`httpd_enable_cgi && httpd_use_gpg',`
 		gpg_domtrans_web(httpd_t)
diff --git a/policy/modules/services/ssh.te b/policy/modules/services/ssh.te
index 12ad27c5..aadaa2cb 100644
--- a/policy/modules/services/ssh.te
+++ b/policy/modules/services/ssh.te
@@ -302,10 +302,6 @@ optional_policy(`
 	ftp_dyntrans_anon_sftpd(sshd_t)
 ')
 
-optional_policy(`
-	gitosis_manage_lib_files(sshd_t)
-')
-
 optional_policy(`
 	inetd_tcp_service_domain(sshd_t, sshd_exec_t)
 ')
-- 
2.39.2