commit: 1805a99f61ca86dea7465a06a5ac3d4ba2f40b36
Author: James Carter <jwcart2 <AT> tycho <DOT> nsa <DOT> gov>
AuthorDate: Wed Apr 11 18:56:55 2018 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Apr 22 11:53:03 2018 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=1805a99f
Remove undeclared identifiers from interfaces
All the interfaces below were always being removed because of unmet
requires.
cups.if:cups_admin()
Remove references to undeclared type cupsd_spool_t.
Called in roles/sysadm.te
dspam.if:dspam_stream_connect()
Remove references to undeclared type dspam_tmp_t.
Called in contrib/postfix.te
samba.if:samba_admin()
Remove references to undeclared type smbd_spool_t.
Called in roles/sysadm.te
Signed-off-by: James Carter <jwcart2 <AT> tycho.nsa.gov>
policy/modules/contrib/cups.if | 3 +--
policy/modules/contrib/dspam.if | 4 ++--
policy/modules/contrib/samba.if | 3 +--
3 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/policy/modules/contrib/cups.if b/policy/modules/contrib/cups.if
index 73887e50..e268b96f 100644
--- a/policy/modules/contrib/cups.if
+++ b/policy/modules/contrib/cups.if
@@ -352,7 +352,7 @@ interface(`cups_domtrans_hplip',`
interface(`cups_admin',`
gen_require(`
type cupsd_t, cupsd_tmp_t, cupsd_lpd_tmp_t;
- type cupsd_etc_t, cupsd_log_t, cupsd_spool_t;
+ type cupsd_etc_t, cupsd_log_t;
type cupsd_config_var_run_t, cupsd_lpd_var_run_t;
type cupsd_var_run_t, ptal_etc_t, cupsd_rw_etc_t;
type ptal_var_run_t, hplip_var_run_t, cupsd_initrc_exec_t;
@@ -374,7 +374,6 @@ interface(`cups_admin',`
admin_pattern($1, cupsd_log_t)
files_list_spool($1)
- admin_pattern($1, cupsd_spool_t)
files_list_tmp($1)
admin_pattern($1, { cupsd_tmp_t cupsd_lpd_tmp_t })
diff --git a/policy/modules/contrib/dspam.if b/policy/modules/contrib/dspam.if
index a8cd028b..969fd89d 100644
--- a/policy/modules/contrib/dspam.if
+++ b/policy/modules/contrib/dspam.if
@@ -32,12 +32,12 @@ interface(`dspam_domtrans',`
#
interface(`dspam_stream_connect',`
gen_require(`
- type dspam_t, dspam_var_run_t, dspam_tmp_t;
+ type dspam_t, dspam_var_run_t;
')
files_search_pids($1)
files_search_tmp($1)
- stream_connect_pattern($1, { dspam_tmp_t dspam_var_run_t }, {
dspam_tmp_t dspam_var_run_t }, dspam_t)
+ stream_connect_pattern($1, dspam_var_run_t, dspam_var_run_t, dspam_t)
')
########################################
diff --git a/policy/modules/contrib/samba.if b/policy/modules/contrib/samba.if
index f863af8f..3d729f0c 100644
--- a/policy/modules/contrib/samba.if
+++ b/policy/modules/contrib/samba.if
@@ -684,7 +684,7 @@ interface(`samba_stream_connect_winbind',`
interface(`samba_admin',`
gen_require(`
type nmbd_t, nmbd_var_run_t, smbd_var_run_t;
- type smbd_t, smbd_tmp_t, smbd_spool_t;
+ type smbd_t, smbd_tmp_t;
type samba_log_t, samba_var_t, samba_secrets_t;
type samba_etc_t, samba_share_t, samba_initrc_exec_t;
type swat_var_run_t, swat_tmp_t, winbind_log_t;
@@ -707,7 +707,6 @@ interface(`samba_admin',`
admin_pattern($1, { samba_share_t samba_var_t samba_secrets_t })
files_list_spool($1)
- admin_pattern($1, smbd_spool_t)
files_list_pids($1)
admin_pattern($1, { winbind_var_run_t smbd_var_run_t swat_var_run_t
nmbd_var_run_t })
