commit: 0cc30b1089f75122a6263280eb41cf6ce34cb092
Author: Kenton Groombridge <me <AT> concord <DOT> sh>
AuthorDate: Fri Nov 12 19:57:36 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Nov 20 22:58:24 2021 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=0cc30b10
guest, xguest: remove apache role access
Signed-off-by: Kenton Groombridge <me <AT> concord.sh>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/roles/guest.te | 4 ----
policy/modules/roles/xguest.te | 4 ----
2 files changed, 8 deletions(-)
diff --git a/policy/modules/roles/guest.te b/policy/modules/roles/guest.te
index 255e63cd..d3eb2584 100644
--- a/policy/modules/roles/guest.te
+++ b/policy/modules/roles/guest.te
@@ -16,10 +16,6 @@ kernel_read_system_state(guest_t)
# Local policy
#
-optional_policy(`
- apache_role(guest, guest_t, guest_application_exec_domain, guest_r)
-')
-
optional_policy(`
dbus_role_template(guest, guest_r, guest_t)
')
diff --git a/policy/modules/roles/xguest.te b/policy/modules/roles/xguest.te
index ae8e69f2..bd410fd2 100644
--- a/policy/modules/roles/xguest.te
+++ b/policy/modules/roles/xguest.te
@@ -85,10 +85,6 @@ optional_policy(`
')
')
-optional_policy(`
- apache_role(xguest, xguest_t, xguest_application_exec_domain, xguest_r)
-')
-
optional_policy(`
gnomeclock_dontaudit_dbus_chat(xguest_t)
')
