commit: e7076edcfa4bbb656e651c38dfff5c08af6a3fa3
Author: Russell Coker <russell <AT> coker <DOT> com <DOT> au>
AuthorDate: Thu Dec 8 07:35:27 2022 +0000
Commit: Kenton Groombridge <concord <AT> gentoo <DOT> org>
CommitDate: Tue Dec 13 19:05:22 2022 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=e7076edc
This patch removes deprecated interfaces that were deprecated in the 20210203
release. I think that 2 years of support for a deprecated interface is enough
and by the time we have the next release out it will probably be more than 2
years since 20210203.
I think this is ready to merge.
Signed-off-by: Russell Coker <russell <AT> coker.com.au>
Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org>
policy/modules/admin/kismet.if | 31 --
policy/modules/admin/rpm.if | 55 ----
policy/modules/admin/samhain.if | 15 -
policy/modules/admin/sblim.if | 14 -
policy/modules/apps/qemu.if | 17 +-
policy/modules/kernel/corenetwork.if.m4 | 106 ------
policy/modules/kernel/devices.if | 45 ---
policy/modules/kernel/files.if | 528 ------------------------------
policy/modules/kernel/filesystem.if | 30 --
policy/modules/kernel/selinux.if | 22 --
policy/modules/services/abrt.if | 30 --
policy/modules/services/amavis.if | 30 --
policy/modules/services/apcupsd.if | 14 -
policy/modules/services/asterisk.if | 15 -
policy/modules/services/avahi.if | 87 -----
policy/modules/services/bind.if | 14 -
policy/modules/services/certmonger.if | 14 -
policy/modules/services/clamav.if | 15 -
policy/modules/services/consolesetup.if | 17 -
policy/modules/services/couchdb.if | 15 -
policy/modules/services/cron.if | 15 -
policy/modules/services/cups.if | 15 -
policy/modules/services/devicekit.if | 31 --
policy/modules/services/dnsmasq.if | 95 ------
policy/modules/services/exim.if | 14 -
policy/modules/services/fail2ban.if | 14 -
policy/modules/services/glance.if | 29 --
policy/modules/services/gssproxy.if | 14 -
policy/modules/services/icecast.if | 14 -
policy/modules/services/ifplugd.if | 14 -
policy/modules/services/inn.if | 18 -
policy/modules/services/memcached.if | 30 --
policy/modules/services/mysql.if | 29 --
policy/modules/services/networkmanager.if | 15 -
policy/modules/services/nis.if | 29 --
policy/modules/services/nscd.if | 31 --
policy/modules/services/nslcd.if | 14 -
policy/modules/services/openct.if | 15 -
policy/modules/services/openvswitch.if | 15 -
policy/modules/services/pcscd.if | 15 -
policy/modules/services/plymouthd.if | 30 --
policy/modules/services/ppp.if | 57 ----
policy/modules/services/psad.if | 28 --
policy/modules/services/qpid.if | 14 -
policy/modules/services/rhsmcertd.if | 14 -
policy/modules/services/rpcbind.if | 14 -
policy/modules/services/samba.if | 15 -
policy/modules/services/sanlock.if | 15 -
policy/modules/services/smokeping.if | 29 --
policy/modules/services/spamassassin.if | 15 -
policy/modules/services/sssd.if | 30 --
policy/modules/services/tuned.if | 29 --
policy/modules/services/uuidd.if | 14 -
policy/modules/services/vdagent.if | 14 -
policy/modules/services/vhostmd.if | 29 --
policy/modules/services/virt.if | 62 ----
policy/modules/services/xserver.if | 15 -
policy/modules/services/zabbix.if | 14 -
policy/modules/system/authlogin.if | 117 -------
policy/modules/system/init.if | 148 ---------
policy/modules/system/ipsec.if | 31 --
policy/modules/system/iptables.if | 15 -
policy/modules/system/logging.if | 15 -
policy/modules/system/lvm.if | 14 -
policy/modules/system/modutils.if | 15 -
policy/modules/system/raid.if | 31 --
policy/modules/system/sysnetwork.if | 30 --
policy/modules/system/systemd.if | 60 ----
policy/modules/system/userdomain.if | 27 --
policy/modules/system/xen.if | 40 ---
70 files changed, 1 insertion(+), 2560 deletions(-)
diff --git a/policy/modules/admin/kismet.if b/policy/modules/admin/kismet.if
index 4c3c0d285..6c62e57af 100644
--- a/policy/modules/admin/kismet.if
+++ b/policy/modules/admin/kismet.if
@@ -82,37 +82,6 @@ interface(`kismet_run',`
roleattribute $2 kismet_roles;
')
-########################################
-## <summary>
-## Read kismet pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`kismet_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
kismet_read_runtime_files() instead.')
- kismet_read_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Create, read, write, and delete
-## kismet pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`kismet_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
kismet_manage_runtime_files() instead.')
- kismet_manage_runtime_files($1)
-')
-
########################################
## <summary>
## Read kismet runtime files.
diff --git a/policy/modules/admin/rpm.if b/policy/modules/admin/rpm.if
index 2b5e0768e..4abe1b6fb 100644
--- a/policy/modules/admin/rpm.if
+++ b/policy/modules/admin/rpm.if
@@ -525,61 +525,6 @@ interface(`rpm_dontaudit_manage_db',`
dontaudit $1 rpm_var_lib_t:file map;
')
-#####################################
-## <summary>
-## Read rpm pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`rpm_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
-#####################################
-## <summary>
-## Create, read, write, and delete
-## rpm pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`rpm_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
rpm_manage_runtime_files() instead.')
- rpm_manage_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Create specified objects in pid directories
-## with the rpm pid file type. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="object_class">
-## <summary>
-## Class of the object being created.
-## </summary>
-## </param>
-## <param name="name" optional="true">
-## <summary>
-## The name of the object being created.
-## </summary>
-## </param>
-#
-interface(`rpm_pid_filetrans_rpm_pid',`
- refpolicywarn(`$0($*) has been deprecated')
-')
-
#####################################
## <summary>
## Create, read, write, and delete
diff --git a/policy/modules/admin/samhain.if b/policy/modules/admin/samhain.if
index 7aa0c8197..1618eaca8 100644
--- a/policy/modules/admin/samhain.if
+++ b/policy/modules/admin/samhain.if
@@ -173,21 +173,6 @@ interface(`samhain_manage_log_files',`
manage_files_pattern($1, samhain_log_t, samhain_log_t)
')
-########################################
-## <summary>
-## Create, read, write, and delete
-## samhain pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`samhain_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
#######################################
## <summary>
## All of the rules required to
diff --git a/policy/modules/admin/sblim.if b/policy/modules/admin/sblim.if
index 42b31f8f3..9c1994c16 100644
--- a/policy/modules/admin/sblim.if
+++ b/policy/modules/admin/sblim.if
@@ -19,20 +19,6 @@ interface(`sblim_domtrans_gatherd',`
domtrans_pattern($1, sblim_gatherd_exec_t, sblim_gatherd_t)
')
-########################################
-## <summary>
-## Read gatherd pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`sblim_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## All of the rules required to
diff --git a/policy/modules/apps/qemu.if b/policy/modules/apps/qemu.if
index bffe6548b..2881628cd 100644
--- a/policy/modules/apps/qemu.if
+++ b/policy/modules/apps/qemu.if
@@ -89,7 +89,7 @@ template(`qemu_domain_template',`
optional_policy(`
xserver_stream_connect($1_t)
xserver_read_xdm_tmp_files($1_t)
- xserver_read_xdm_pid($1_t)
+ xserver_read_xdm_runtime_files($1_t)
# xserver_xdm_rw_shm($1_t)
')
')
@@ -280,21 +280,6 @@ interface(`qemu_stream_connect',`
stream_connect_pattern($1, qemu_runtime_t, qemu_runtime_t, qemu_t)
')
-########################################
-## <summary>
-## Unlink qemu socket (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`qemu_delete_pid_sock_file',`
- refpolicywarn(`$0($*) has been deprecated, please use
qemu_delete_runtime_sock_files() instead.')
- qemu_delete_runtime_sock_files($1)
-')
-
########################################
## <summary>
## Unlink qemu runtime sockets.
diff --git a/policy/modules/kernel/corenetwork.if.m4
b/policy/modules/kernel/corenetwork.if.m4
index 5ef0b4e0d..372ad8935 100644
--- a/policy/modules/kernel/corenetwork.if.m4
+++ b/policy/modules/kernel/corenetwork.if.m4
@@ -461,112 +461,6 @@ interface(`corenet_udp_bind_$1_node',`
########################################
define(`create_port_interfaces',``
-########################################
-## <summary>
-## Send and receive TCP traffic on the $1 port.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <infoflow type="both" weight="10"/>
-#
-interface(`corenet_tcp_sendrecv_$1_port',`
- refpolicywarn(`dollarszero() has been deprecated, please remove.')
-')
-
-########################################
-## <summary>
-## Send UDP traffic on the $1 port.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <infoflow type="write" weight="10"/>
-#
-interface(`corenet_udp_send_$1_port',`
- refpolicywarn(`dollarszero() has been deprecated, please remove.')
-')
-
-########################################
-## <summary>
-## Do not audit attempts to send UDP traffic on the $1 port.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-## <infoflow type="none"/>
-#
-interface(`corenet_dontaudit_udp_send_$1_port',`
- refpolicywarn(`dollarszero() has been deprecated, please remove.')
-')
-
-########################################
-## <summary>
-## Receive UDP traffic on the $1 port.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <infoflow type="read" weight="10"/>
-#
-interface(`corenet_udp_receive_$1_port',`
- refpolicywarn(`dollarszero() has been deprecated, please remove.')
-')
-
-########################################
-## <summary>
-## Do not audit attempts to receive UDP traffic on the $1 port.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-## <infoflow type="none"/>
-#
-interface(`corenet_dontaudit_udp_receive_$1_port',`
- refpolicywarn(`dollarszero() has been deprecated, please remove.')
-')
-
-########################################
-## <summary>
-## Send and receive UDP traffic on the $1 port.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <infoflow type="both" weight="10"/>
-#
-interface(`corenet_udp_sendrecv_$1_port',`
- refpolicywarn(`dollarszero() has been deprecated, please remove.')
-')
-
-########################################
-## <summary>
-## Do not audit attempts to send and receive
-## UDP traffic on the $1 port.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-## <infoflow type="none"/>
-#
-interface(`corenet_dontaudit_udp_sendrecv_$1_port',`
- refpolicywarn(`dollarszero() has been deprecated, please remove.')
-')
-
########################################
## <summary>
## Bind TCP sockets to the $1 port.
diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
index 5ef1833c6..7b5a8679f 100644
--- a/policy/modules/kernel/devices.if
+++ b/policy/modules/kernel/devices.if
@@ -3382,51 +3382,6 @@ interface(`dev_rw_mtrr',`
rw_chr_files_pattern($1, device_t, mtrr_device_t)
')
-########################################
-## <summary>
-## Get the attributes of the network control device (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`dev_getattr_netcontrol_dev',`
- refpolicywarn(`$0() has been deprecated, use dev_getattr_pmqos_dev()
instead.')
- dev_getattr_pmqos_dev($1)
-')
-
-########################################
-## <summary>
-## Read the network control identity. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`dev_read_netcontrol',`
- refpolicywarn(`$0() has been deprecated, use dev_read_pmqos() instead.')
- dev_read_pmqos($1)
-')
-
-########################################
-## <summary>
-## Read and write the the network control device. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`dev_rw_netcontrol',`
- refpolicywarn(`$0() has been deprecated, use dev_rw_pmqos() instead.')
- dev_rw_pmqos($1)
-')
-
########################################
## <summary>
## Get the attributes of the null device nodes.
diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 42dcb8abf..a895f3734 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -189,50 +189,6 @@ interface(`files_security_mountpoint',`
typeattribute $1 mountpoint;
')
-########################################
-## <summary>
-## Make the specified type usable for
-## runtime process ID files. (Deprecated)
-## </summary>
-## <desc>
-## <p>
-## Make the specified type usable for runtime process ID files,
-## typically found in /var/run.
-## This will also make the type usable for files, making
-## calls to files_type() redundant. Failure to use this interface
-## for a PID file type may result in problems with starting
-## or stopping services.
-## </p>
-## <p>
-## Related interfaces:
-## </p>
-## <ul>
-## <li>files_runtime_filetrans()</li>
-## </ul>
-## <p>
-## Example usage with a domain that can create and
-## write its PID file with a private PID file type in the
-## /var/run directory:
-## </p>
-## <p>
-## type mypidfile_t;
-## files_runtime_file(mypidfile_t)
-## allow mydomain_t mypidfile_t:file { create_file_perms write_file_perms
};
-## files_runtime_filetrans(mydomain_t, mypidfile_t, file)
-## </p>
-## </desc>
-## <param name="type">
-## <summary>
-## Type to be used for PID files.
-## </summary>
-## </param>
-## <infoflow type="none"/>
-#
-interface(`files_pid_file',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_runtime_file() instead.')
- files_runtime_file($1)
-')
-
########################################
## <summary>
## Make the specified type usable for
@@ -6670,130 +6626,6 @@ interface(`files_lock_filetrans',`
filetrans_pattern($1, var_lock_t, $2, $3, $4)
')
-########################################
-## <summary>
-## Do not audit attempts to get the attributes
-## of the /var/run directory. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-#
-interface(`files_dontaudit_getattr_pid_dirs',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_dontaudit_getattr_runtime_dirs() instead.')
- files_dontaudit_getattr_runtime_dirs($1)
-')
-
-########################################
-## <summary>
-## mounton a /var/run directory. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_mounton_pid_dirs',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_mounton_runtime_dirs() instead.')
- files_mounton_runtime_dirs($1)
-')
-
-########################################
-## <summary>
-## Set the attributes of the /var/run directory. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_setattr_pid_dirs',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_setattr_runtime_dirs() instead.')
- files_setattr_runtime_dirs($1)
-')
-
-########################################
-## <summary>
-## Search the contents of runtime process
-## ID directories (/var/run). (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_search_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_search_runtime() instead.')
- files_search_runtime($1)
-')
-
-########################################
-## <summary>
-## Do not audit attempts to search
-## the /var/run directory. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-#
-interface(`files_dontaudit_search_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_dontaudit_search_runtime() instead.')
- files_dontaudit_search_runtime($1)
-')
-
-########################################
-## <summary>
-## List the contents of the runtime process
-## ID directories (/var/run). (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_list_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_list_runtime() instead.')
- files_list_runtime($1)
-')
-
-########################################
-## <summary>
-## Check write access on /var/run directories. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_check_write_pid_dirs',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_check_write_runtime_dirs() instead.')
- files_check_write_runtime_dirs($1)
-')
-
-########################################
-## <summary>
-## Create a /var/run directory. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_create_pid_dirs',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_create_runtime_dirs() instead.')
- files_create_runtime_dirs($1)
-')
-
########################################
## <summary>
## Do not audit attempts to get the attributes
@@ -6965,286 +6797,6 @@ interface(`files_watch_runtime_dirs',`
allow $1 var_run_t:dir watch;
')
-########################################
-## <summary>
-## Read generic process ID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_read_generic_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_read_runtime_files() instead.')
- files_read_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Write named generic process ID pipes. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_write_generic_pid_pipes',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_write_runtime_pipes() instead.')
- files_write_runtime_pipes($1)
-')
-
-########################################
-## <summary>
-## Create an object in the process ID directory, with a private type.
(Deprecated)
-## </summary>
-## <desc>
-## <p>
-## Create an object in the process ID directory (e.g., /var/run)
-## with a private type. Typically this is used for creating
-## private PID files in /var/run with the private type instead
-## of the general PID file type. To accomplish this goal,
-## either the program must be SELinux-aware, or use this interface.
-## </p>
-## <p>
-## Related interfaces:
-## </p>
-## <ul>
-## <li>files_runtime_file()</li>
-## </ul>
-## <p>
-## Example usage with a domain that can create and
-## write its PID file with a private PID file type in the
-## /var/run directory:
-## </p>
-## <p>
-## type mypidfile_t;
-## files_runtime_file(mypidfile_t)
-## allow mydomain_t mypidfile_t:file { create_file_perms write_file_perms
};
-## files_runtime_filetrans(mydomain_t, mypidfile_t, file)
-## </p>
-## </desc>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="private type">
-## <summary>
-## The type of the object to be created.
-## </summary>
-## </param>
-## <param name="object">
-## <summary>
-## The object class of the object being created.
-## </summary>
-## </param>
-## <param name="name" optional="true">
-## <summary>
-## The name of the object being created.
-## </summary>
-## </param>
-## <infoflow type="write" weight="10"/>
-#
-interface(`files_pid_filetrans',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_runtime_filetrans() instead.')
- files_runtime_filetrans($1, $2, $3, $4)
-')
-
-########################################
-## <summary>
-## Create a generic lock directory within the run directories.
(Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access
-## </summary>
-## </param>
-## <param name="name" optional="true">
-## <summary>
-## The name of the object being created.
-## </summary>
-## </param>
-#
-interface(`files_pid_filetrans_lock_dir',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_runtime_filetrans_lock_dir() instead.')
- files_runtime_filetrans_lock_dir($1, $2)
-')
-
-########################################
-## <summary>
-## Read and write generic process ID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_rw_generic_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_rw_runtime_files() instead.')
- files_rw_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Do not audit attempts to get the attributes of
-## daemon runtime data files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-#
-interface(`files_dontaudit_getattr_all_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_dontaudit_getattr_all_runtime_files() instead.')
- files_dontaudit_getattr_all_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Do not audit attempts to write to daemon runtime data files.
(Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-#
-interface(`files_dontaudit_write_all_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_dontaudit_write_all_runtime_files() instead.')
- files_dontaudit_write_all_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Do not audit attempts to ioctl daemon runtime data files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-#
-interface(`files_dontaudit_ioctl_all_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_dontaudit_ioctl_all_runtime_files() instead.')
- files_dontaudit_ioctl_all_runtime_files($1)
-')
-
-########################################
-## <summary>
-## manage all pidfile directories
-## in the /var/run directory. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_manage_all_pid_dirs',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_manage_all_runtime_dirs() instead.')
- files_manage_all_runtime_dirs($1)
-')
-
-########################################
-## <summary>
-## Read all process ID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <rolecap/>
-#
-interface(`files_read_all_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_read_all_runtime_files() instead.')
- files_read_all_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Execute generic programs in /var/run in the caller domain. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_exec_generic_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_exec_runtime() instead.')
- files_exec_runtime($1)
-')
-
-########################################
-## <summary>
-## Relabel all pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_relabel_all_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_relabel_all_runtime_files() instead.')
- files_relabel_all_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Delete all process IDs. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <rolecap/>
-#
-interface(`files_delete_all_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_delete_runtime_symlinks(); files_delete_all_runtime_files();
files_delete_all_runtime_dirs(); files_delete_all_runtime_sockets();
files_delete_all_runtime_pipes(); instead.')
- files_delete_runtime_symlinks($1)
- files_delete_all_runtime_files($1)
- files_delete_all_runtime_dirs($1)
- files_delete_all_runtime_sockets($1)
- files_delete_all_runtime_pipes($1)
-')
-
-########################################
-## <summary>
-## Create all pid sockets. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_create_all_pid_sockets',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_create_all_runtime_sockets() instead.')
- files_create_all_runtime_sockets($1)
-')
-
-########################################
-## <summary>
-## Create all pid named pipes. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_create_all_pid_pipes',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_create_all_runtime_pipes() instead.')
- files_create_all_runtime_pipes($1)
-')
-
########################################
## <summary>
## Read generic runtime files.
@@ -7803,86 +7355,6 @@ interface(`files_delete_all_spool_sockets',`
allow $1 spoolfile:sock_file delete_sock_file_perms;
')
-########################################
-## <summary>
-## Delete all process ID directories. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_delete_all_pid_dirs',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_delete_all_runtime_dirs() instead.')
- files_delete_all_runtime_dirs($1)
-')
-
-########################################
-## <summary>
-## Create, read, write and delete all
-## var_run (pid) content (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_manage_all_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_manage_all_runtime_dirs(); files_manage_all_runtime_files();
files_manage_all_runtime_symlinks() instead.')
- files_manage_all_runtime_dirs($1)
- files_manage_all_runtime_files($1)
- files_manage_all_runtime_symlinks($1)
-')
-
-########################################
-## <summary>
-## Relabel to/from all var_run (pid) directories (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_relabel_all_pid_dirs',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_relabel_all_runtime_dirs() instead.')
- files_relabel_all_runtime_dirs($1)
-')
-
-########################################
-## <summary>
-## Relabel to/from all var_run (pid) socket files (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_relabel_all_pid_sock_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_relabel_all_runtime_sockets() instead.')
- files_relabel_all_runtime_sockets($1)
-')
-
-########################################
-## <summary>
-## Relabel to/from all var_run (pid) files and directories (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`files_relabel_all_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_relabel_all_runtime_dirs(); files_relabel_all_runtime_files();
files_relabel_all_runtime_symlinks() instead.')
- files_relabel_all_runtime_dirs($1)
- files_relabel_all_runtime_files($1)
- files_relabel_all_runtime_symlinks($1)
-')
-
########################################
## <summary>
## Mount filesystems on all polyinstantiation
diff --git a/policy/modules/kernel/filesystem.if
b/policy/modules/kernel/filesystem.if
index 4a1de6dd2..c1078d796 100644
--- a/policy/modules/kernel/filesystem.if
+++ b/policy/modules/kernel/filesystem.if
@@ -5787,21 +5787,6 @@ interface(`fs_relabel_tmpfs_chr_files',`
relabel_chr_files_pattern($1, tmpfs_t, tmpfs_t)
')
-########################################
-## <summary>
-## Relabel character nodes on tmpfs filesystems.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`fs_relabel_tmpfs_chr_file',`
- refpolicywarn(`$0($*) has been deprecated, please use
fs_relabel_tmpfs_chr_files() instead.')
- fs_relabel_tmpfs_chr_files($1)
-')
-
########################################
## <summary>
## Read and write block nodes on tmpfs filesystems.
@@ -5840,21 +5825,6 @@ interface(`fs_relabel_tmpfs_blk_files',`
relabel_blk_files_pattern($1, tmpfs_t, tmpfs_t)
')
-########################################
-## <summary>
-## Relabel block nodes on tmpfs filesystems.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`fs_relabel_tmpfs_blk_file',`
- refpolicywarn(`$0($*) has been deprecated, please use
fs_relabel_tmpfs_blk_files() instead.')
- fs_relabel_tmpfs_blk_files($1)
-')
-
########################################
## <summary>
## Relabel named pipes on tmpfs filesystems.
diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
index cb610c449..4f20567a3 100644
--- a/policy/modules/kernel/selinux.if
+++ b/policy/modules/kernel/selinux.if
@@ -697,28 +697,6 @@ interface(`selinux_use_status_page',`
allow $1 security_t:file mmap_read_file_perms;
')
-########################################
-## <summary>
-## Allows caller to map secuirty_t files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-
-interface(`selinux_map_security_files',`
- gen_require(`
- type security_t;
- ')
-
- refpolicywarn(`$0() has been deprecated, use selinux_use_status_page()
instead.')
-
- dev_search_sysfs($1)
- allow $1 security_t:file map;
-')
-
########################################
## <summary>
## Unconfined access to the SELinux kernel security server.
diff --git a/policy/modules/services/abrt.if b/policy/modules/services/abrt.if
index e763b4b9f..75753ed86 100644
--- a/policy/modules/services/abrt.if
+++ b/policy/modules/services/abrt.if
@@ -221,36 +221,6 @@ interface(`abrt_read_log',`
read_files_pattern($1, abrt_var_log_t, abrt_var_log_t)
')
-######################################
-## <summary>
-## Read abrt PID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`abrt_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
-######################################
-## <summary>
-## Create, read, write, and delete
-## abrt PID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`abrt_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
abrt_manage_runtime_files() instead.')
- abrt_manage_runtime_files($1)
-')
-
######################################
## <summary>
## Create, read, write, and delete
diff --git a/policy/modules/services/amavis.if
b/policy/modules/services/amavis.if
index f0944bceb..ebd5638e3 100644
--- a/policy/modules/services/amavis.if
+++ b/policy/modules/services/amavis.if
@@ -171,36 +171,6 @@ interface(`amavis_manage_lib_files',`
files_search_var_lib($1)
')
-########################################
-## <summary>
-## Set attributes of amavis pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`amavis_setattr_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
amavis_setattr_runtime_files() instead.')
- amavis_setattr_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Create amavis pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`amavis_create_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
amavis_create_runtime_files() instead.')
- amavis_create_runtime_files($1)
-')
-
########################################
## <summary>
## Set attributes of amavis runtime files.
diff --git a/policy/modules/services/apcupsd.if
b/policy/modules/services/apcupsd.if
index 5077cf464..e0eeff71f 100644
--- a/policy/modules/services/apcupsd.if
+++ b/policy/modules/services/apcupsd.if
@@ -39,20 +39,6 @@ interface(`apcupsd_initrc_domtrans',`
init_labeled_script_domtrans($1, apcupsd_initrc_exec_t)
')
-########################################
-## <summary>
-## Read apcupsd PID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`apcupsd_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Read apcupsd log files.
diff --git a/policy/modules/services/asterisk.if
b/policy/modules/services/asterisk.if
index 31f446c66..a1a74b1be 100644
--- a/policy/modules/services/asterisk.if
+++ b/policy/modules/services/asterisk.if
@@ -79,21 +79,6 @@ interface(`asterisk_setattr_logs',`
logging_search_logs($1)
')
-#######################################
-## <summary>
-## Set attributes of the asterisk
-## PID content.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`asterisk_setattr_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## All of the rules required to
diff --git a/policy/modules/services/avahi.if b/policy/modules/services/avahi.if
index c223e8b3a..fe9f460e3 100644
--- a/policy/modules/services/avahi.if
+++ b/policy/modules/services/avahi.if
@@ -133,36 +133,6 @@ interface(`avahi_stream_connect',`
stream_connect_pattern($1, avahi_runtime_t, avahi_runtime_t, avahi_t)
')
-########################################
-## <summary>
-## Create avahi pid directories. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`avahi_create_pid_dirs',`
- refpolicywarn(`$0($*) has been deprecated, please use
avahi_create_runtime_dirs() instead.')
- avahi_create_runtime_dirs($1)
-')
-
-########################################
-## <summary>
-## Set attributes of avahi pid directories. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`avahi_setattr_pid_dirs',`
- refpolicywarn(`$0($*) has been deprecated, please use
avahi_setattr_runtime_dirs() instead.')
- avahi_setattr_runtime_dirs($1)
-')
-
########################################
## <summary>
## Set attributes of avahi runtime directories.
@@ -201,63 +171,6 @@ interface(`avahi_create_runtime_dirs',`
allow $1 avahi_runtime_t:dir create_dir_perms;
')
-########################################
-## <summary>
-## Create, read, and write avahi pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`avahi_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
avahi_manage_runtime_files() instead.')
- avahi_manage_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Do not audit attempts to search
-## avahi pid directories. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-#
-interface(`avahi_dontaudit_search_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
avahi_dontaudit_search_runtime() instead.')
- avahi_dontaudit_search_runtime($1)
-')
-
-########################################
-## <summary>
-## Create specified objects in generic
-## pid directories with the avahi pid file type. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="object_class">
-## <summary>
-## Class of the object being created.
-## </summary>
-## </param>
-## <param name="name" optional="true">
-## <summary>
-## The name of the object being created.
-## </summary>
-## </param>
-#
-interface(`avahi_filetrans_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
avahi_filetrans_runtime() instead.')
- avahi_filetrans_runtime($*)
-')
-
########################################
## <summary>
## Create, read, and write avahi runtime files.
diff --git a/policy/modules/services/bind.if b/policy/modules/services/bind.if
index 25ba4d119..7c252d9ab 100644
--- a/policy/modules/services/bind.if
+++ b/policy/modules/services/bind.if
@@ -254,20 +254,6 @@ interface(`bind_manage_cache',`
manage_lnk_files_pattern($1, named_cache_t, named_cache_t)
')
-########################################
-## <summary>
-## Set attributes of bind pid directories. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`bind_setattr_pid_dirs',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Set attributes of bind zone directories.
diff --git a/policy/modules/services/certmonger.if
b/policy/modules/services/certmonger.if
index 1b89f9bbb..5d4cf9615 100644
--- a/policy/modules/services/certmonger.if
+++ b/policy/modules/services/certmonger.if
@@ -59,20 +59,6 @@ interface(`certmonger_initrc_domtrans',`
init_labeled_script_domtrans($1, certmonger_initrc_exec_t)
')
-########################################
-## <summary>
-## Read certmonger PID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`certmonger_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Search certmonger lib directories.
diff --git a/policy/modules/services/clamav.if
b/policy/modules/services/clamav.if
index 29d00c98f..f59ce107c 100644
--- a/policy/modules/services/clamav.if
+++ b/policy/modules/services/clamav.if
@@ -87,21 +87,6 @@ interface(`clamav_append_log',`
append_files_pattern($1, clamd_var_log_t, clamd_var_log_t)
')
-########################################
-## <summary>
-## Create, read, write, and delete
-## clamav pid content. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`clamav_manage_pid_content',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Read clamav configuration files.
diff --git a/policy/modules/services/consolesetup.if
b/policy/modules/services/consolesetup.if
index f5f766f03..d9b65ddbf 100644
--- a/policy/modules/services/consolesetup.if
+++ b/policy/modules/services/consolesetup.if
@@ -83,23 +83,6 @@ interface(`consolesetup_manage_runtime', `
manage_files_pattern($1, consolesetup_runtime_t, consolesetup_runtime_t)
')
-########################################
-## <summary>
-## Create a console-setup directory in
-## the runtime directory. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <rolecap/>
-#
-interface(`consolesetup_pid_filetrans_runtime', `
- refpolicywarn(`$0($*) has been deprecated, please use
consolesetup_runtime_filetrans_runtime_dir() instead.')
- consolesetup_runtime_filetrans_runtime_dir($1)
-')
-
########################################
## <summary>
## Create a console-setup directory in
diff --git a/policy/modules/services/couchdb.if
b/policy/modules/services/couchdb.if
index cc925162c..1be0403ba 100644
--- a/policy/modules/services/couchdb.if
+++ b/policy/modules/services/couchdb.if
@@ -57,21 +57,6 @@ interface(`couchdb_read_conf_files',`
read_files_pattern($1, couchdb_conf_t, couchdb_conf_t)
')
-########################################
-## <summary>
-## Read couchdb pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`couchdb_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
couchdb_read_runtime_files() instead.')
- couchdb_read_runtime_files($1)
-')
-
########################################
## <summary>
## Read couchdb runtime files.
diff --git a/policy/modules/services/cron.if b/policy/modules/services/cron.if
index 1b71c457c..87306cfdb 100644
--- a/policy/modules/services/cron.if
+++ b/policy/modules/services/cron.if
@@ -660,21 +660,6 @@ interface(`cron_search_spool',`
allow $1 cron_spool_t:dir search_dir_perms;
')
-########################################
-## <summary>
-## Create, read, write, and delete
-## crond pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`cron_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Execute anacron in the cron
diff --git a/policy/modules/services/cups.if b/policy/modules/services/cups.if
index c8c50c399..852db3d67 100644
--- a/policy/modules/services/cups.if
+++ b/policy/modules/services/cups.if
@@ -94,21 +94,6 @@ interface(`cups_dbus_chat',`
allow cupsd_t $1:dbus send_msg;
')
-########################################
-## <summary>
-## Read cups PID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`cups_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
cups_read_runtime_files() instead.')
- cups_read_runtime_files($1)
-')
-
########################################
## <summary>
## Read cups runtime files.
diff --git a/policy/modules/services/devicekit.if
b/policy/modules/services/devicekit.if
index 17862b6b8..58c82ab1f 100644
--- a/policy/modules/services/devicekit.if
+++ b/policy/modules/services/devicekit.if
@@ -199,37 +199,6 @@ interface(`devicekit_relabel_log_files',`
relabel_files_pattern($1, devicekit_var_log_t, devicekit_var_log_t)
')
-########################################
-## <summary>
-## Read devicekit PID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`devicekit_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
devicekit_read_runtime_files() instead.')
- devicekit_read_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Create, read, write, and delete
-## devicekit PID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`devicekit_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
devicekit_manage_runtime_files() instead.')
- devicekit_manage_runtime_files($1)
-')
-
########################################
## <summary>
## Read devicekit runtime files.
diff --git a/policy/modules/services/dnsmasq.if
b/policy/modules/services/dnsmasq.if
index c0b4bc282..5bf375b18 100644
--- a/policy/modules/services/dnsmasq.if
+++ b/policy/modules/services/dnsmasq.if
@@ -135,101 +135,6 @@ interface(`dnsmasq_write_config',`
files_search_etc($1)
')
-########################################
-## <summary>
-## Delete dnsmasq pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-#
-interface(`dnsmasq_delete_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
dnsmasq_delete_runtime_files() instead.')
- dnsmasq_delete_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Create, read, write, and delete
-## dnsmasq pid files (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`dnsmasq_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
dnsmasq_manage_runtime_files() instead.')
- dnsmasq_manage_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Read dnsmasq pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-#
-interface(`dnsmasq_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
dnsmasq_read_runtime_files() instead.')
- dnsmasq_read_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Create dnsmasq pid directories. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`dnsmasq_create_pid_dirs',`
- refpolicywarn(`$0($*) has been deprecated, please use
dnsmasq_create_runtime_dirs() instead.')
- dnsmasq_create_runtime_dirs($1)
-')
-
-########################################
-## <summary>
-## Create specified objects in specified
-## directories with a type transition to
-## the dnsmasq pid file type. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="file_type">
-## <summary>
-## Directory to transition on.
-## </summary>
-## </param>
-## <param name="object">
-## <summary>
-## The object class of the object being created.
-## </summary>
-## </param>
-## <param name="name" optional="true">
-## <summary>
-## The name of the object being created.
-## </summary>
-## </param>
-#
-interface(`dnsmasq_spec_filetrans_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
dnsmasq_virt_runtime_filetrans_runtime() instead.')
- dnsmasq_virt_runtime_filetrans_runtime($1, $3, $4)
-')
-
########################################
## <summary>
## Create dnsmasq runtime directories.
diff --git a/policy/modules/services/exim.if b/policy/modules/services/exim.if
index ceff9d87b..66dc62452 100644
--- a/policy/modules/services/exim.if
+++ b/policy/modules/services/exim.if
@@ -103,20 +103,6 @@ interface(`exim_read_tmp_files',`
files_search_tmp($1)
')
-########################################
-## <summary>
-## Read exim pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`exim_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Read exim log files.
diff --git a/policy/modules/services/fail2ban.if
b/policy/modules/services/fail2ban.if
index d270e693a..c5884093a 100644
--- a/policy/modules/services/fail2ban.if
+++ b/policy/modules/services/fail2ban.if
@@ -220,20 +220,6 @@ interface(`fail2ban_append_log',`
allow $1 fail2ban_log_t:file append_file_perms;
')
-########################################
-## <summary>
-## Read fail2ban pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`fail2ban_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## All of the rules required to
diff --git a/policy/modules/services/glance.if
b/policy/modules/services/glance.if
index 709832851..eff86ff1b 100644
--- a/policy/modules/services/glance.if
+++ b/policy/modules/services/glance.if
@@ -179,35 +179,6 @@ interface(`glance_manage_lib_dirs',`
manage_dirs_pattern($1, glance_var_lib_t, glance_var_lib_t)
')
-########################################
-## <summary>
-## Read glance pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`glance_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
-########################################
-## <summary>
-## Create, read, write, and delete
-## glance pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`glance_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## All of the rules required to
diff --git a/policy/modules/services/gssproxy.if
b/policy/modules/services/gssproxy.if
index 27d9d9f81..693d5228e 100644
--- a/policy/modules/services/gssproxy.if
+++ b/policy/modules/services/gssproxy.if
@@ -95,20 +95,6 @@ interface(`gssproxy_manage_lib_dirs',`
manage_dirs_pattern($1, gssproxy_var_lib_t, gssproxy_var_lib_t)
')
-########################################
-## <summary>
-## Read gssproxy PID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`gssproxy_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Connect to gssproxy over an unix
diff --git a/policy/modules/services/icecast.if
b/policy/modules/services/icecast.if
index 0d3cc58fc..65fbd96a8 100644
--- a/policy/modules/services/icecast.if
+++ b/policy/modules/services/icecast.if
@@ -55,20 +55,6 @@ interface(`icecast_initrc_domtrans',`
init_labeled_script_domtrans($1, icecast_initrc_exec_t)
')
-########################################
-## <summary>
-## Read icecast pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`icecast_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Create, read, write, and delete
diff --git a/policy/modules/services/ifplugd.if
b/policy/modules/services/ifplugd.if
index 3e75f24ae..8e9bd0232 100644
--- a/policy/modules/services/ifplugd.if
+++ b/policy/modules/services/ifplugd.if
@@ -77,20 +77,6 @@ interface(`ifplugd_manage_config',`
manage_files_pattern($1, ifplugd_etc_t, ifplugd_etc_t)
')
-########################################
-## <summary>
-## Read ifplugd pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`ifplugd_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## All of the rules required to
diff --git a/policy/modules/services/inn.if b/policy/modules/services/inn.if
index 2f5cc3e8f..7a4343b72 100644
--- a/policy/modules/services/inn.if
+++ b/policy/modules/services/inn.if
@@ -86,24 +86,6 @@ interface(`inn_generic_log_filetrans_innd_log',`
logging_log_filetrans($1, innd_log_t, $2, $3)
')
-########################################
-## <summary>
-## Create, read, write, and delete
-## innd pid content. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`inn_manage_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
inn_manage_runtime_dirs();
inn_manage_runtime_files()inn_manage_runtime_sockets() instead.')
- inn_manage_runtime_dirs($1)
- inn_manage_runtime_files($1)
- inn_manage_runtime_sockets($1)
-')
-
########################################
## <summary>
## Create, read, write, and delete
diff --git a/policy/modules/services/memcached.if
b/policy/modules/services/memcached.if
index 34423fcf1..964418774 100644
--- a/policy/modules/services/memcached.if
+++ b/policy/modules/services/memcached.if
@@ -19,36 +19,6 @@ interface(`memcached_domtrans',`
domtrans_pattern($1, memcached_exec_t, memcached_t)
')
-########################################
-## <summary>
-## Create, read, write, and delete
-## memcached pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`memcached_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
memcached_manage_runtime_files() instead.')
- memcached_manage_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Read memcached pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`memcached_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Create, read, write, and delete
diff --git a/policy/modules/services/mysql.if b/policy/modules/services/mysql.if
index 0b2e5685d..46d63fe7a 100644
--- a/policy/modules/services/mysql.if
+++ b/policy/modules/services/mysql.if
@@ -386,35 +386,6 @@ interface(`mysql_domtrans_mysql_safe',`
domtrans_pattern($1, mysqld_safe_exec_t, mysqld_safe_t)
')
-#####################################
-## <summary>
-## Read mysqld pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`mysql_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
-#####################################
-## <summary>
-## Search mysqld pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-##
-#
-interface(`mysql_search_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## All of the rules required to
diff --git a/policy/modules/services/networkmanager.if
b/policy/modules/services/networkmanager.if
index 8a5e4e73f..e0e3d0615 100644
--- a/policy/modules/services/networkmanager.if
+++ b/policy/modules/services/networkmanager.if
@@ -271,21 +271,6 @@ interface(`networkmanager_append_log_files',`
append_files_pattern($1, NetworkManager_log_t, NetworkManager_log_t)
')
-########################################
-## <summary>
-## Read networkmanager pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`networkmanager_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
networkmanager_read_runtime_files() instead.')
- networkmanager_read_runtime_files($1)
-')
-
########################################
## <summary>
## Read networkmanager runtime files.
diff --git a/policy/modules/services/nis.if b/policy/modules/services/nis.if
index 4c6724b57..ba5c6a9d9 100644
--- a/policy/modules/services/nis.if
+++ b/policy/modules/services/nis.if
@@ -210,21 +210,6 @@ interface(`nis_list_var_yp',`
allow $1 var_yp_t:dir list_dir_perms;
')
-########################################
-## <summary>
-## Read ypbind pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`nis_read_ypbind_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
nis_read_ypbind_runtime_files() instead.')
- nis_read_ypbind_runtime_files($1)
-')
-
########################################
## <summary>
## Read ypbind runtime files.
@@ -244,20 +229,6 @@ interface(`nis_read_ypbind_runtime_files',`
allow $1 ypbind_runtime_t:file read_file_perms;
')
-########################################
-## <summary>
-## Delete ypbind pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`nis_delete_ypbind_pid',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Read ypserv configuration files.
diff --git a/policy/modules/services/nscd.if b/policy/modules/services/nscd.if
index 790e8a5f4..3f87cc461 100644
--- a/policy/modules/services/nscd.if
+++ b/policy/modules/services/nscd.if
@@ -172,37 +172,6 @@ interface(`nscd_use',`
')
')
-########################################
-## <summary>
-## Do not audit attempts to search
-## nscd pid directories. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-#
-interface(`nscd_dontaudit_search_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
nscd_dontaudit_search_runtime() instead.')
- nscd_dontaudit_search_runtime($1)
-')
-
-########################################
-## <summary>
-## Read nscd pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`nscd_read_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
nscd_read_runtime_files() instead.')
- nscd_read_runtime_files($1)
-')
-
########################################
## <summary>
## Do not audit attempts to search
diff --git a/policy/modules/services/nslcd.if b/policy/modules/services/nslcd.if
index df0e05059..5858ef9e8 100644
--- a/policy/modules/services/nslcd.if
+++ b/policy/modules/services/nslcd.if
@@ -37,20 +37,6 @@ interface(`nslcd_initrc_domtrans',`
init_labeled_script_domtrans($1, nslcd_initrc_exec_t)
')
-########################################
-## <summary>
-## Read nslcd pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`nslcd_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Connect to nslcd over an unix
diff --git a/policy/modules/services/openct.if
b/policy/modules/services/openct.if
index f6ced13a9..3199d585d 100644
--- a/policy/modules/services/openct.if
+++ b/policy/modules/services/openct.if
@@ -56,21 +56,6 @@ interface(`openct_domtrans',`
domtrans_pattern($1, openct_exec_t, openct_t)
')
-########################################
-## <summary>
-## Read openct pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`openct_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
openct_read_runtime_files() instead.')
- openct_read_runtime_files($1)
-')
-
########################################
## <summary>
## Read openct runtime files.
diff --git a/policy/modules/services/openvswitch.if
b/policy/modules/services/openvswitch.if
index 73bbb6d69..e7af2589a 100644
--- a/policy/modules/services/openvswitch.if
+++ b/policy/modules/services/openvswitch.if
@@ -19,21 +19,6 @@ interface(`openvswitch_domtrans',`
domtrans_pattern($1, openvswitch_exec_t, openvswitch_t)
')
-########################################
-## <summary>
-## Read openvswitch pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`openvswitch_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
openvswitch_read_runtime_files() instead.')
- openvswitch_read_runtime_files($1)
-')
-
########################################
## <summary>
## Read openvswitch runtime files.
diff --git a/policy/modules/services/pcscd.if b/policy/modules/services/pcscd.if
index 219161c2a..d6f652360 100644
--- a/policy/modules/services/pcscd.if
+++ b/policy/modules/services/pcscd.if
@@ -19,21 +19,6 @@ interface(`pcscd_domtrans',`
domtrans_pattern($1, pcscd_exec_t, pcscd_t)
')
-########################################
-## <summary>
-## Read pcscd pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`pcscd_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
pcscd_read_runtime_files() instead.')
- pcscd_read_runtime_files($1)
-')
-
########################################
## <summary>
## Read pcscd runtime files.
diff --git a/policy/modules/services/plymouthd.if
b/policy/modules/services/plymouthd.if
index b0a399935..74539d062 100644
--- a/policy/modules/services/plymouthd.if
+++ b/policy/modules/services/plymouthd.if
@@ -231,36 +231,6 @@ interface(`plymouthd_manage_lib_files',`
manage_files_pattern($1, plymouthd_var_lib_t, plymouthd_var_lib_t)
')
-########################################
-## <summary>
-## Read plymouthd pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`plymouthd_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
plymouthd_read_runtime_files() instead.')
- plymouthd_read_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Delete the plymouthd pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`plymouthd_delete_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
plymouthd_delete_runtime_files() instead.')
- plymouthd_delete_runtime_files($1)
-')
-
########################################
## <summary>
## Read plymouthd runtime files.
diff --git a/policy/modules/services/ppp.if b/policy/modules/services/ppp.if
index dd09fa954..cf7f567db 100644
--- a/policy/modules/services/ppp.if
+++ b/policy/modules/services/ppp.if
@@ -353,63 +353,6 @@ interface(`ppp_read_secrets',`
allow $1 pppd_etc_t:lnk_file read_lnk_file_perms;
')
-########################################
-## <summary>
-## Read ppp pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`ppp_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
ppp_read_runtime_files() instead.')
- ppp_read_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Create, read, write, and delete
-## ppp pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`ppp_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
ppp_manage_runtime_files() instead.')
- ppp_manage_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Create specified pppd pid objects
-## with a type transition. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="object_class">
-## <summary>
-## Class of the object being created.
-## </summary>
-## </param>
-## <param name="name" optional="true">
-## <summary>
-## The name of the object being created.
-## </summary>
-## </param>
-#
-interface(`ppp_pid_filetrans',`
- refpolicywarn(`$0($*) has been deprecated, please use
ppp_runtime_filetrans() instead.')
- ppp_runtime_filetrans($1, $2, $3)
-')
-
########################################
## <summary>
## Read ppp runtime files.
diff --git a/policy/modules/services/psad.if b/policy/modules/services/psad.if
index fe191f52f..1193f97ca 100644
--- a/policy/modules/services/psad.if
+++ b/policy/modules/services/psad.if
@@ -98,34 +98,6 @@ interface(`psad_manage_config',`
allow $1 psad_etc_t:lnk_file manage_lnk_file_perms;
')
-########################################
-## <summary>
-## Read psad pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`psad_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
-########################################
-## <summary>
-## Read and write psad pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`psad_rw_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Read psad log content.
diff --git a/policy/modules/services/qpid.if b/policy/modules/services/qpid.if
index 9b0dd4abf..375bc7cbc 100644
--- a/policy/modules/services/qpid.if
+++ b/policy/modules/services/qpid.if
@@ -74,20 +74,6 @@ interface(`qpidd_initrc_domtrans',`
init_labeled_script_domtrans($1, qpidd_initrc_exec_t)
')
-########################################
-## <summary>
-## Read qpidd pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`qpidd_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Search qpidd lib directories.
diff --git a/policy/modules/services/rhsmcertd.if
b/policy/modules/services/rhsmcertd.if
index dbc8a61c0..673ae1986 100644
--- a/policy/modules/services/rhsmcertd.if
+++ b/policy/modules/services/rhsmcertd.if
@@ -177,20 +177,6 @@ interface(`rhsmcertd_manage_lib_dirs',`
manage_dirs_pattern($1, rhsmcertd_var_lib_t, rhsmcertd_var_lib_t)
')
-########################################
-## <summary>
-## Read rhsmcertd pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`rhsmcertd_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
####################################
## <summary>
## Connect to rhsmcertd with a
diff --git a/policy/modules/services/rpcbind.if
b/policy/modules/services/rpcbind.if
index b815d02de..0938487d2 100644
--- a/policy/modules/services/rpcbind.if
+++ b/policy/modules/services/rpcbind.if
@@ -39,20 +39,6 @@ interface(`rpcbind_stream_connect',`
stream_connect_pattern($1, rpcbind_runtime_t, rpcbind_runtime_t,
rpcbind_t)
')
-########################################
-## <summary>
-## Read rpcbind pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`rpcbind_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Search rpcbind lib directories.
diff --git a/policy/modules/services/samba.if b/policy/modules/services/samba.if
index 92eab06d7..05e713672 100644
--- a/policy/modules/services/samba.if
+++ b/policy/modules/services/samba.if
@@ -705,21 +705,6 @@ interface(`samba_run_winbind_helper',`
roleattribute $2 winbind_helper_roles;
')
-########################################
-## <summary>
-## Read winbind pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`samba_read_winbind_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
samba_read_winbind_runtime_files() instead.')
- samba_read_winbind_runtime_files($1)
-')
-
########################################
## <summary>
## Read winbind runtime files.
diff --git a/policy/modules/services/sanlock.if
b/policy/modules/services/sanlock.if
index 2fe384a52..d6c94ecc6 100644
--- a/policy/modules/services/sanlock.if
+++ b/policy/modules/services/sanlock.if
@@ -38,21 +38,6 @@ interface(`sanlock_initrc_domtrans',`
init_labeled_script_domtrans($1, sanlock_initrc_exec_t)
')
-######################################
-## <summary>
-## Create, read, write, and delete
-## sanlock pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`sanlock_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Connect to sanlock with a unix
diff --git a/policy/modules/services/smokeping.if
b/policy/modules/services/smokeping.if
index 83c55e279..27b89ed7f 100644
--- a/policy/modules/services/smokeping.if
+++ b/policy/modules/services/smokeping.if
@@ -38,35 +38,6 @@ interface(`smokeping_initrc_domtrans',`
init_labeled_script_domtrans($1, smokeping_initrc_exec_t)
')
-########################################
-## <summary>
-## Read smokeping pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`smokeping_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
-########################################
-## <summary>
-## Create, read, write, and delete
-## smokeping pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`smokeping_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Get attributes of smokeping lib files.
diff --git a/policy/modules/services/spamassassin.if
b/policy/modules/services/spamassassin.if
index b530a76f8..86afba2d0 100644
--- a/policy/modules/services/spamassassin.if
+++ b/policy/modules/services/spamassassin.if
@@ -363,21 +363,6 @@ interface(`spamassassin_manage_lib_files',`
manage_files_pattern($1, spamd_var_lib_t, spamd_var_lib_t)
')
-########################################
-## <summary>
-## Read spamd pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`spamassassin_read_spamd_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
spamassassin_read_spamd_runtime_files() instead.')
- spamassassin_read_spamd_runtime_files($1)
-')
-
########################################
## <summary>
## Read spamd runtime files.
diff --git a/policy/modules/services/sssd.if b/policy/modules/services/sssd.if
index 481441451..491ff9ae5 100644
--- a/policy/modules/services/sssd.if
+++ b/policy/modules/services/sssd.if
@@ -155,36 +155,6 @@ interface(`sssd_manage_public_files',`
manage_files_pattern($1, sssd_public_t, sssd_public_t)
')
-########################################
-## <summary>
-## Read sssd pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`sssd_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
sssd_read_runtime_files() instead.')
- sssd_read_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Create, read, write, and delete
-## sssd pid content. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`sssd_manage_pids',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Read sssd runtime files.
diff --git a/policy/modules/services/tuned.if b/policy/modules/services/tuned.if
index 6fd0f35f0..aecfe22fc 100644
--- a/policy/modules/services/tuned.if
+++ b/policy/modules/services/tuned.if
@@ -38,35 +38,6 @@ interface(`tuned_exec',`
can_exec($1, tuned_exec_t)
')
-######################################
-## <summary>
-## Read tuned pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`tuned_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
-#######################################
-## <summary>
-## Create, read, write, and delete
-## tuned pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`tuned_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Execute tuned init scripts in
diff --git a/policy/modules/services/uuidd.if b/policy/modules/services/uuidd.if
index b1469d3c1..a7868f17a 100644
--- a/policy/modules/services/uuidd.if
+++ b/policy/modules/services/uuidd.if
@@ -116,20 +116,6 @@ interface(`uuidd_manage_lib_dirs',`
manage_dirs_pattern($1, uuidd_var_lib_t, uuidd_var_lib_t)
')
-########################################
-## <summary>
-## Read uuidd pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`uuidd_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Connect to uuidd with an unix
diff --git a/policy/modules/services/vdagent.if
b/policy/modules/services/vdagent.if
index d31894325..73fc90d25 100644
--- a/policy/modules/services/vdagent.if
+++ b/policy/modules/services/vdagent.if
@@ -56,20 +56,6 @@ interface(`vdagent_getattr_log',`
allow $1 vdagent_log_t:file getattr_file_perms;
')
-########################################
-## <summary>
-## Read vdagent pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`vdagent_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
#####################################
## <summary>
## Connect to vdagent with a unix
diff --git a/policy/modules/services/vhostmd.if
b/policy/modules/services/vhostmd.if
index 3e737dd01..831bbefe2 100644
--- a/policy/modules/services/vhostmd.if
+++ b/policy/modules/services/vhostmd.if
@@ -115,35 +115,6 @@ interface(`vhostmd_manage_tmpfs_files',`
manage_files_pattern($1, vhostmd_tmpfs_t, vhostmd_tmpfs_t)
')
-########################################
-## <summary>
-## Read vhostmd pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`vhostmd_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
-########################################
-## <summary>
-## Create, read, write, and delete
-## vhostmd pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`vhostmd_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Connect to vhostmd with a unix
diff --git a/policy/modules/services/virt.if b/policy/modules/services/virt.if
index b98a9de74..5592eb8ee 100644
--- a/policy/modules/services/virt.if
+++ b/policy/modules/services/virt.if
@@ -740,36 +740,6 @@ interface(`virt_home_filetrans_virt_home',`
userdom_user_home_dir_filetrans($1, virt_home_t, $2, $3)
')
-########################################
-## <summary>
-## Read virt pid files. (Depprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`virt_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
virt_read_runtime_files() instead.')
- virt_read_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Create, read, write, and delete
-## virt pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`virt_manage_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Read virt runtime files.
@@ -882,38 +852,6 @@ interface(`virt_manage_lib_files',`
manage_files_pattern($1, virt_var_lib_t, virt_var_lib_t)
')
-########################################
-## <summary>
-## Create objects in virt pid
-## directories with a private type. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="private type">
-## <summary>
-## The type of the object to be created.
-## </summary>
-## </param>
-## <param name="object">
-## <summary>
-## The object class of the object being created.
-## </summary>
-## </param>
-## <param name="name" optional="true">
-## <summary>
-## The name of the object being created.
-## </summary>
-## </param>
-## <infoflow type="write" weight="10"/>
-#
-interface(`virt_pid_filetrans',`
- refpolicywarn(`$0($*) has been deprecated, please use
virt_runtime_filetrans() instead.')
- virt_runtime_filetrans($1, $2, $3, $4)
-')
-
########################################
## <summary>
## Read virt log files.
diff --git a/policy/modules/services/xserver.if
b/policy/modules/services/xserver.if
index 6ee85e0a9..ba98628b3 100644
--- a/policy/modules/services/xserver.if
+++ b/policy/modules/services/xserver.if
@@ -994,21 +994,6 @@ interface(`xserver_delete_xdm_tmp_sockets',`
delete_sock_files_pattern($1, xdm_tmp_t, xdm_tmp_t)
')
-########################################
-## <summary>
-## Read XDM pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xserver_read_xdm_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
xserver_read_xdm_runtime_files() instead.')
- xserver_read_xdm_runtime_files($1)
-')
-
########################################
## <summary>
## Read XDM runtime files.
diff --git a/policy/modules/services/zabbix.if
b/policy/modules/services/zabbix.if
index 11f1e5f73..49aaa9a5e 100644
--- a/policy/modules/services/zabbix.if
+++ b/policy/modules/services/zabbix.if
@@ -78,20 +78,6 @@ interface(`zabbix_append_log',`
append_files_pattern($1, zabbix_log_t, zabbix_log_t)
')
-########################################
-## <summary>
-## Read zabbix pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`zabbix_read_pid_files',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
########################################
## <summary>
## Connect to zabbix agent on the TCP network.
diff --git a/policy/modules/system/authlogin.if
b/policy/modules/system/authlogin.if
index 029804c60..7ffc81534 100644
--- a/policy/modules/system/authlogin.if
+++ b/policy/modules/system/authlogin.if
@@ -1123,95 +1123,6 @@ interface(`auth_manage_var_auth',`
allow $1 var_auth_t:lnk_file rw_lnk_file_perms;
')
-########################################
-## <summary>
-## Read PAM PID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`auth_read_pam_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
auth_read_pam_runtime_files() instead.')
- auth_read_pam_runtime_files($1)
-')
-
-#######################################
-## <summary>
-## Do not audit attempts to read PAM PID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-#
-interface(`auth_dontaudit_read_pam_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
auth_dontaudit_read_pam_runtime_files() instead.')
- auth_dontaudit_read_pam_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Create specified objects in
-## pid directories with the pam var
-## run file type using a
-## file type transition. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="object_class">
-## <summary>
-## Class of the object being created.
-## </summary>
-## </param>
-## <param name="name" optional="true">
-## <summary>
-## The name of the object being created.
-## </summary>
-## </param>
-#
-interface(`auth_pid_filetrans_pam_var_run',`
- refpolicywarn(`$0($*) has been deprecated, please use
auth_runtime_filetrans_pam_runtime() instead.')
- auth_runtime_filetrans_pam_runtime($1, $2, $3)
-')
-
-########################################
-## <summary>
-## Delete pam PID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`auth_delete_pam_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
auth_delete_pam_runtime_files() instead.')
- auth_delete_pam_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Manage pam PID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`auth_manage_pam_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
auth_manage_pam_runtime_dirs(); auth_manage_pam_runtime_files() instead.')
- auth_manage_pam_runtime_dirs($1)
- auth_manage_pam_runtime_files($1)
-')
-
########################################
## <summary>
## Manage pam runtime dirs.
@@ -1493,34 +1404,6 @@ interface(`auth_delete_pam_console_data',`
delete_files_pattern($1, pam_var_console_t, pam_var_console_t)
')
-########################################
-## <summary>
-## Create specified objects in
-## pid directories with the pam var
-## console pid file type using a
-## file type transition. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="object_class">
-## <summary>
-## Class of the object being created.
-## </summary>
-## </param>
-## <param name="name" optional="true">
-## <summary>
-## The name of the object being created.
-## </summary>
-## </param>
-#
-interface(`auth_pid_filetrans_pam_var_console',`
- refpolicywarn(`$0($*) has been deprecated, please use
auth_runtime_filetrans_pam_var_console() instead.')
- auth_runtime_filetrans_pam_var_console($1, $2, $3)
-')
-
########################################
## <summary>
## Create specified objects in generic
diff --git a/policy/modules/system/init.if b/policy/modules/system/init.if
index 5b5c06127..1186e6d2c 100644
--- a/policy/modules/system/init.if
+++ b/policy/modules/system/init.if
@@ -638,33 +638,6 @@ interface(`init_dyntrans',`
dyntrans_pattern($1, init_t)
')
-########################################
-## <summary>
-## Mark the file type as a daemon pid file, allowing initrc_t
-## to create it (Deprecated)
-## </summary>
-## <param name="filetype">
-## <summary>
-## Type to mark as a daemon pid file
-## </summary>
-## </param>
-## <param name="class">
-## <summary>
-## Class on which the type is applied
-## </summary>
-## </param>
-## <param name="filename">
-## <summary>
-## Filename of the file that the init script creates
-## </summary>
-## </param>
-#
-interface(`init_daemon_pid_file',`
- refpolicywarn(`$0($*) has been deprecated, please use
init_daemon_runtime_file() instead.')
- init_daemon_runtime_file($1, $2, $3)
-
-')
-
########################################
## <summary>
## Mark the file type as a daemon runtime file, allowing initrc_t
@@ -1532,127 +1505,6 @@ interface(`init_var_lib_filetrans',`
filetrans_pattern($1, init_var_lib_t, $2, $3, $4)
')
-######################################
-## <summary>
-## Allow search directory in the /run/systemd directory. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`init_search_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
init_search_runtime() instead.')
- init_search_runtime($1)
-')
-
-######################################
-## <summary>
-## Allow listing of the /run/systemd directory. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`init_list_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
init_list_runtime() instead.')
- init_list_runtime($1)
-')
-
-######################################
-## <summary>
-## Create symbolic links in the /run/systemd directory. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`init_manage_pid_symlinks', `
- refpolicywarn(`$0($*) has been deprecated, please use
init_manage_runtime_symlinks() instead.')
- init_manage_runtime_symlinks($1)
-')
-
-######################################
-## <summary>
-## Create files in the /run/systemd directory. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`init_create_pid_files', `
- refpolicywarn(`$0($*) has been deprecated, please use
init_create_runtime_files() instead.')
- init_create_runtime_files($1)
-')
-
-######################################
-## <summary>
-## Write files in the /run/systemd directory. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`init_write_pid_files', `
- refpolicywarn(`$0($*) has been deprecated, please use
init_write_runtime_files() instead.')
- init_write_runtime_files($1)
-')
-
-######################################
-## <summary>
-## Create, read, write, and delete
-## directories in the /run/systemd directory. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`init_manage_pid_dirs', `
- refpolicywarn(`$0($*) has been deprecated, please use
init_manage_runtime_dirs() instead.')
- init_manage_runtime_dirs($1)
-')
-
-########################################
-## <summary>
-## Create files in an init PID directory. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="file_type">
-## <summary>
-## The type of the object to be created
-## </summary>
-## </param>
-## <param name="object_class">
-## <summary>
-## The object class.
-## </summary>
-## </param>
-## <param name="name" optional="true">
-## <summary>
-## The name of the object being created.
-## </summary>
-## </param>
-#
-interface(`init_pid_filetrans',`
- refpolicywarn(`$0($*) has been deprecated, please use
init_runtime_filetrans() instead.')
- init_runtime_filetrans($*)
-')
-
######################################
## <summary>
## Search init runtime directories, e.g. /run/systemd.
diff --git a/policy/modules/system/ipsec.if b/policy/modules/system/ipsec.if
index 5d29bb0c8..2183207f4 100644
--- a/policy/modules/system/ipsec.if
+++ b/policy/modules/system/ipsec.if
@@ -246,37 +246,6 @@ interface(`ipsec_setcontext_default_spd',`
allow $1 ipsec_spd_t:association setcontext;
')
-########################################
-## <summary>
-## write the ipsec_runtime_t files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`ipsec_write_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
ipsec_write_runtime_files() instead.')
- ipsec_write_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Create, read, write, and delete the IPSEC pid files.
-## (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`ipsec_manage_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
ipsec_manage_runtime_files() instead.')
- ipsec_manage_runtime_files($1)
-')
-
########################################
## <summary>
## Write ipsec runtime files.
diff --git a/policy/modules/system/iptables.if
b/policy/modules/system/iptables.if
index af9c54632..f1ddfcdee 100644
--- a/policy/modules/system/iptables.if
+++ b/policy/modules/system/iptables.if
@@ -235,21 +235,6 @@ interface(`iptables_mounton_runtime_files',`
allow $1 iptables_runtime_t:file mounton;
')
-########################################
-## <summary>
-## dontaudit reading iptables_runtime_t (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit.
-## </summary>
-## </param>
-#
-interface(`iptables_dontaudit_read_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
iptables_dontaudit_read_runtime_files() instead.')
- iptables_dontaudit_read_runtime_files($1)
-')
-
########################################
## <summary>
## Do not audit reading iptables runtime files.
diff --git a/policy/modules/system/logging.if b/policy/modules/system/logging.if
index 3d810e6bd..34da975bb 100644
--- a/policy/modules/system/logging.if
+++ b/policy/modules/system/logging.if
@@ -863,21 +863,6 @@ interface(`logging_delete_devlog_socket',`
allow $1 devlog_t:sock_file unlink;
')
-########################################
-## <summary>
-## Create, read, write, and delete syslog PID sockets. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`logging_manage_pid_sockets',`
- refpolicywarn(`$0($*) has been deprecated, please use
logging_manage_runtime_sockets() instead.')
- logging_manage_runtime_sockets($1)
-')
-
########################################
## <summary>
## Create, read, write, and delete syslog PID sockets.
diff --git a/policy/modules/system/lvm.if b/policy/modules/system/lvm.if
index 468cbcaa8..2f0a2bb37 100644
--- a/policy/modules/system/lvm.if
+++ b/policy/modules/system/lvm.if
@@ -172,20 +172,6 @@ interface(`lvm_create_lock_dirs',`
files_add_entry_lock_dirs($1)
')
-########################################
-## <summary>
-## Read and write a lvm unnamed pipe. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`lvm_rw_inherited_pid_pipes',`
- refpolicywarn(`$0($*) has been deprecated.')
-')
-
######################################
## <summary>
## All of the rules required to
diff --git a/policy/modules/system/modutils.if
b/policy/modules/system/modutils.if
index 05563897f..08ec09779 100644
--- a/policy/modules/system/modutils.if
+++ b/policy/modules/system/modutils.if
@@ -38,21 +38,6 @@ interface(`modutils_read_module_deps',`
allow $1 modules_dep_t:file { read_file_perms map };
')
-########################################
-## <summary>
-## Read the kernel modules. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`modutils_read_module_objects',`
- refpolicywarn(`$0($*) has been deprecated, please use
files_mmap_read_kernel_modules() instead.')
- files_mmap_read_kernel_modules($1)
-')
-
########################################
## <summary>
## Read the configuration options used when
diff --git a/policy/modules/system/raid.if b/policy/modules/system/raid.if
index 6b3959b00..9cdffaff8 100644
--- a/policy/modules/system/raid.if
+++ b/policy/modules/system/raid.if
@@ -46,37 +46,6 @@ interface(`raid_run_mdadm',`
roleattribute $1 mdadm_roles;
')
-########################################
-## <summary>
-## read mdadm pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`raid_read_mdadm_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
raid_read_mdadm_runtime_files() instead.')
- raid_read_mdadm_runtime_files($1)
-')
-
-########################################
-## <summary>
-## Create, read, write, and delete
-## mdadm pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`raid_manage_mdadm_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
raid_manage_mdadm_runtime_files() instead.')
- raid_manage_mdadm_runtime_files($1)
-')
-
########################################
## <summary>
## Read mdadm runtime files.
diff --git a/policy/modules/system/sysnetwork.if
b/policy/modules/system/sysnetwork.if
index 77c175970..5bf1a6f8c 100644
--- a/policy/modules/system/sysnetwork.if
+++ b/policy/modules/system/sysnetwork.if
@@ -548,36 +548,6 @@ interface(`sysnet_manage_config',`
')
')
-#######################################
-## <summary>
-## Read the dhcp client pid file. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`sysnet_read_dhcpc_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
sysnet_read_dhcpc_runtime_files() instead.')
- sysnet_read_dhcpc_runtime_files($1)
-')
-
-#######################################
-## <summary>
-## Delete the dhcp client pid file. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`sysnet_delete_dhcpc_pid',`
- refpolicywarn(`$0($*) has been deprecated, please use
sysnet_delete_dhcpc_runtime_files() instead.')
- sysnet_delete_dhcpc_runtime_files($1)
-')
-
#######################################
## <summary>
## Read dhcp client runtime files.
diff --git a/policy/modules/system/systemd.if b/policy/modules/system/systemd.if
index 9dc91fbb7..df33315c8 100644
--- a/policy/modules/system/systemd.if
+++ b/policy/modules/system/systemd.if
@@ -1113,51 +1113,6 @@ interface(`systemd_map_hwdb',`
allow $1 systemd_hwdb_t:file map;
')
-######################################
-## <summary>
-## Read systemd_login PID files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`systemd_read_logind_pids',`
- refpolicywarn(`$0($*) has been deprecated, please use
systemd_read_logind_runtime_files() instead.')
- systemd_read_logind_runtime_files($1)
-')
-
-######################################
-## <summary>
-## Manage systemd_login PID pipes. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`systemd_manage_logind_pid_pipes',`
- refpolicywarn(`$0($*) has been deprecated, please use
systemd_manage_logind_runtime_pipes() instead.')
- systemd_manage_logind_runtime_pipes($1)
-')
-
-######################################
-## <summary>
-## Write systemd_login named pipe. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`systemd_write_logind_pid_pipes',`
- refpolicywarn(`$0($*) has been deprecated, please use
systemd_write_logind_runtime_pipes() instead.')
- systemd_write_logind_runtime_pipes($1)
-')
-
######################################
## <summary>
## Watch systemd-logind runtime dirs.
@@ -1709,21 +1664,6 @@ interface(`systemd_watch_passwd_runtime_dirs',`
allow $1 systemd_passwd_runtime_t:dir watch;
')
-########################################
-## <summary>
-## manage systemd unit dirs and the files in them (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`systemd_manage_all_units',`
- refpolicywarn(`$0() has been deprecated, use
init_manage_all_unit_files() instead.')
- init_manage_all_unit_files($1)
-')
-
########################################
## <summary>
## Allow domain to list the contents of systemd_journal_t dirs
diff --git a/policy/modules/system/userdomain.if
b/policy/modules/system/userdomain.if
index b345fdf77..f3308eca2 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -3881,33 +3881,6 @@ interface(`userdom_delete_all_user_runtime_chr_files',`
delete_chr_files_pattern($1, user_runtime_content_type,
user_runtime_content_type)
')
-########################################
-## <summary>
-## Create objects in the pid directory
-## with an automatic type transition to
-## the user runtime root type. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="object_class">
-## <summary>
-## The class of the object to be created.
-## </summary>
-## </param>
-## <param name="name" optional="true">
-## <summary>
-## The name of the object being created.
-## </summary>
-## </param>
-#
-interface(`userdom_pid_filetrans_user_runtime_root',`
- refpolicywarn(`$0($*) has been deprecated, please use
userdom_runtime_filetrans_user_runtime_root() instead.')
- userdom_runtime_filetrans_user_runtime_root($1, $2, $3)
-')
-
########################################
## <summary>
## Create objects in the runtime directory
diff --git a/policy/modules/system/xen.if b/policy/modules/system/xen.if
index e6ab03870..7f5301580 100644
--- a/policy/modules/system/xen.if
+++ b/policy/modules/system/xen.if
@@ -176,21 +176,6 @@ interface(`xen_manage_log',`
manage_files_pattern($1, xend_var_log_t, xend_var_log_t)
')
-#######################################
-## <summary>
-## Read xenstored pid files. (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`xen_read_xenstored_pid_files',`
- refpolicywarn(`$0($*) has been deprecated, please use
xen_read_xenstored_runtime_files() instead.')
- xen_read_xenstored_runtime_files($1)
-')
-
#######################################
## <summary>
## Read xenstored runtime files.
@@ -272,31 +257,6 @@ interface(`xen_stream_connect',`
stream_connect_pattern($1, xend_var_lib_t, xend_var_lib_t, xend_t)
')
-########################################
-## <summary>
-## Create in a xend_runtime_t directory (Deprecated)
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-## <param name="private type">
-## <summary>
-## The type of the object to be created.
-## </summary>
-## </param>
-## <param name="object">
-## <summary>
-## The object class of the object being created.
-## </summary>
-## </param>
-#
-interface(`xen_pid_filetrans',`
- refpolicywarn(`$0($*) has been deprecated, please use
xen_runtime_filetrans() instead.')
- xen_runtime_filetrans($1, $2, $3)
-')
-
########################################
## <summary>
## Create in a xend_runtime_t directory
