Tree - rpms/selinux-policy - src.fedoraproject.org

rpms / selinux-policy

Overview Files Commits Branches Forks Releases
Monitoring status:

Bugzilla Assignee:

Fedora:: zpytela
EPEL:: zpytela
Files

Commit: ae5a64804038ce6e0527b44ec4d0d457e41601a2
Blob Blame History Raw
diff --git a/chrome.te b/chrome.te
index fb60ffc..7d937cb 100644
--- a/chrome.te
+++ b/chrome.te
@@ -114,8 +114,8 @@ miscfiles_read_fonts(chrome_sandbox_t)
 
 sysnet_dns_name_resolve(chrome_sandbox_t)
 
-userdom_rw_inherited_user_tmpfs_files(chrome_sandbox_t)
-userdom_execute_user_tmpfs_files(chrome_sandbox_t)
+userdom_rw_inherited_user_tmp_files(chrome_sandbox_t)
+userdom_execute_user_tmp_files(chrome_sandbox_t)
 
 userdom_use_user_ptys(chrome_sandbox_t)
 userdom_write_inherited_user_tmp_files(chrome_sandbox_t)
@@ -236,8 +236,8 @@ init_read_state(chrome_sandbox_nacl_t)
 libs_legacy_use_shared_libs(chrome_sandbox_nacl_t)
 
 userdom_use_inherited_user_ptys(chrome_sandbox_nacl_t)
-userdom_rw_inherited_user_tmpfs_files(chrome_sandbox_nacl_t)
-userdom_execute_user_tmpfs_files(chrome_sandbox_nacl_t)
+userdom_rw_inherited_user_tmp_files(chrome_sandbox_nacl_t)
+userdom_execute_user_tmp_files(chrome_sandbox_nacl_t)
 userdom_rw_inherited_user_tmp_files(chrome_sandbox_nacl_t)
 userdom_dontaudit_read_user_home_content_files(chrome_sandbox_nacl_t)
 userdom_dontaudit_use_user_terminals(chrome_sandbox_nacl_t)
diff --git a/colord.te b/colord.te
index 5425ddf..3d5988c 100644
--- a/colord.te
+++ b/colord.te
@@ -112,7 +112,7 @@ logging_send_syslog_msg(colord_t)
 
 systemd_read_logind_sessions_files(colord_t)
 
-userdom_rw_user_tmpfs_files(colord_t)
+userdom_rw_user_tmp_files(colord_t)
 userdom_home_reader(colord_t)
 userdom_list_user_home_content(colord_t)
 userdom_read_inherited_user_home_content_files(colord_t)
diff --git a/corosync.te b/corosync.te
index e827567..837e0a8 100644
--- a/corosync.te
+++ b/corosync.te
@@ -108,8 +108,8 @@ logging_send_syslog_msg(corosync_t)
 miscfiles_read_localization(corosync_t)
 
 userdom_read_user_tmp_files(corosync_t)
-userdom_delete_user_tmpfs_files(corosync_t)
-userdom_rw_user_tmpfs_files(corosync_t)
+userdom_delete_user_tmp_files(corosync_t)
+userdom_rw_user_tmp_files(corosync_t)
 
 optional_policy(`
 	fs_manage_tmpfs_files(corosync_t)
diff --git a/gpg.te b/gpg.te
index 695e8fa..fe77236 100644
--- a/gpg.te
+++ b/gpg.te
@@ -364,9 +364,9 @@ miscfiles_read_fonts(gpg_pinentry_t)
 
 # for .Xauthority
 userdom_read_user_home_content_files(gpg_pinentry_t)
-userdom_read_user_tmpfs_files(gpg_pinentry_t)
+userdom_read_user_tmp_files(gpg_pinentry_t)
 # Bug: user pulseaudio files need open,read and unlink:
-allow gpg_pinentry_t user_tmpfs_t:file unlink;
+allow gpg_pinentry_t user_tmp_t:file unlink;
 userdom_signull_unpriv_users(gpg_pinentry_t)
 userdom_use_user_terminals(gpg_pinentry_t)
 
diff --git a/journalctl.te b/journalctl.te
index 5de3229..e1d6594 100644
--- a/journalctl.te
+++ b/journalctl.te
@@ -36,8 +36,7 @@ fs_getattr_all_fs(journalctl_t)
 userdom_list_user_home_dirs(journalctl_t)
 userdom_read_user_home_content_files(journalctl_t)
 userdom_use_inherited_user_ptys(journalctl_t)
-userdom_write_inherited_user_tmp_files(journalctl_t)
-userdom_rw_inherited_user_tmpfs_files(journalctl_t)
+userdom_rw_inherited_user_tmp_files(journalctl_t)
 userdom_rw_inherited_user_home_content_files(journalctl_t)
 
 miscfiles_read_localization(journalctl_t)
diff --git a/kismet.te b/kismet.te
index c070420..4e66536 100644
--- a/kismet.te
+++ b/kismet.te
@@ -96,7 +96,7 @@ corenet_tcp_connect_rtsclient_port(kismet_t)
 auth_use_nsswitch(kismet_t)
 
 userdom_use_inherited_user_terminals(kismet_t)
-userdom_read_user_tmpfs_files(kismet_t)
+userdom_read_user_tmp_files(kismet_t)
 
 optional_policy(`
 	dbus_system_bus_client(kismet_t)
diff --git a/mozilla.te b/mozilla.te
index ad56dac..01dc360 100644
--- a/mozilla.te
+++ b/mozilla.te
@@ -357,7 +357,6 @@ manage_fifo_files_pattern(mozilla_plugin_t, mozilla_plugin_tmp_t, mozilla_plugin
 manage_sock_files_pattern(mozilla_plugin_t, mozilla_plugin_tmp_t, mozilla_plugin_tmp_t)
 files_tmp_filetrans(mozilla_plugin_t, mozilla_plugin_tmp_t, { dir file fifo_file sock_file lnk_file })
 userdom_user_tmp_filetrans(mozilla_plugin_t, mozilla_plugin_tmp_t, { dir file fifo_file sock_file })
-xserver_xdm_tmp_filetrans(mozilla_plugin_t, mozilla_plugin_tmp_t, { dir file fifo_file sock_file lnk_file })
 can_exec(mozilla_plugin_t, mozilla_plugin_tmp_t)
 
 manage_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
@@ -365,7 +364,6 @@ manage_lnk_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugi
 manage_fifo_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
 manage_sock_files_pattern(mozilla_plugin_t, mozilla_plugin_tmpfs_t, mozilla_plugin_tmpfs_t)
 fs_tmpfs_filetrans(mozilla_plugin_t, mozilla_plugin_tmpfs_t, { file lnk_file sock_file fifo_file })
-userdom_tmpfs_filetrans_to(mozilla_plugin_t, mozilla_plugin_tmpfs_t, { file lnk_file sock_file fifo_file })
 userdom_manage_home_texlive(mozilla_plugin_t)
 
 allow mozilla_plugin_t mozilla_plugin_rw_t:dir list_dir_perms;
@@ -484,8 +482,6 @@ term_getattr_ptmx(mozilla_plugin_t)
 term_dontaudit_use_ptmx(mozilla_plugin_t)
 
 userdom_dontaudit_setattr_user_tmpfs(mozilla_plugin_t)
-userdom_rw_user_tmpfs_files(mozilla_plugin_t)
-userdom_delete_user_tmpfs_files(mozilla_plugin_t)
 userdom_dontaudit_use_user_terminals(mozilla_plugin_t)
 userdom_manage_user_tmp_sockets(mozilla_plugin_t)
 userdom_manage_user_tmp_dirs(mozilla_plugin_t)
diff --git a/mpd.te b/mpd.te
index 92632e8..953e3bf 100644
--- a/mpd.te
+++ b/mpd.te
@@ -172,7 +172,7 @@ tunable_policy(`mpd_enable_homedirs',`
 	userdom_stream_connect(mpd_t)
 	userdom_read_home_audio_files(mpd_t)
 	userdom_list_user_tmp(mpd_t)
-	userdom_read_user_tmpfs_files(mpd_t)
+	userdom_read_user_tmp_files(mpd_t)
 	userdom_dontaudit_setattr_user_tmp(mpd_t)
 ')
 
diff --git a/podsleuth.te b/podsleuth.te
index 5bf10ce..c06ace5 100644
--- a/podsleuth.te
+++ b/podsleuth.te
@@ -80,7 +80,7 @@ sysnet_dns_name_resolve(podsleuth_t)
 
 userdom_signal_unpriv_users(podsleuth_t)
 userdom_signull_unpriv_users(podsleuth_t)
-userdom_read_user_tmpfs_files(podsleuth_t)
+userdom_read_user_tmp_files(podsleuth_t)
 
 optional_policy(`
 	dbus_system_bus_client(podsleuth_t)
diff --git a/pulseaudio.te b/pulseaudio.te
index 1d2470f..64ac070 100644
--- a/pulseaudio.te
+++ b/pulseaudio.te
@@ -97,7 +97,7 @@ auth_use_nsswitch(pulseaudio_t)
 
 logging_send_syslog_msg(pulseaudio_t)
 
-userdom_read_user_tmpfs_files(pulseaudio_t)
+userdom_read_user_tmp_files(pulseaudio_t)
 
 userdom_search_user_home_dirs(pulseaudio_t)
 userdom_write_user_tmp_sockets(pulseaudio_t)
@@ -224,7 +224,7 @@ pulseaudio_signull(pulseaudio_client)
 
 userdom_manage_user_home_content_files(pulseaudio_client)
 
-userdom_read_user_tmpfs_files(pulseaudio_client)
+userdom_read_user_tmp_files(pulseaudio_client)
 
 tunable_policy(`use_nfs_home_dirs',`
     fs_getattr_nfs(pulseaudio_client)
diff --git a/qemu.te b/qemu.te
index 8c1e989..958c0ef 100644
--- a/qemu.te
+++ b/qemu.te
@@ -52,7 +52,7 @@ storage_raw_write_removable_device(qemu_t)
 storage_raw_read_removable_device(qemu_t)
 
 userdom_search_user_home_content(qemu_t)
-userdom_read_user_tmpfs_files(qemu_t)
+userdom_read_user_tmp_files(qemu_t)
 userdom_stream_connect(qemu_t)
 
 tunable_policy(`qemu_full_network',`
diff --git a/rhcs.te b/rhcs.te
index ec50831..eb9e2ac 100644
--- a/rhcs.te
+++ b/rhcs.te
@@ -219,9 +219,8 @@ init_read_script_state(cluster_t)
 init_rw_script_tmp_files(cluster_t)
 init_manage_script_status_files(cluster_t)
 
-userdom_read_user_tmp_files(cluster_t)
-userdom_delete_user_tmpfs_files(cluster_t)
-userdom_rw_user_tmpfs_files(cluster_t)
+userdom_delete_user_tmp_files(cluster_t)
+userdom_rw_user_tmp_files(cluster_t)
 userdom_kill_all_users(cluster_t)
 
 tunable_policy(`cluster_can_network_connect',`
diff --git a/sandboxX.te b/sandboxX.te
index 956922c..499e739 100644
--- a/sandboxX.te
+++ b/sandboxX.te
@@ -415,8 +415,8 @@ selinux_compute_relabel_context(sandbox_web_type)
 selinux_compute_user_contexts(sandbox_web_type)
 seutil_read_default_contexts(sandbox_web_type)
 
-userdom_rw_user_tmpfs_files(sandbox_web_type)
-userdom_delete_user_tmpfs_files(sandbox_web_type)
+userdom_rw_user_tmp_files(sandbox_web_type)
+userdom_delete_user_tmp_files(sandbox_web_type)
 
 optional_policy(`
 	alsa_read_rw_config(sandbox_web_type)
diff --git a/thumb.te b/thumb.te
index 0e30ce2..bd82684 100644
--- a/thumb.te
+++ b/thumb.te
@@ -46,7 +46,7 @@ manage_files_pattern(thumb_t, thumb_home_t, thumb_home_t)
 userdom_user_home_dir_filetrans(thumb_t, thumb_home_t, dir, ".thumbnails")
 userdom_user_home_dir_filetrans(thumb_t, thumb_home_t, file, "missfont.log")
 userdom_dontaudit_access_check_user_content(thumb_t)
-userdom_rw_inherited_user_tmpfs_files(thumb_t)
+userdom_rw_inherited_user_tmp_files(thumb_t)
 userdom_manage_home_texlive(thumb_t)
 
 manage_files_pattern(thumb_t, thumb_tmp_t, thumb_tmp_t)
@@ -55,7 +55,6 @@ manage_sock_files_pattern(thumb_t, thumb_tmp_t, thumb_tmp_t)
 exec_files_pattern(thumb_t, thumb_tmp_t, thumb_tmp_t)
 files_tmp_filetrans(thumb_t, thumb_tmp_t, { file dir sock_file })
 userdom_user_tmp_filetrans(thumb_t, thumb_tmp_t, { file dir sock_file })
-xserver_xdm_tmp_filetrans(thumb_t, thumb_tmp_t, sock_file)
 
 manage_dirs_pattern(thumb_t, thumb_tmpfs_t, thumb_tmpfs_t)
 manage_files_pattern(thumb_t, thumb_tmpfs_t, thumb_tmpfs_t)
diff --git a/userhelper.if b/userhelper.if
index 35d784a..b25ec0d 100644
--- a/userhelper.if
+++ b/userhelper.if
@@ -315,7 +315,7 @@ template(`userhelper_console_role_template',`
 
 	auth_use_pam($1_consolehelper_t)
 
-	userdom_manage_tmpfs_role($2, $1_consolehelper_t)
+	userdom_manage_tmp_role($2, $1_consolehelper_t)
 
 	optional_policy(`
 		dbus_connect_session_bus($1_consolehelper_t)
rpms / selinux-policy

Source Code

Files
