[refpolicy] [ admin layer patch 2/2] Kernel layer xml fixes.
Christopher J. PeBenito
cpebenito at tresys.com
Thu Aug 5 09:04:05 CDT 2010
On 08/05/10 08:57, Dominick Grift wrote:
> Signed-off-by: Dominick Grift<domg472 at gmail.com>
Merged.
> ---
> :100644 100644 314731b... ef1d72a... M policy/modules/kernel/corecommands.if
> :100644 100644 f13a505... cac0c64... M policy/modules/kernel/devices.if
> :100644 100644 deb03ea... 41f36ed... M policy/modules/kernel/domain.if
> :100644 100644 28cb589... 8d3dfad... M policy/modules/kernel/files.if
> :100644 100644 9b79f4a... e3e17ba... M policy/modules/kernel/filesystem.if
> :100644 100644 b46db36... ed7667a... M policy/modules/kernel/kernel.if
> :100644 100644 677f82a... f8b357c... M policy/modules/kernel/selinux.if
> :100644 100644 d7ca7b2... 3723150... M policy/modules/kernel/storage.if
> :100644 100644 4d9d592... 492bf76... M policy/modules/kernel/terminal.if
> policy/modules/kernel/corecommands.if | 18 +++---
> policy/modules/kernel/devices.if | 64 ++++++++++++------------
> policy/modules/kernel/domain.if | 38 +++++++-------
> policy/modules/kernel/files.if | 56 ++++++++++----------
> policy/modules/kernel/filesystem.if | 34 ++++++------
> policy/modules/kernel/kernel.if | 90 ++++++++++++++++----------------
> policy/modules/kernel/selinux.if | 20 ++++----
> policy/modules/kernel/storage.if | 2 +-
> policy/modules/kernel/terminal.if | 24 ++++----
> 9 files changed, 173 insertions(+), 173 deletions(-)
>
> diff --git a/policy/modules/kernel/corecommands.if b/policy/modules/kernel/corecommands.if
> index 314731b..ef1d72a 100644
> --- a/policy/modules/kernel/corecommands.if
> +++ b/policy/modules/kernel/corecommands.if
> @@ -131,7 +131,7 @@ interface(`corecmd_search_bin',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -167,7 +167,7 @@ interface(`corecmd_list_bin',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -410,7 +410,7 @@ interface(`corecmd_mmap_bin_files',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain allowed to transition.
> ## </summary>
> ##</param>
> ##<param name="target_domain">
> @@ -453,7 +453,7 @@ interface(`corecmd_bin_spec_domtrans',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain allowed to transition.
> ## </summary>
> ##</param>
> ##<param name="target_domain">
> @@ -713,7 +713,7 @@ interface(`corecmd_mmap_sbin_files',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain allowed to transition.
> ## </summary>
> ##</param>
> ##<param name="target_domain">
> @@ -754,7 +754,7 @@ interface(`corecmd_sbin_domtrans',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain allowed to transition.
> ## </summary>
> ##</param>
> ##<param name="target_domain">
> @@ -861,7 +861,7 @@ interface(`corecmd_exec_ls',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain allowed to transition.
> ## </summary>
> ##</param>
> ##<param name="target_domain">
> @@ -896,7 +896,7 @@ interface(`corecmd_shell_spec_domtrans',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain allowed to transition.
> ## </summary>
> ##</param>
> ##<param name="target_domain">
> @@ -1001,7 +1001,7 @@ interface(`corecmd_exec_all_executables',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain allowed to not audit.
> ## </summary>
> ##</param>
> #
> diff --git a/policy/modules/kernel/devices.if b/policy/modules/kernel/devices.if
> index f13a505..cac0c64 100644
> --- a/policy/modules/kernel/devices.if
> +++ b/policy/modules/kernel/devices.if
> @@ -77,7 +77,7 @@ interface(`dev_node',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed to relabel.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -103,7 +103,7 @@ interface(`dev_relabel_all_dev_nodes',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed to list device nodes.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -140,7 +140,7 @@ interface(`dev_setattr_generic_dirs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to dontaudit listing of device nodes.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -158,7 +158,7 @@ interface(`dev_dontaudit_list_all_dev_nodes',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed to add entries.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -176,7 +176,7 @@ interface(`dev_add_entry_generic_dirs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed to add entries.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -194,7 +194,7 @@ interface(`dev_remove_entry_generic_dirs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed to create the directory.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -213,7 +213,7 @@ interface(`dev_create_generic_dirs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed to create the directory.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -231,7 +231,7 @@ interface(`dev_delete_generic_dirs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed to relabel.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -249,7 +249,7 @@ interface(`dev_manage_generic_dirs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed to relabel.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -321,7 +321,7 @@ interface(`dev_delete_generic_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed to create the files.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -339,7 +339,7 @@ interface(`dev_manage_generic_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to dontaudit.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -375,7 +375,7 @@ interface(`dev_getattr_generic_blk_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to dontaudit access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -393,7 +393,7 @@ interface(`dev_dontaudit_getattr_generic_blk_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to dontaudit access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -465,7 +465,7 @@ interface(`dev_getattr_generic_chr_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to dontaudit access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -483,7 +483,7 @@ interface(`dev_dontaudit_getattr_generic_chr_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to dontaudit access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -682,7 +682,7 @@ interface(`dev_manage_all_dev_nodes',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to dontaudit access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -816,7 +816,7 @@ interface(`dev_getattr_all_blk_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to dontaudit access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -854,7 +854,7 @@ interface(`dev_getattr_all_chr_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to dontaudit access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1636,7 +1636,7 @@ interface(`dev_rw_dri',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to dontaudit access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1838,7 +1838,7 @@ interface(`dev_read_framebuffer',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2181,7 +2181,7 @@ interface(`dev_rw_lvm_control',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2217,7 +2217,7 @@ interface(`dev_delete_lvm_control_dev',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2355,7 +2355,7 @@ interface(`dev_getattr_misc_dev',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2392,7 +2392,7 @@ interface(`dev_setattr_misc_dev',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2870,7 +2870,7 @@ interface(`dev_create_null_dev',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -3106,7 +3106,7 @@ interface(`dev_read_rand',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -3125,7 +3125,7 @@ interface(`dev_dontaudit_read_rand',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -3489,7 +3489,7 @@ interface(`dev_getattr_smartcard_dev',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -3580,7 +3580,7 @@ interface(`dev_search_sysfs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -3665,7 +3665,7 @@ interface(`dev_read_sysfs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type modifying hardware state information.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -3946,7 +3946,7 @@ interface(`dev_search_usbfs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type getting the list.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -4007,7 +4007,7 @@ interface(`dev_read_usbfs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type modifying the options.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> diff --git a/policy/modules/kernel/domain.if b/policy/modules/kernel/domain.if
> index deb03ea..41f36ed 100644
> --- a/policy/modules/kernel/domain.if
> +++ b/policy/modules/kernel/domain.if
> @@ -402,7 +402,7 @@ interface(`domain_use_interactive_fds',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -727,7 +727,7 @@ interface(`domain_ptrace_all_domains',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -755,7 +755,7 @@ interface(`domain_dontaudit_ptrace_all_domains',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -774,7 +774,7 @@ interface(`domain_dontaudit_ptrace_confined_domains',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -799,7 +799,7 @@ interface(`domain_dontaudit_read_all_domains_state',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -836,7 +836,7 @@ interface(`domain_getsession_all_domains',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -949,7 +949,7 @@ interface(`domain_dontaudit_getattr_all_sockets',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -968,7 +968,7 @@ interface(`domain_dontaudit_getattr_all_tcp_sockets',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -987,7 +987,7 @@ interface(`domain_dontaudit_getattr_all_udp_sockets',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1006,7 +1006,7 @@ interface(`domain_dontaudit_rw_all_udp_sockets',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1025,7 +1025,7 @@ interface(`domain_dontaudit_getattr_all_key_sockets',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1044,7 +1044,7 @@ interface(`domain_dontaudit_getattr_all_packet_sockets',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1063,7 +1063,7 @@ interface(`domain_dontaudit_getattr_all_raw_sockets',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1082,7 +1082,7 @@ interface(`domain_dontaudit_rw_all_key_sockets',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1120,7 +1120,7 @@ interface(`domain_getattr_all_stream_sockets',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1168,7 +1168,7 @@ interface(`domain_getattr_all_pipes',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1187,7 +1187,7 @@ interface(`domain_dontaudit_getattr_all_pipes',`
> ##</summary>
> ##<param name="type">
> ## <summary>
> -## Type of subject to be allowed this.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -1341,7 +1341,7 @@ interface(`domain_mmap_all_entry_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain allowed to transition.
> ## </summary>
> ##</param>
> ##<param name="target_domain">
> @@ -1368,7 +1368,7 @@ interface(`domain_entry_file_spec_domtrans',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed to mmap low memory.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
> index 28cb589..8d3dfad 100644
> --- a/policy/modules/kernel/files.if
> +++ b/policy/modules/kernel/files.if
> @@ -511,7 +511,7 @@ interface(`files_mounton_non_security',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to allow
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -529,7 +529,7 @@ interface(`files_write_non_security_dirs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to allow
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -674,7 +674,7 @@ interface(`files_read_non_security_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the domain perfoming this action.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<param name="exception_types" optional="true">
> @@ -699,7 +699,7 @@ interface(`files_read_all_dirs_except',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the domain perfoming this action.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<param name="exception_types" optional="true">
> @@ -724,7 +724,7 @@ interface(`files_read_all_files_except',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the domain perfoming this action.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<param name="exception_types" optional="true">
> @@ -1031,7 +1031,7 @@ interface(`files_read_all_chr_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the domain perfoming this action.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<param name="exception_types" optional="true">
> @@ -1069,7 +1069,7 @@ interface(`files_relabel_all_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the domain perfoming this action.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<param name="exception_types" optional="true">
> @@ -1095,7 +1095,7 @@ interface(`files_rw_all_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the domain perfoming this action.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<param name="exception_types" optional="true">
> @@ -1168,7 +1168,7 @@ interface(`files_list_all',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1281,7 +1281,7 @@ interface(`files_unmount_all_file_type_fs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of domain performing this action
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##
> @@ -1300,7 +1300,7 @@ interface(`files_manage_config_dirs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Type of domain performing this action
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##
> @@ -1339,7 +1339,7 @@ interface(`files_read_config_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of domain performing this action
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##
> @@ -1358,7 +1358,7 @@ interface(`files_manage_config_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Type of domain performing this action
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##
> @@ -1470,7 +1470,7 @@ interface(`files_list_root',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1537,7 +1537,7 @@ interface(`files_dontaudit_read_root_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1556,7 +1556,7 @@ interface(`files_dontaudit_rw_root_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1683,7 +1683,7 @@ interface(`files_search_boot',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2715,7 +2715,7 @@ interface(`files_getattr_isid_type_dirs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2943,7 +2943,7 @@ interface(`files_delete_isid_type_blk_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -3792,7 +3792,7 @@ interface(`files_search_tmp',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -4010,7 +4010,7 @@ interface(`files_dontaudit_getattr_all_tmp_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain not to audit.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -4209,7 +4209,7 @@ interface(`files_rw_usr_dirs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -4339,7 +4339,7 @@ interface(`files_exec_usr_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -4630,7 +4630,7 @@ interface(`files_dontaudit_write_var_dirs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to not audit.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -4741,7 +4741,7 @@ interface(`files_rw_var_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -5455,7 +5455,7 @@ interface(`files_rw_generic_pids',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -5473,7 +5473,7 @@ interface(`files_dontaudit_getattr_all_pids',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -5491,7 +5491,7 @@ interface(`files_dontaudit_write_all_pids',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if
> index 9b79f4a..e3e17ba 100644
> --- a/policy/modules/kernel/filesystem.if
> +++ b/policy/modules/kernel/filesystem.if
> @@ -330,7 +330,7 @@ interface(`fs_rw_anon_inodefs_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1084,7 +1084,7 @@ interface(`fs_read_noxattr_fs_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1204,7 +1204,7 @@ interface(`fs_append_cifs_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -1343,7 +1343,7 @@ interface(`fs_manage_cifs_dirs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1478,7 +1478,7 @@ interface(`fs_manage_cifs_named_sockets',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain allowed to transition.
> ## </summary>
> ##</param>
> ##<param name="target_domain">
> @@ -1999,7 +1999,7 @@ interface(`fs_list_inotifyfs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2412,7 +2412,7 @@ interface(`fs_append_nfs_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -2469,7 +2469,7 @@ interface(`fs_read_nfs_symlinks',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2918,7 +2918,7 @@ interface(`fs_manage_nfs_named_sockets',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain allowed to transition.
> ## </summary>
> ##</param>
> ##<param name="target_domain">
> @@ -3197,7 +3197,7 @@ interface(`fs_search_ramfs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -3234,7 +3234,7 @@ interface(`fs_manage_ramfs_dirs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -3252,7 +3252,7 @@ interface(`fs_dontaudit_read_ramfs_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -3308,7 +3308,7 @@ interface(`fs_write_ramfs_pipes',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -3677,7 +3677,7 @@ interface(`fs_getattr_tmpfs_dirs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -3947,7 +3947,7 @@ interface(`fs_rw_tmpfs_chr_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -4341,7 +4341,7 @@ interface(`fs_dontaudit_getattr_all_fs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the domain getting quotas.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -4360,7 +4360,7 @@ interface(`fs_get_all_fs_quotas',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the domain setting quotas.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
> index b46db36..ed7667a 100644
> --- a/policy/modules/kernel/kernel.if
> +++ b/policy/modules/kernel/kernel.if
> @@ -130,7 +130,7 @@ interface(`kernel_setsched',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the process sending the signal.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -148,7 +148,7 @@ interface(`kernel_sigchld',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the process sending the signal.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -166,7 +166,7 @@ interface(`kernel_kill',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the process sending the signal.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -203,7 +203,7 @@ interface(`kernel_share_state',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the process using the descriptors.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -336,7 +336,7 @@ interface(`kernel_udp_recvfrom',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type to allow to load kernel modules.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -378,7 +378,7 @@ interface(`kernel_search_key',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -414,7 +414,7 @@ interface(`kernel_link_key',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -432,7 +432,7 @@ interface(`kernel_dontaudit_link_key',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type allowed to read the ring buffer.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -451,7 +451,7 @@ interface(`kernel_read_ring_buffer',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The domain to not audit.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -488,7 +488,7 @@ interface(`kernel_change_ring_buffer_level',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type clearing the buffer.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -592,7 +592,7 @@ interface(`kernel_getattr_debugfs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the domain mounting the filesystem.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -610,7 +610,7 @@ interface(`kernel_mount_debugfs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the domain unmounting the filesystem.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -628,7 +628,7 @@ interface(`kernel_unmount_debugfs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the domain remounting the filesystem.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -664,7 +664,7 @@ interface(`kernel_search_debugfs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -702,7 +702,7 @@ interface(`kernel_read_debugfs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the domain mounting the filesystem.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -720,7 +720,7 @@ interface(`kernel_mount_kvmfs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the domain unmounting the filesystem.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -922,7 +922,7 @@ interface(`kernel_write_proc_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type not to audit.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -941,7 +941,7 @@ interface(`kernel_dontaudit_read_system_state',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type not to audit.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -979,7 +979,7 @@ interface(`kernel_rw_afs_state',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type reading software raid state.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -1000,7 +1000,7 @@ interface(`kernel_read_software_raid_state',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type reading software raid state.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -1020,7 +1020,7 @@ interface(`kernel_rw_software_raid_state',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type getting the attibutes.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -1041,7 +1041,7 @@ interface(`kernel_getattr_core_if',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type to not audit.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1083,7 +1083,7 @@ interface(`kernel_read_core_if',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type reading the messages.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -1105,7 +1105,7 @@ interface(`kernel_read_messages',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type getting the attributes.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -1124,7 +1124,7 @@ interface(`kernel_getattr_message_if',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type not to audit.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1143,7 +1143,7 @@ interface(`kernel_dontaudit_getattr_message_if',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type reading the state.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> ##
> @@ -1162,7 +1162,7 @@ interface(`kernel_dontaudit_search_network_state',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type reading the state.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##
> @@ -1214,7 +1214,7 @@ interface(`kernel_read_network_state',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type reading the state.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -1234,7 +1234,7 @@ interface(`kernel_read_network_state_symlinks',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type reading the state.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##
> @@ -1254,7 +1254,7 @@ interface(`kernel_search_xen_state',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type reading the state.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> ##
> @@ -1273,7 +1273,7 @@ interface(`kernel_dontaudit_search_xen_state',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type reading the state.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##
> @@ -1295,7 +1295,7 @@ interface(`kernel_read_xen_state',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type reading the state.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##
> @@ -1316,7 +1316,7 @@ interface(`kernel_read_xen_state_symlinks',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type writing the state.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##
> @@ -1335,7 +1335,7 @@ interface(`kernel_write_xen_state',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to not audit.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -1374,7 +1374,7 @@ interface(`kernel_dontaudit_list_all_proc',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type not to audit.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> ##
> @@ -1393,7 +1393,7 @@ interface(`kernel_dontaudit_search_sysctl',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type to allow to read sysctl directories.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##
> @@ -1413,7 +1413,7 @@ interface(`kernel_read_sysctl',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type to allow to read the device sysctls.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -1535,7 +1535,7 @@ interface(`kernel_search_network_sysctl',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type not to audit.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2052,7 +2052,7 @@ interface(`kernel_kill_unlabeled',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the domain mounting the filesystem.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -2253,7 +2253,7 @@ interface(`kernel_rw_unlabeled_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type not to audit.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2291,7 +2291,7 @@ interface(`kernel_dontaudit_read_unlabeled_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type not to audit.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2310,7 +2310,7 @@ interface(`kernel_dontaudit_getattr_unlabeled_symlinks',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type not to audit.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2329,7 +2329,7 @@ interface(`kernel_dontaudit_getattr_unlabeled_pipes',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type not to audit.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2348,7 +2348,7 @@ interface(`kernel_dontaudit_getattr_unlabeled_sockets',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type not to audit.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -2385,7 +2385,7 @@ interface(`kernel_rw_unlabeled_blk_files',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type not to audit.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> diff --git a/policy/modules/kernel/selinux.if b/policy/modules/kernel/selinux.if
> index 677f82a..f8b357c 100644
> --- a/policy/modules/kernel/selinux.if
> +++ b/policy/modules/kernel/selinux.if
> @@ -213,7 +213,7 @@ interface(`selinux_dontaudit_read_fs',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type to allow to get the enforcing mode.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -244,7 +244,7 @@ interface(`selinux_get_enforce_mode',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## The process type to allow to set the enforcement mode.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -276,7 +276,7 @@ interface(`selinux_set_enforce_mode',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type that will load the policy.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -323,7 +323,7 @@ interface(`selinux_load_policy',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## The process type allowed to set the Boolean.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -350,7 +350,7 @@ interface(`selinux_set_boolean',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## The process type allowed to set the Boolean.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -391,7 +391,7 @@ interface(`selinux_set_generic_booleans',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## The process type allowed to set the Boolean.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -433,7 +433,7 @@ interface(`selinux_set_all_booleans',`
> ##</desc>
> ##<param name="domain">
> ## <summary>
> -## The process type to allow to set security parameters.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -457,7 +457,7 @@ interface(`selinux_set_parameters',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type permitted to validate contexts.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -499,7 +499,7 @@ interface(`selinux_dontaudit_validate_context',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type allowed to compute an access vector.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -591,7 +591,7 @@ interface(`selinux_compute_relabel_context',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The process type allowed to compute user contexts.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> diff --git a/policy/modules/kernel/storage.if b/policy/modules/kernel/storage.if
> index d7ca7b2..3723150 100644
> --- a/policy/modules/kernel/storage.if
> +++ b/policy/modules/kernel/storage.if
> @@ -351,7 +351,7 @@ interface(`storage_getattr_fuse_dev',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain to not audit.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> diff --git a/policy/modules/kernel/terminal.if b/policy/modules/kernel/terminal.if
> index 4d9d592..492bf76 100644
> --- a/policy/modules/kernel/terminal.if
> +++ b/policy/modules/kernel/terminal.if
> @@ -245,7 +245,7 @@ interface(`term_read_console',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> ##<rolecap/>
> @@ -285,7 +285,7 @@ interface(`term_use_console',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -420,7 +420,7 @@ interface(`term_search_ptys',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -557,7 +557,7 @@ interface(`term_setattr_generic_ptys',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -676,7 +676,7 @@ interface(`term_dontaudit_getattr_ptmx',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## The type of the process to allow access.
> +## Domain allowed access.
> ## </summary>
> ##</param>
> #
> @@ -739,7 +739,7 @@ interface(`term_getattr_all_ptys',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1028,7 +1028,7 @@ interface(`term_getattr_unallocated_ttys',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1068,7 +1068,7 @@ interface(`term_setattr_unallocated_ttys',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1087,7 +1087,7 @@ interface(`term_dontaudit_setattr_unallocated_ttys',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1245,7 +1245,7 @@ interface(`term_getattr_all_ttys',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1343,7 +1343,7 @@ interface(`term_use_all_ttys',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
> @@ -1380,7 +1380,7 @@ interface(`term_getattr_all_user_ttys',`
> ##</summary>
> ##<param name="domain">
> ## <summary>
> -## Domain allowed access.
> +## Domain to not audit.
> ## </summary>
> ##</param>
> #
>
>
>
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com
More information about the refpolicy
mailing list