[refpolicy] [PATCH 2/3] Move non-contrib policy to the new non_auth_file_type interfaces

[James Carter]

Replaces auth_*_except_auth_files interfaces with files_*_non_auth_* interfaces.


Signed-off-by: James Carter <jwcart2 at tycho.nsa.gov>
---
 policy/modules/kernel/kernel.te      |    8 ++++----
 policy/modules/roles/secadm.te       |    2 +-
 policy/modules/system/mount.te       |    4 ++--
 policy/modules/system/selinuxutil.te |    4 ++--
 policy/modules/system/userdomain.if  |    6 +++---
 5 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/policy/modules/kernel/kernel.te b/policy/modules/kernel/kernel.te
index 8340ca8..6edf52a 100644
--- a/policy/modules/kernel/kernel.te
+++ b/policy/modules/kernel/kernel.te
@@ -342,9 +342,9 @@ optional_policy(`
 		fs_read_noxattr_fs_files(kernel_t)
 		fs_read_noxattr_fs_symlinks(kernel_t)
 
-		auth_read_all_dirs_except_auth_files(kernel_t)
-		auth_read_all_files_except_auth_files(kernel_t)
-		auth_read_all_symlinks_except_auth_files(kernel_t)
+		files_read_non_auth_dirs(kernel_t)
+		files_read_non_auth_files(kernel_t)
+		files_read_non_auth_symlinks(kernel_t)
 	')
 
 	tunable_policy(`nfs_export_all_rw',`
@@ -353,7 +353,7 @@ optional_policy(`
 		fs_read_noxattr_fs_files(kernel_t)
 		fs_read_noxattr_fs_symlinks(kernel_t)
 
-		auth_manage_all_files_except_auth_files(kernel_t)
+		files_manage_non_auth_files(kernel_t)
 	')
 ')
 
diff --git a/policy/modules/roles/secadm.te b/policy/modules/roles/secadm.te
index 89ddeaa..63f22d5 100644
--- a/policy/modules/roles/secadm.te
+++ b/policy/modules/roles/secadm.te
@@ -30,7 +30,7 @@ mls_file_upgrade(secadm_t)
 mls_file_downgrade(secadm_t)
 
 auth_role(secadm_r, secadm_t)
-auth_relabel_all_files_except_auth_files(secadm_t)
+files_relabel_non_auth_files(secadm_t)
 auth_relabel_shadow(secadm_t)
 
 init_exec(secadm_t)
diff --git a/policy/modules/system/mount.te b/policy/modules/system/mount.te
index fba350b..654526d 100644
--- a/policy/modules/system/mount.te
+++ b/policy/modules/system/mount.te
@@ -145,8 +145,8 @@ ifdef(`distro_ubuntu',`
 ')
 
 tunable_policy(`allow_mount_anyfile',`
-	auth_read_all_dirs_except_auth_files(mount_t)
-	auth_read_all_files_except_auth_files(mount_t)
+	files_read_non_auth_dirs(mount_t)
+	files_read_non_auth_files(mount_t)
 	files_mounton_non_security(mount_t)
 ')
 
diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
index ab78aea..2cc83fe 100644
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@@ -339,8 +339,8 @@ selinux_compute_create_context(restorecond_t)
 selinux_compute_relabel_context(restorecond_t)
 selinux_compute_user_contexts(restorecond_t)
 
-auth_relabel_all_files_except_auth_files(restorecond_t )
-auth_read_all_files_except_auth_files(restorecond_t)
+files_relabel_non_auth_files(restorecond_t )
+files_read_non_auth_files(restorecond_t)
 auth_use_nsswitch(restorecond_t)
 
 locallogin_dontaudit_use_fds(restorecond_t)
diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index a6b2f79..a094ec7 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -1134,9 +1134,9 @@ template(`userdom_admin_user_template',`
 
 	auth_getattr_shadow($1_t)
 	# Manage almost all files
-	auth_manage_all_files_except_auth_files($1_t)
+	files_manage_non_auth_files($1_t)
 	# Relabel almost all files
-	auth_relabel_all_files_except_auth_files($1_t)
+	files_relabel_non_auth_files($1_t)
 
 	init_telinit($1_t)
 
@@ -1224,7 +1224,7 @@ template(`userdom_security_admin_template',`
 	selinux_set_all_booleans($1)
 	selinux_set_parameters($1)
 
-	auth_relabel_all_files_except_auth_files($1)
+	files_relabel_non_auth_files($1)
 	auth_relabel_shadow($1)
 
 	init_exec($1)
-- 
1.7.7.6