Changeset 214

Timestamp:

07/18/08 15:08:23 (5 months ago)

Author:

jmowery

Message:

initial attempt at removing all calls to interfaces with global corenet permissions

Files:

• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/amanda.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/apt.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/backup.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/dpkg.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/firstboot.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/mrtg.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/netutils.te (modified) (3 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/portage.if (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/rpm.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/sxid.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/vpn.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/calamaris.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/evolution.if (modified) (3 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/games.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/gift.if (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/gpg.if (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/irc.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/java.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/mozilla.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/qemu.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/qemu.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/screen.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/thunderbird.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/uml.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/vmware.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/webalizer.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/yam.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/kernel/kernel.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/afs.te (modified) (5 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/amavis.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/apache.if (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/apache.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/apcupsd.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/arpwatch.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/asterisk.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/automount.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/avahi.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/bind.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/bluetooth.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/canna.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/ccs.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/cipe.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/clamav.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/comsat.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/courier.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/cron.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/cron.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/cups.te (modified) (5 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/cvs.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/cyrus.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/dante.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/dbskk.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/dbus.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/dcc.te (modified) (6 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/ddclient.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/dhcp.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/dictd.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/distcc.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/djbdns.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/dnsmasq.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/dovecot.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/exim.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/fetchmail.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/finger.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/ftp.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/gatekeeper.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/hal.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/howl.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/i18n_input.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/imaze.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/inetd.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/inn.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/ircd.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/jabber.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/kerberos.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/kerberos.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/kerneloops.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/ktalk.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/ldap.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/lpd.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/lpd.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/mailman.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/monop.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/mta.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/munin.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/mysql.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/nagios.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/nessus.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/networkmanager.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/nis.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/nis.te (modified) (4 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/nscd.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/nsd.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/ntop.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/ntp.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/nx.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/oav.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/openvpn.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/pcscd.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/pegasus.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/perdition.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/portmap.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/portslave.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/postfix.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/postfix.te (modified) (3 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/postfixpolicyd.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/postgresql.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/postgrey.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/ppp.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/prelude.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/privoxy.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/procmail.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/pyzor.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/radius.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/radvd.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/razor.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/razor.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/rdisc.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/rhgb.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/ricci.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/rlogin.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/roundup.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/rpc.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/rpcbind.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/rshd.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/rsync.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/rwho.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/samba.te (modified) (6 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/sasl.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/sendmail.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/setroubleshoot.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/smartmon.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/snmp.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/snort.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/soundserver.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/spamassassin.if (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/spamassassin.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/squid.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/ssh.if (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/stunnel.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/tcpd.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/telnet.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/tftp.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/timidity.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/tor.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/transproxy.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/ucspitcp.te (modified) (2 diffs)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/uucp.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/uwimap.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/virt.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/watchdog.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/xfs.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/xprint.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/xserver.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/xserver.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/services/zebra.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/system/hotplug.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/system/init.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/system/ipsec.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/system/iscsi.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/system/logging.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/system/lvm.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/system/mount.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/system/sysnetwork.te (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/system/userdomain.if (modified) (1 diff)
• branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/system/xen.te (modified) (2 diffs)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/amanda.te

@@ -118 +118 @@
-corenet_all_recvfrom_unlabeled(amanda_t)
-corenet_all_recvfrom_netlabel(amanda_t)
-all
-all
-all
-all_nodes
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic
+generic
+generic
+generic_node
+generic_node
+generic_node
+generic_port
+generic_port
-corenet_tcp_bind_all_nodes(amanda_t)
-corenet_udp_bind_all_nodes(amanda_t)
@@ -199 +199 @@
-corenet_all_recvfrom_unlabeled(amanda_recover_t)
-corenet_all_recvfrom_netlabel(amanda_recover_t)
-all
-all
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic
+generic
+generic_node
+generic_node
+generic_port
+generic_port
-corenet_tcp_bind_all_nodes(amanda_recover_t)
-corenet_udp_bind_all_nodes(amanda_recover_t)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/apt.te

@@ -82 +82 @@
-corenet_all_recvfrom_unlabeled(apt_t)
-corenet_all_recvfrom_netlabel(apt_t)
-all
-all
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic
+generic
+generic_node
+generic_node
+generic_port
+generic_port
-# TODO: reall allow all these?
-corenet_tcp_bind_all_nodes(apt_t)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/backup.te

@@ -43 +43 @@
-corenet_udp_sendrecv_generic_if(backup_t)
-corenet_raw_sendrecv_generic_if(backup_t)
-all_nodes
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic_node
+generic_node
+generic_node
+generic_port
+generic_port
-corenet_tcp_connect_all_ports(backup_t)
-corenet_sendrecv_all_client_packets(backup_t)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/dpkg.te

@@ -93 +93 @@
-corenet_all_recvfrom_unlabeled(dpkg_t)
-corenet_all_recvfrom_netlabel(dpkg_t)
-all
-all
-all
-all_nodes
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic
+generic
+generic
+generic_node
+generic_node
+generic_node
+generic_port
+generic_port
-corenet_tcp_connect_all_ports(dpkg_t)
-corenet_sendrecv_all_client_packets(dpkg_t)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/firstboot.te

@@ -46 +46 @@
-corenet_all_recvfrom_unlabeled(firstboot_t)
-corenet_all_recvfrom_netlabel(firstboot_t)
-all
-all_nodes
-all_ports
+generic
+generic_node
+generic_port
-
-dev_read_urand(firstboot_t)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/mrtg.te

@@ -68 +68 @@
-corenet_tcp_sendrecv_generic_if(mrtg_t)
-corenet_udp_sendrecv_generic_if(mrtg_t)
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic_node
+generic_node
+generic_port
+generic_port
-corenet_tcp_connect_all_ports(mrtg_t)
-corenet_sendrecv_all_client_packets(mrtg_t)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/netutils.te

@@ -54 +54 @@
-corenet_all_recvfrom_unlabeled(netutils_t)
-corenet_all_recvfrom_netlabel(netutils_t)
-all
-all
-all
-all_nodes
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic
+generic
+generic
+generic_node
+generic_node
+generic_node
+generic_port
+generic_port
-corenet_tcp_connect_all_ports(netutils_t)
-corenet_sendrecv_all_client_packets(netutils_t)
@@ -111 +111 @@
-corenet_all_recvfrom_unlabeled(ping_t)
-corenet_all_recvfrom_netlabel(ping_t)
-all
-all
-all_nodes
-all_nodes
-all_ports
+generic
+generic
+generic_node
+generic_node
+generic_port
-
-fs_dontaudit_getattr_xattr_fs(ping_t)
@@ -175 +175 @@
-corenet_all_recvfrom_unlabeled(traceroute_t)
-corenet_all_recvfrom_netlabel(traceroute_t)
-all
-all
-all
-all_nodes
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic
+generic
+generic
+generic_node
+generic_node
+generic_node
+generic_port
+generic_port
-corenet_udp_bind_all_nodes(traceroute_t)
-corenet_tcp_bind_all_nodes(traceroute_t)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/portage.if

@@ -160 +160 @@
-        corenet_udp_sendrecv_generic_if($1)
-        corenet_raw_sendrecv_generic_if($1)
-all_nodes
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic_node
+generic_node
+generic_node
+generic_port
+generic_port
-        corenet_tcp_connect_all_reserved_ports($1)
-        corenet_tcp_connect_distccd_port($1)
@@ -253 +253 @@
-        corenet_all_recvfrom_netlabel($1)
-        corenet_tcp_sendrecv_generic_if($1)
-all_nodes
-all_ports
+generic_node
+generic_port
-        # would rather not connect to unspecified ports, but
-        # it occasionally comes up

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/rpm.te

@@ -97 +97 @@
-corenet_all_recvfrom_unlabeled(rpm_t)
-corenet_all_recvfrom_netlabel(rpm_t)
-all
-all
-all
-all_nodes
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic
+generic
+generic
+generic_node
+generic_node
+generic_node
+generic_port
+generic_port
-corenet_tcp_connect_all_ports(rpm_t)
-corenet_sendrecv_all_client_packets(rpm_t)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/sxid.te

@@ -46 +46 @@
-corenet_tcp_sendrecv_generic_if(sxid_t)
-corenet_udp_sendrecv_generic_if(sxid_t)
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic_node
+generic_node
+generic_port
+generic_port
-
-dev_read_sysfs(sxid_t)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/admin/vpn.te

@@ -49 +49 @@
-corenet_all_recvfrom_unlabeled(vpnc_t)
-corenet_all_recvfrom_netlabel(vpnc_t)
-all
-all
-all
-all_nodes
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic
+generic
+generic
+generic_node
+generic_node
+generic_node
+generic_port
+generic_port
-corenet_udp_bind_all_nodes(vpnc_t)
-corenet_udp_bind_generic_port(vpnc_t)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/calamaris.te

@@ -45 +45 @@
-corenet_tcp_sendrecv_generic_if(calamaris_t)
-corenet_udp_sendrecv_generic_if(calamaris_t)
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic_node
+generic_node
+generic_port
+generic_port
-
-dev_read_urand(calamaris_t)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/evolution.if

@@ -189 +189 @@
-        corenet_udp_sendrecv_generic_if($1_evolution_t)
-        corenet_raw_sendrecv_generic_if($1_evolution_t)
-all_nodes
-all_nodes
+generic_node
+generic_node
-        corenet_tcp_sendrecv_pop_port($1_evolution_t)
-        corenet_udp_sendrecv_pop_port($1_evolution_t)
@@ -678 +678 @@
-        corenet_all_recvfrom_netlabel($1_evolution_server_t)
-        corenet_tcp_sendrecv_generic_if($1_evolution_server_t)
-all_nodes
+generic_node
-        corenet_tcp_sendrecv_http_port($1_evolution_server_t)
-        corenet_tcp_sendrecv_http_cache_port($1_evolution_server_t)
@@ -757 +757 @@
-        corenet_tcp_sendrecv_generic_if($1_evolution_webcal_t)
-        corenet_raw_sendrecv_generic_if($1_evolution_webcal_t)
-all_nodes
-all_nodes
+generic_node
+generic_node
-        corenet_tcp_sendrecv_http_port($1_evolution_webcal_t)
-        corenet_tcp_sendrecv_http_cache_port($1_evolution_webcal_t)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/games.if

@@ -96 +96 @@
-        corenet_tcp_sendrecv_generic_if($1_games_t)
-        corenet_udp_sendrecv_generic_if($1_games_t)
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic_node
+generic_node
+generic_port
+generic_port
-        corenet_tcp_bind_all_nodes($1_games_t)
-        corenet_tcp_bind_generic_port($1_games_t)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/gift.if

@@ -98 +98 @@
-        corenet_all_recvfrom_netlabel($1_gift_t)
-        corenet_tcp_sendrecv_generic_if($1_gift_t)
-all_nodes
+generic_node
-        corenet_tcp_sendrecv_giftd_port($1_gift_t)
-        corenet_tcp_connect_giftd_port($1_gift_t)
@@ -159 +159 @@
-        corenet_tcp_sendrecv_generic_if($1_giftd_t)
-        corenet_udp_sendrecv_generic_if($1_giftd_t)
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic_node
+generic_node
+generic_port
+generic_port
-        corenet_tcp_bind_all_nodes($1_giftd_t)
-        corenet_udp_bind_all_nodes($1_giftd_t)

branch/RHEL-5.2-20080702merge/src/selinux-policy-clip/policy/modules/apps/gpg.if

@@ -97 +97 @@
-        corenet_all_recvfrom_unlabeled($1_gpg_t)
-        corenet_all_recvfrom_netlabel($1_gpg_t)
-all
-all
-all_nodes
-all_nodes
-all_ports
-all_ports
+generic
+generic
+generic_node
+generic_node
+generic_port
+