xdg: move compat interfaces to upstream xdg module

4 files changed, 676 insertions, 1055 deletions

diff --git a/policy/modules/contrib/xdg.fc b/policy/modules/contrib/xdg.fc
deleted file mode 100644
index 2290ea55..00000000
--- a/policy/modules/contrib/xdg.fc
+++ /dev/null
@@ -1,3 +0,0 @@
-HOME_DIR/\.cache(/.*)?		gen_context(system_u:object_r:xdg_cache_home_t,s0)
-HOME_DIR/\.config(/.*)?		gen_context(system_u:object_r:xdg_config_home_t,s0)
-HOME_DIR/\.local(/.*)?		gen_context(system_u:object_r:xdg_data_home_t,s0)
diff --git a/policy/modules/contrib/xdg.if b/policy/modules/contrib/xdg.if
deleted file mode 100644
index b48016a0..00000000
--- a/policy/modules/contrib/xdg.if
+++ /dev/null
@@ -1,1008 +0,0 @@
-## <summary>
-##	XDG Desktop Standard locations
-## </summary>
-
-
-########################################
-## <summary>
-##	Mark the selected type as an xdg_cache_home_type
-## </summary>
-## <param name="type">
-##	<summary>
-##	Type to give the xdg_cache_home_type attribute to
-##	</summary>
-## </param>
-#
-interface(`xdg_cache_home_content',`
-	gen_require(`
-		attribute xdg_cache_home_type;
-	')
-
-	typeattribute $1 xdg_cache_home_type;
-
-	userdom_user_home_content($1)
-')
-
-########################################
-## <summary>
-##	Mark the selected type as an xdg_config_home_type
-## </summary>
-## <param name="type">
-##	<summary>
-##	Type to give the xdg_config_home_type attribute to
-##	</summary>
-## </param>
-#
-interface(`xdg_config_home_content',`
-	gen_require(`
-		attribute xdg_config_home_type;
-	')
-
-	typeattribute $1 xdg_config_home_type;
-
-	userdom_user_home_content($1)
-')
-
-########################################
-## <summary>
-##	Mark the selected type as an xdg_data_home_type
-## </summary>
-## <param name="type">
-##	<summary>
-##	Type to give the xdg_data_home_type attribute to
-##	</summary>
-## </param>
-#
-interface(`xdg_data_home_content',`
-	gen_require(`
-		attribute xdg_data_home_type;
-	')
-
-	typeattribute $1 xdg_data_home_type;
-
-	userdom_user_home_content($1)
-')
-
-########################################
-## <summary>
-##	Read the xdg cache home files
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_read_cache_home_files',`
-	gen_require(`
-		type xdg_cache_home_t;
-	')
-
-	read_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-	allow $1 xdg_cache_home_t:file map;
-	list_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Read all xdg_cache_home_type files
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_read_all_cache_home_files',`
-	gen_require(`
-		attribute xdg_cache_home_type;
-	')
-
-	read_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
-	allow $1 xdg_cache_home_type:file map;
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Create objects in an xdg_cache_home directory
-##	with an automatic type transition to
-##	a specified private type.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-## <param name="private_type">
-##	<summary>
-##	The type of the object to create.
-##	</summary>
-## </param>
-## <param name="object_class">
-##	<summary>
-##	The class of the object to be created.
-##	</summary>
-## </param>
-## <param name="filename" optional="true">
-##	<summary>
-##	Name of the file or directory created
-##	</summary>
-## </param>
-#
-interface(`xdg_cache_home_filetrans',`
-	gen_require(`
-		type xdg_cache_home_t;
-	')
-
-	userdom_search_user_home_dirs($1)
-
-	filetrans_pattern($1, xdg_cache_home_t, $2, $3, $4)
-
-	xdg_create_cache_home_dirs($1)
-	xdg_generic_user_home_dir_filetrans_cache_home($1, dir, ".cache")
-')
-
-########################################
-## <summary>
-##	Create objects in the user home dir with an automatic type transition to
-##	the xdg_cache_home_t type.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-## <param name="object_class">
-##	<summary>
-##	The class of the object to be created.
-##	</summary>
-## </param>
-## <param name="filename" optional="true">
-##	<summary>
-##	Name of the directory created
-##	</summary>
-## </param>
-#
-interface(`xdg_generic_user_home_dir_filetrans_cache_home',`
-	gen_require(`
-		type xdg_cache_home_t;
-	')
-
-	userdom_user_home_dir_filetrans($1, xdg_cache_home_t, $2, $3)
-')
-
-########################################
-## <summary>
-##	Create xdg cache home directories
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-#
-interface(`xdg_create_cache_home_dirs',`
-	gen_require(`
-		type xdg_cache_home_t;
-	')
-
-	allow $1 xdg_cache_home_t:dir create_dir_perms;
-')
-
-########################################
-## <summary>
-##	Manage the xdg cache home files
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_manage_cache_home',`
-	gen_require(`
-		type xdg_cache_home_t;
-	')
-
-	manage_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-	manage_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-	allow $1 xdg_cache_home_t:file map;
-	manage_lnk_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-	manage_fifo_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-	manage_sock_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Manage all the xdg cache home files regardless of their specific type
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_manage_all_cache_home',`
-	gen_require(`
-		attribute xdg_cache_home_type;
-	')
-
-	manage_dirs_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
-	manage_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
-	allow $1 xdg_cache_home_type:file map;
-	manage_lnk_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
-	manage_fifo_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
-	manage_sock_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Allow relabeling the xdg cache home files
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_relabel_cache_home',`
-	gen_require(`
-		type xdg_cache_home_t;
-	')
-
-	relabel_dirs_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-	relabel_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-	relabel_lnk_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-	relabel_fifo_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-	relabel_sock_files_pattern($1, xdg_cache_home_t, xdg_cache_home_t)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Allow relabeling the xdg cache home files, regardless of their specific type
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_relabel_all_cache_home',`
-	gen_require(`
-		attribute xdg_cache_home_type;
-	')
-
-	relabel_dirs_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
-	relabel_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
-	relabel_lnk_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
-	relabel_fifo_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
-	relabel_sock_files_pattern($1, xdg_cache_home_type, xdg_cache_home_type)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Search through the xdg config home directories
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_search_config_home_dirs',`
-	gen_require(`
-		type xdg_config_home_t;
-	')
-
-	search_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Read the xdg config home files
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_read_config_home_files',`
-	gen_require(`
-		type xdg_config_home_t;
-	')
-
-	read_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
-	allow $1 xdg_config_home_t:file map;
-	list_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Read all xdg_config_home_type files
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_read_all_config_home_files',`
-	gen_require(`
-		attribute xdg_config_home_type;
-	')
-
-	read_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
-	allow $1 xdg_config_home_type:file map;
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Create objects in an xdg_config_home directory
-##	with an automatic type transition to
-##	a specified private type.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-## <param name="private_type">
-##	<summary>
-##	The type of the object to create.
-##	</summary>
-## </param>
-## <param name="object_class">
-##	<summary>
-##	The class of the object to be created.
-##	</summary>
-## </param>
-## <param name="filename" optional="true">
-##	<summary>
-##	Name of the file or directory created
-##	</summary>
-## </param>
-#
-interface(`xdg_config_home_filetrans',`
-	gen_require(`
-		type xdg_config_home_t;
-	')
-
-	userdom_search_user_home_dirs($1)
-
-	filetrans_pattern($1, xdg_config_home_t, $2, $3, $4)
-
-	xdg_create_config_home_dirs($1)
-	xdg_generic_user_home_dir_filetrans_config_home($1, dir, ".config")
-
-')
-
-########################################
-## <summary>
-##	Create objects in the user home dir with an automatic type transition to
-##	the xdg_config_home_t type.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-## <param name="object_class">
-##	<summary>
-##	The class of the object to be created.
-##	</summary>
-## </param>
-## <param name="filename" optional="true">
-##	<summary>
-##	Name of the directory created
-##	</summary>
-## </param>
-#
-interface(`xdg_generic_user_home_dir_filetrans_config_home',`
-	gen_require(`
-		type xdg_config_home_t;
-	')
-
-	userdom_user_home_dir_filetrans($1, xdg_config_home_t, $2, $3)
-')
-
-########################################
-## <summary>
-##	Create xdg config home directories
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-#
-interface(`xdg_create_config_home_dirs',`
-	gen_require(`
-		type xdg_config_home_t;
-	')
-
-	allow $1 xdg_config_home_t:dir create_dir_perms;
-')
-
-########################################
-## <summary>
-##	Manage the xdg config home files
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_manage_config_home',`
-	gen_require(`
-		type xdg_config_home_t;
-	')
-
-	manage_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t)
-	manage_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
-	allow $1 xdg_config_home_t:file map;
-	manage_lnk_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
-	manage_fifo_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
-	manage_sock_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Manage all the xdg config home files regardless of their specific type
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_manage_all_config_home',`
-	gen_require(`
-		attribute xdg_config_home_type;
-	')
-
-	manage_dirs_pattern($1, xdg_config_home_type, xdg_config_home_type)
-	manage_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
-	allow $1 xdg_config_home_type:file map;
-	manage_lnk_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
-	manage_fifo_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
-	manage_sock_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Allow relabeling the xdg config home files
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_relabel_config_home',`
-	gen_require(`
-		type xdg_config_home_t;
-	')
-
-	relabel_dirs_pattern($1, xdg_config_home_t, xdg_config_home_t)
-	relabel_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
-	relabel_lnk_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
-	relabel_fifo_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
-	relabel_sock_files_pattern($1, xdg_config_home_t, xdg_config_home_t)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Allow relabeling the xdg config home files, regardless of their specific type
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_relabel_all_config_home',`
-	gen_require(`
-		attribute xdg_config_home_type;
-	')
-
-	relabel_dirs_pattern($1, xdg_config_home_type, xdg_config_home_type)
-	relabel_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
-	relabel_lnk_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
-	relabel_fifo_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
-	relabel_sock_files_pattern($1, xdg_config_home_type, xdg_config_home_type)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Read the xdg data home files
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_read_data_home_files',`
-	gen_require(`
-		type xdg_data_home_t;
-	')
-
-	read_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
-	allow $1 xdg_data_home_t:file map;
-	list_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Read all xdg_data_home_type files
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_read_all_data_home_files',`
-	gen_require(`
-		attribute xdg_data_home_type;
-	')
-
-	read_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
-	allow $1 xdg_data_home_type:file map;
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Create objects in an xdg_data_home directory
-##	with an automatic type transition to
-##	a specified private type.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-## <param name="private_type">
-##	<summary>
-##	The type of the object to create.
-##	</summary>
-## </param>
-## <param name="object_class">
-##	<summary>
-##	The class of the object to be created.
-##	</summary>
-## </param>
-## <param name="filename" optional="true">
-##	<summary>
-##	Optional name of the file or directory created
-##	</summary>
-## </param>
-#
-interface(`xdg_data_home_filetrans',`
-	gen_require(`
-		type xdg_data_home_t;
-	')
-
-	userdom_search_user_home_dirs($1)
-
-	filetrans_pattern($1, xdg_data_home_t, $2, $3, $4)
-
-	xdg_create_data_home_dirs($1)
-	xdg_generic_user_home_dir_filetrans_data_home($1, dir, ".local")
-')
-
-########################################
-## <summary>
-##	Create objects in the user home dir with an automatic type transition to
-##	the xdg_data_home_t type.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-## <param name="object_class">
-##	<summary>
-##	The class of the object to be created.
-##	</summary>
-## </param>
-## <param name="filename" optional="true">
-##	<summary>
-##	Name of the directory created
-##	</summary>
-## </param>
-#
-interface(`xdg_generic_user_home_dir_filetrans_data_home',`
-	gen_require(`
-		type xdg_data_home_t;
-	')
-
-	userdom_user_home_dir_filetrans($1, xdg_data_home_t, $2, $3)
-')
-
-########################################
-## <summary>
-##	Create xdg data home directories
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-#
-interface(`xdg_create_data_home_dirs',`
-	gen_require(`
-		type xdg_data_home_t;
-	')
-
-	allow $1 xdg_data_home_t:dir create_dir_perms;
-')
-
-########################################
-## <summary>
-##	Manage the xdg data home files
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_manage_data_home',`
-	gen_require(`
-		type xdg_data_home_t;
-	')
-
-	manage_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t)
-	manage_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
-	allow $1 xdg_data_home_t:file map;
-	manage_lnk_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
-	manage_fifo_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
-	manage_sock_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Manage all the xdg data home files, regardless of their specific type
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_manage_all_data_home',`
-	gen_require(`
-		attribute xdg_data_home_type;
-	')
-
-	manage_dirs_pattern($1, xdg_data_home_type, xdg_data_home_type)
-	manage_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
-	allow $1 xdg_data_home_type:file map;
-	manage_lnk_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
-	manage_fifo_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
-	manage_sock_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Allow relabeling the xdg data home files
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_relabel_data_home',`
-	gen_require(`
-		type xdg_data_home_t;
-	')
-
-	relabel_dirs_pattern($1, xdg_data_home_t, xdg_data_home_t)
-	relabel_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
-	relabel_lnk_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
-	relabel_fifo_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
-	relabel_sock_files_pattern($1, xdg_data_home_t, xdg_data_home_t)
-
-	userdom_search_user_home_dirs($1)
-')
-
-########################################
-## <summary>
-##	Allow relabeling the xdg data home files, regardless of their type
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`xdg_relabel_all_data_home',`
-	gen_require(`
-		attribute xdg_data_home_type;
-	')
-
-	relabel_dirs_pattern($1, xdg_data_home_type, xdg_data_home_type)
-	relabel_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
-	relabel_lnk_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
-	relabel_fifo_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
-	relabel_sock_files_pattern($1, xdg_data_home_type, xdg_data_home_type)
-
-	userdom_search_user_home_dirs($1)
-')
-
-#########################################
-## <summary>
-##	Read downloaded content
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-#
-interface(`xdg_read_downloads_home',`
-	gen_require(`
-		type xdg_downloads_home_t;
-	')
-
-	read_files_pattern($1, xdg_downloads_home_t, xdg_downloads_home_t)
-	allow $1 xdg_downloads_home_t:file map;
-	list_dirs_pattern($1, xdg_downloads_home_t, xdg_downloads_home_t)
-	read_lnk_files_pattern($1, xdg_downloads_home_t, xdg_downloads_home_t)
-
-	userdom_search_user_home_dirs($1)
-')
-
-#########################################
-## <summary>
-##	Read user video content
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-#
-interface(`xdg_read_videos_home',`
-	gen_require(`
-		type xdg_videos_home_t;
-	')
-
-	read_files_pattern($1, xdg_videos_home_t, xdg_videos_home_t)
-	allow $1 xdg_videos_home_t:file map;
-	list_dirs_pattern($1, xdg_videos_home_t, xdg_videos_home_t)
-	read_lnk_files_pattern($1, xdg_videos_home_t, xdg_videos_home_t)
-
-	userdom_search_user_home_dirs($1)
-')
-
-#########################################
-## <summary>
-##	Read user pictures content
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-#
-interface(`xdg_read_pictures_home',`
-	gen_require(`
-		type xdg_pictures_home_t;
-	')
-
-	read_files_pattern($1, xdg_pictures_home_t, xdg_pictures_home_t)
-	allow $1 xdg_pictures_home_t:file map;
-	list_dirs_pattern($1, xdg_pictures_home_t, xdg_pictures_home_t)
-	read_lnk_files_pattern($1, xdg_pictures_home_t, xdg_pictures_home_t)
-
-	userdom_search_user_home_dirs($1)
-')
-
-#########################################
-## <summary>
-##	Read user music content
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-#
-interface(`xdg_read_music_home',`
-	gen_require(`
-		type xdg_music_home_t;
-	')
-
-	read_files_pattern($1, xdg_music_home_t, xdg_music_home_t)
-	allow $1 xdg_music_home_t:file map;
-	list_dirs_pattern($1, xdg_music_home_t, xdg_music_home_t)
-	read_lnk_files_pattern($1, xdg_music_home_t, xdg_music_home_t)
-
-	userdom_search_user_home_dirs($1)
-')
-
-#########################################
-## <summary>
-##	Create downloaded content
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-#
-interface(`xdg_create_downloads_home',`
-	gen_require(`
-		type xdg_downloads_home_t;
-	')
-
-	create_files_pattern($1, xdg_downloads_home_t, xdg_downloads_home_t)
-	allow $1 xdg_downloads_home_t:file map;
-
-	userdom_search_user_home_dirs($1)
-')
-
-#########################################
-## <summary>
-##	Write downloaded content
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-#
-interface(`xdg_write_downloads_home',`
-	gen_require(`
-		type xdg_downloads_home_t;
-	')
-
-	write_files_pattern($1, xdg_downloads_home_t, xdg_downloads_home_t)
-	allow $1 xdg_downloads_home_t:file map;
-
-	userdom_search_user_home_dirs($1)
-')
-
-#########################################
-## <summary>
-##	Manage downloaded content
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-#
-interface(`xdg_manage_downloads_home',`
-	gen_require(`
-		type xdg_downloads_home_t;
-	')
-
-	manage_dirs_pattern($1, xdg_downloads_home_t, xdg_downloads_home_t)
-	manage_files_pattern($1, xdg_downloads_home_t, xdg_downloads_home_t)
-	manage_lnk_files_pattern($1, xdg_downloads_home_t, xdg_downloads_home_t)
-	allow $1 xdg_downloads_home_t:file map;
-')
-
-#########################################
-## <summary>
-##	Manage documents content
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-#
-interface(`xdg_manage_documents_home',`
-	gen_require(`
-		type xdg_documents_home_t;
-	')
-
-	manage_dirs_pattern($1, xdg_documents_home_t, xdg_documents_home_t)
-	manage_files_pattern($1, xdg_documents_home_t, xdg_documents_home_t)
-	manage_lnk_files_pattern($1, xdg_documents_home_t, xdg_documents_home_t)
-	allow $1 xdg_documents_home_t:file map;
-')
-
-#########################################
-## <summary>
-##	Manage music content
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-#
-interface(`xdg_manage_music_home',`
-	gen_require(`
-		type xdg_music_home_t;
-	')
-
-	manage_dirs_pattern($1, xdg_music_home_t, xdg_music_home_t)
-	manage_files_pattern($1, xdg_music_home_t, xdg_music_home_t)
-	manage_lnk_files_pattern($1, xdg_music_home_t, xdg_music_home_t)
-	allow $1 xdg_music_home_t:file map;
-')
-
-#########################################
-## <summary>
-##	Manage pictures content
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-#
-interface(`xdg_manage_pictures_home',`
-	gen_require(`
-		type xdg_pictures_home_t;
-	')
-
-	manage_dirs_pattern($1, xdg_pictures_home_t, xdg_pictures_home_t)
-	manage_files_pattern($1, xdg_pictures_home_t, xdg_pictures_home_t)
-	manage_lnk_files_pattern($1, xdg_pictures_home_t, xdg_pictures_home_t)
-	allow $1 xdg_pictures_home_t:file map;
-')
-
-#########################################
-## <summary>
-##	Manage video content
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access
-##	</summary>
-## </param>
-#
-interface(`xdg_manage_videos_home',`
-	gen_require(`
-		type xdg_videos_home_t;
-	')
-
-	manage_dirs_pattern($1, xdg_videos_home_t, xdg_videos_home_t)
-	manage_files_pattern($1, xdg_videos_home_t, xdg_videos_home_t)
-	manage_lnk_files_pattern($1, xdg_videos_home_t, xdg_videos_home_t)
-	allow $1 xdg_videos_home_t:file map;
-')
diff --git a/policy/modules/contrib/xdg.te b/policy/modules/contrib/xdg.te
deleted file mode 100644
index 5ec1a128..00000000
--- a/policy/modules/contrib/xdg.te
+++ /dev/null
@@ -1,44 +0,0 @@
-policy_module(xdg, 1.0.0)
-
-########################################
-#
-# Declarations
-#
-
-attribute xdg_data_home_type;
-
-attribute xdg_config_home_type;
-
-attribute xdg_cache_home_type;
-
-# Not used but keep this at least two releases
-# We have noticed that the userdom_manage_home_role call to the xdg functions
-# seems to fail due to this attribute type not existing anymore while the
-# build seems to still require it. By waiting a couple of releases we can be more
-# confident that no calls to xdg_runtime_* are used anymore.
-attribute xdg_runtime_home_type;
-
-type xdg_data_home_t;
-xdg_data_home_content(xdg_data_home_t)
-
-type xdg_config_home_t;
-xdg_config_home_content(xdg_config_home_t)
-
-type xdg_cache_home_t;
-xdg_cache_home_content(xdg_cache_home_t)
-
-# Various user location types (see ~/.config/user-dirs.dirs)
-type xdg_downloads_home_t; # customizable
-userdom_user_home_content(xdg_downloads_home_t)
-
-type xdg_documents_home_t; # customizable
-userdom_user_home_content(xdg_documents_home_t)
-
-type xdg_music_home_t; # customizable
-userdom_user_home_content(xdg_music_home_t)
-
-type xdg_pictures_home_t; # customizable
-userdom_user_home_content(xdg_pictures_home_t)
-
-type xdg_videos_home_t; # customizable
-userdom_user_home_content(xdg_videos_home_t)
diff --git a/policy/modules/system/xdg.if b/policy/modules/system/xdg.if
index 9b4e0083..2fd2e34d 100644
--- a/policy/modules/system/xdg.if
+++ b/policy/modules/system/xdg.if
@@ -1229,3 +1229,679 @@ interface(`xdg_relabel_videos',`
 
 	userdom_search_user_home_dirs($1)
 ')
+
+
+# Gentoo specific under here
+# Compat interfaces for old names that were upstreamed
+
+########################################
+## <summary>
+##	Mark the selected type as an xdg_cache_home_type
+## </summary>
+## <param name="type">
+##	<summary>
+##	Type to give the xdg_cache_home_type attribute to
+##	</summary>
+## </param>
+#
+interface(`xdg_cache_home_content',`
+	xdg_cache_content($1)
+')
+
+########################################
+## <summary>
+##	Mark the selected type as an xdg_config_home_type
+## </summary>
+## <param name="type">
+##	<summary>
+##	Type to give the xdg_config_home_type attribute to
+##	</summary>
+## </param>
+#
+interface(`xdg_config_home_content',`
+	xdg_config_content($1)
+')
+
+########################################
+## <summary>
+##	Mark the selected type as an xdg_data_home_type
+## </summary>
+## <param name="type">
+##	<summary>
+##	Type to give the xdg_data_home_type attribute to
+##	</summary>
+## </param>
+#
+interface(`xdg_data_home_content',`
+	xdg_data_content($1)
+')
+
+########################################
+## <summary>
+##	Read the xdg cache home files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_read_cache_home_files',`
+	xdg_read_cache_files($1)
+')
+
+########################################
+## <summary>
+##	Read all xdg_cache_home_type files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_read_all_cache_home_files',`
+	xdg_read_all_cache_files($1)
+')
+
+########################################
+## <summary>
+##	Create objects in an xdg_cache_home directory
+##	with an automatic type transition to
+##	a specified private type.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <param name="private_type">
+##	<summary>
+##	The type of the object to create.
+##	</summary>
+## </param>
+## <param name="object_class">
+##	<summary>
+##	The class of the object to be created.
+##	</summary>
+## </param>
+## <param name="filename" optional="true">
+##	<summary>
+##	Name of the file or directory created
+##	</summary>
+## </param>
+#
+interface(`xdg_cache_home_filetrans',`
+	xdg_cache_filetrans($1, $2, $3, $4)
+')
+
+########################################
+## <summary>
+##	Create objects in the user home dir with an automatic type transition to
+##	the xdg_cache_home_t type.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <param name="object_class">
+##	<summary>
+##	The class of the object to be created.
+##	</summary>
+## </param>
+## <param name="filename" optional="true">
+##	<summary>
+##	Name of the directory created
+##	</summary>
+## </param>
+#
+interface(`xdg_generic_user_home_dir_filetrans_cache_home',`
+	xdg_generic_user_home_dir_filetrans_cache($1, $2, $3)
+')
+
+########################################
+## <summary>
+##	Create xdg cache home directories
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access
+##	</summary>
+## </param>
+#
+interface(`xdg_create_cache_home_dirs',`
+	xdg_create_cache_dirs($1)
+')
+
+########################################
+## <summary>
+##	Manage the xdg cache home files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_manage_cache_home',`
+	xdg_manage_cache($1)
+')
+
+########################################
+## <summary>
+##	Manage all the xdg cache home files regardless of their specific type
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_manage_all_cache_home',`
+	xdg_manage_all_cache($1)
+')
+
+########################################
+## <summary>
+##	Allow relabeling the xdg cache home files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_relabel_cache_home',`
+	xdg_relabel_cache($1)
+')
+
+########################################
+## <summary>
+##	Allow relabeling the xdg cache home files, regardless of their specific type
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_relabel_all_cache_home',`
+	xdg_relabel_all_cache($1)
+')
+
+########################################
+## <summary>
+##	Search through the xdg config home directories
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_search_config_home_dirs',`
+	xdg_search_config_dirs($1)
+')
+
+########################################
+## <summary>
+##	Read the xdg config home files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_read_config_home_files',`
+	xdg_read_config_files($1)
+')
+
+########################################
+## <summary>
+##	Read all xdg_config_home_type files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_read_all_config_home_files',`
+	xdg_read_all_config_files($1)
+')
+
+########################################
+## <summary>
+##	Create objects in an xdg_config_home directory
+##	with an automatic type transition to
+##	a specified private type.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <param name="private_type">
+##	<summary>
+##	The type of the object to create.
+##	</summary>
+## </param>
+## <param name="object_class">
+##	<summary>
+##	The class of the object to be created.
+##	</summary>
+## </param>
+## <param name="filename" optional="true">
+##	<summary>
+##	Name of the file or directory created
+##	</summary>
+## </param>
+#
+interface(`xdg_config_home_filetrans',`
+	xdg_config_filetrans($1, $2, $3, $4)
+')
+
+########################################
+## <summary>
+##	Create objects in the user home dir with an automatic type transition to
+##	the xdg_config_home_t type.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <param name="object_class">
+##	<summary>
+##	The class of the object to be created.
+##	</summary>
+## </param>
+## <param name="filename" optional="true">
+##	<summary>
+##	Name of the directory created
+##	</summary>
+## </param>
+#
+interface(`xdg_generic_user_home_dir_filetrans_config_home',`
+	xdg_generic_user_home_dir_filetrans_config($1, $2, $3)
+')
+
+########################################
+## <summary>
+##	Create xdg config home directories
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access
+##	</summary>
+## </param>
+#
+interface(`xdg_create_config_home_dirs',`
+	xdg_create_config_dirs($1)
+')
+
+########################################
+## <summary>
+##	Manage the xdg config home files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_manage_config_home',`
+	xdg_manage_config($1)
+')
+
+########################################
+## <summary>
+##	Manage all the xdg config home files regardless of their specific type
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_manage_all_config_home',`
+	xdg_manage_all_config($1)
+')
+
+########################################
+## <summary>
+##	Allow relabeling the xdg config home files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_relabel_config_home',`
+	xdg_relabel_config($1)
+')
+
+########################################
+## <summary>
+##	Allow relabeling the xdg config home files, regardless of their specific type
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_relabel_all_config_home',`
+	xdg_relabel_all_config($1)
+')
+
+########################################
+## <summary>
+##	Read the xdg data home files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_read_data_home_files',`
+	xdg_read_data_files($1)
+')
+
+########################################
+## <summary>
+##	Read all xdg_data_home_type files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_read_all_data_home_files',`
+	xdg_read_all_data_files($1)
+')
+
+########################################
+## <summary>
+##	Create objects in an xdg_data_home directory
+##	with an automatic type transition to
+##	a specified private type.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <param name="private_type">
+##	<summary>
+##	The type of the object to create.
+##	</summary>
+## </param>
+## <param name="object_class">
+##	<summary>
+##	The class of the object to be created.
+##	</summary>
+## </param>
+## <param name="filename" optional="true">
+##	<summary>
+##	Optional name of the file or directory created
+##	</summary>
+## </param>
+#
+interface(`xdg_data_home_filetrans',`
+	xdg_data_filetrans($1, $2, $3, $4)
+')
+
+########################################
+## <summary>
+##	Create objects in the user home dir with an automatic type transition to
+##	the xdg_data_home_t type.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <param name="object_class">
+##	<summary>
+##	The class of the object to be created.
+##	</summary>
+## </param>
+## <param name="filename" optional="true">
+##	<summary>
+##	Name of the directory created
+##	</summary>
+## </param>
+#
+interface(`xdg_generic_user_home_dir_filetrans_data_home',`
+	xdg_generic_user_home_dir_filetrans_data($1, $2, $3)
+')
+
+########################################
+## <summary>
+##	Create xdg data home directories
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access
+##	</summary>
+## </param>
+#
+interface(`xdg_create_data_home_dirs',`
+	xdg_create_data_dirs($1)
+')
+
+########################################
+## <summary>
+##	Manage the xdg data home files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_manage_data_home',`
+	xdg_manage_data($1)
+')
+
+########################################
+## <summary>
+##	Manage all the xdg data home files, regardless of their specific type
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_manage_all_data_home',`
+	xdg_manage_all_data($1)
+')
+
+########################################
+## <summary>
+##	Allow relabeling the xdg data home files
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_relabel_data_home',`
+	xdg_relabel_data($1)
+')
+
+########################################
+## <summary>
+##	Allow relabeling the xdg data home files, regardless of their type
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`xdg_relabel_all_data_home',`
+	xdg_relabel_all_data($1)
+')
+
+#########################################
+## <summary>
+##	Read downloaded content
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access
+##	</summary>
+## </param>
+#
+interface(`xdg_read_downloads_home',`
+	xdg_read_downloads($1)
+')
+
+#########################################
+## <summary>
+##	Read user video content
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access
+##	</summary>
+## </param>
+#
+interface(`xdg_read_videos_home',`
+	xdg_read_videos($1)
+')
+
+#########################################
+## <summary>
+##	Read user pictures content
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access
+##	</summary>
+## </param>
+#
+interface(`xdg_read_pictures_home',`
+	xdg_read_pictures($1)
+')
+
+#########################################
+## <summary>
+##	Read user music content
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access
+##	</summary>
+## </param>
+#
+interface(`xdg_read_music_home',`
+	xdg_read_music($1)
+')
+
+#########################################
+## <summary>
+##	Create downloaded content
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access
+##	</summary>
+## </param>
+#
+interface(`xdg_create_downloads_home',`
+	xdg_create_downloads($1)
+')
+
+#########################################
+## <summary>
+##	Write downloaded content
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access
+##	</summary>
+## </param>
+#
+interface(`xdg_write_downloads_home',`
+	xdg_write_downloads($1)
+')
+
+#########################################
+## <summary>
+##	Manage downloaded content
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access
+##	</summary>
+## </param>
+#
+interface(`xdg_manage_downloads_home',`
+	xdg_manage_downloads($1)
+')
+
+#########################################
+## <summary>
+##	Manage documents content
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access
+##	</summary>
+## </param>
+#
+interface(`xdg_manage_documents_home',`
+	xdg_manage_documents($1)
+')
+
+#########################################
+## <summary>
+##	Manage music content
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access
+##	</summary>
+## </param>
+#
+interface(`xdg_manage_music_home',`
+	xdg_manage_music($1)
+')
+
+#########################################
+## <summary>
+##	Manage pictures content
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access
+##	</summary>
+## </param>
+#
+interface(`xdg_manage_pictures_home',`
+	xdg_manage_pictures($1)
+')
+
+#########################################
+## <summary>
+##	Manage video content
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access
+##	</summary>
+## </param>
+#
+interface(`xdg_manage_videos_home',`
+	xdg_manage_videos($1)
+')