diff options
author | 2017-08-06 17:03:17 -0400 | |
---|---|---|
committer | 2017-09-09 00:25:24 +0200 | |
commit | 336acdade32ac1703838fab37c1a232a62191bdf (patch) | |
tree | 495a1bfc0c899e003895cb2e2fe9798eebc1f937 /policy/modules/services | |
parent | Rules.modular: Fix file context verification. (diff) | |
download | hardened-refpolicy-336acdade32ac1703838fab37c1a232a62191bdf.tar.gz hardened-refpolicy-336acdade32ac1703838fab37c1a232a62191bdf.tar.bz2 hardened-refpolicy-336acdade32ac1703838fab37c1a232a62191bdf.zip |
Remove deprecated interfaces older than one year old.
Additionally one deprecated attribute removed.
Diffstat (limited to 'policy/modules/services')
-rw-r--r-- | policy/modules/services/ssh.if | 14 | ||||
-rw-r--r-- | policy/modules/services/xserver.if | 75 |
2 files changed, 0 insertions, 89 deletions
diff --git a/policy/modules/services/ssh.if b/policy/modules/services/ssh.if index 22642eb3..1a428c39 100644 --- a/policy/modules/services/ssh.if +++ b/policy/modules/services/ssh.if @@ -587,20 +587,6 @@ interface(`ssh_dontaudit_rw_tcp_sockets',` ######################################## ## <summary> -## Connect to SSH daemons over TCP sockets. (Deprecated) -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -# -interface(`ssh_tcp_connect',` - refpolicywarn(`$0($*) has been deprecated.') -') - -######################################## -## <summary> ## Execute the ssh daemon in the caller domain. ## </summary> ## <param name="domain"> diff --git a/policy/modules/services/xserver.if b/policy/modules/services/xserver.if index bfcbe487..c0373a44 100644 --- a/policy/modules/services/xserver.if +++ b/policy/modules/services/xserver.if @@ -272,65 +272,6 @@ interface(`xserver_non_drawing_client',` ####################################### ## <summary> -## Create full client sessions -## on a user X server. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -## <param name="tmpfs_type"> -## <summary> -## The type of the domain SYSV tmpfs files. -## </summary> -## </param> -# -interface(`xserver_user_client',` - refpolicywarn(`$0() has been deprecated, please use xserver_user_x_domain_template instead.') - gen_require(` - type xdm_t, xdm_tmp_t; - type xauth_home_t, iceauth_home_t, xserver_t, xserver_tmpfs_t; - ') - - allow $1 self:shm create_shm_perms; - allow $1 self:unix_dgram_socket create_socket_perms; - allow $1 self:unix_stream_socket { connectto create_stream_socket_perms }; - - # Read .Xauthority file - allow $1 xauth_home_t:file { getattr read }; - allow $1 iceauth_home_t:file { getattr read }; - - # for when /tmp/.X11-unix is created by the system - allow $1 xdm_t:fd use; - allow $1 xdm_t:fifo_file { getattr read write ioctl }; - allow $1 xdm_tmp_t:dir search; - allow $1 xdm_tmp_t:sock_file { read write }; - dontaudit $1 xdm_t:tcp_socket { read write }; - - # Allow connections to X server. - files_search_tmp($1) - - miscfiles_read_fonts($1) - - userdom_search_user_home_dirs($1) - # for .xsession-errors - xserver_rw_xsession_log($1) - - xserver_ro_session($1,$2) - xserver_use_user_fonts($1) - - xserver_read_xdm_tmp_files($1) - - # Client write xserver shm - tunable_policy(`allow_write_xshm',` - allow $1 xserver_t:shm rw_shm_perms; - allow $1 xserver_tmpfs_t:file rw_file_perms; - ') -') - -####################################### -## <summary> ## Interface to provide X object permissions on a given X server to ## an X client domain. Provides the minimal set required by a basic ## X client application. @@ -622,22 +563,6 @@ interface(`xserver_user_home_dir_filetrans_user_xsession_log',` ######################################## ## <summary> -## Read all users fonts, user font configurations, -## and manage all users font caches. -## </summary> -## <param name="domain"> -## <summary> -## Domain allowed access. -## </summary> -## </param> -# -interface(`xserver_use_all_users_fonts',` - refpolicywarn(`$0() has been deprecated, please use xserver_use_user_fonts.') - xserver_use_user_fonts($1) -') - -######################################## -## <summary> ## Read all users .Xauthority. ## </summary> ## <param name="domain"> |