Rename "pid" interfaces to "runtime" interfaces.

Rename interfaces to bring consistency with previous pid->runtime type renaming. See PR #106 or 69a403c original type renaming. Interfaces that are still in use were renamed with a compatibility interface. Unused interfaces were fully deprecated for removal. Signed-off-by: Chris PeBenito <pebenito@ieee.org>
SELinuxProject · Jun 28, 2020 · be04bb3 · be04bb3
1 parent 07c08fa
commit be04bb3
Show file tree

Hide file tree

Showing 73 changed files with 2,531 additions and 706 deletions.
diff --git a/policy/modules/admin/kismet.if b/policy/modules/admin/kismet.if
@@ -84,7 +84,7 @@ interface(`kismet_run',`
 
 ########################################
 ## <summary>
-##	Read kismet pid files.
+##	Read kismet pid files.  (Deprecated)
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -93,6 +93,37 @@ interface(`kismet_run',`
 ## </param>
 #
 interface(`kismet_read_pid_files',`
+	refpolicywarn(`$0($*) has been deprecated, please use kismet_read_runtime_files() instead.')
+	kismet_read_runtime_files($1)
+')
+
+########################################
+## <summary>
+##	Create, read, write, and delete
+##	kismet pid files.  (Deprecated)
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`kismet_manage_pid_files',`
+	refpolicywarn(`$0($*) has been deprecated, please use kismet_manage_runtime_files() instead.')
+	kismet_manage_runtime_files($1)
+')
+
+########################################
+## <summary>
+##	Read kismet runtime files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`kismet_read_runtime_files',`
 	gen_require(`
 		type kismet_runtime_t;
 	')
@@ -104,15 +135,15 @@ interface(`kismet_read_pid_files',`
 ########################################
 ## <summary>
 ##	Create, read, write, and delete
-##	kismet pid files.
+##	kismet runtime files.
 ## </summary>
 ## <param name="domain">
 ##	<summary>
 ##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
-interface(`kismet_manage_pid_files',`
+interface(`kismet_manage_runtime_files',`
 	gen_require(`
 		type kismet_runtime_t;
 	')

diff --git a/policy/modules/admin/rpm.if b/policy/modules/admin/rpm.if
@@ -527,7 +527,7 @@ interface(`rpm_dontaudit_manage_db',`
 
 #####################################
 ## <summary>
-##	Read rpm pid files.
+##	Read rpm pid files.  (Deprecated)
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -536,18 +536,13 @@ interface(`rpm_dontaudit_manage_db',`
 ## </param>
 #
 interface(`rpm_read_pid_files',`
-	gen_require(`
-		type rpm_runtime_t;
-	')
-
-	read_files_pattern($1, rpm_runtime_t, rpm_runtime_t)
-	files_search_pids($1)
+	refpolicywarn(`$0($*) has been deprecated.')
 ')
 
 #####################################
 ## <summary>
 ##	Create, read, write, and delete
-##	rpm pid files.
+##	rpm pid files.  (Deprecated)
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -556,18 +551,14 @@ interface(`rpm_read_pid_files',`
 ## </param>
 #
 interface(`rpm_manage_pid_files',`
-	gen_require(`
-		type rpm_runtime_t;
-	')
-
-	manage_files_pattern($1, rpm_runtime_t, rpm_runtime_t)
-	files_search_pids($1)
+	refpolicywarn(`$0($*) has been deprecated, please use rpm_manage_runtime_files() instead.')
+	rpm_manage_runtime_files($1)
 ')
 
 ########################################
 ## <summary>
 ##	Create specified objects in pid directories
-##	with the rpm pid file type.
+##	with the rpm pid file type.  (Deprecated)
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -590,7 +581,27 @@ interface(`rpm_pid_filetrans_rpm_pid',`
 		type rpm_runtime_t;
 	')
 
-	files_pid_filetrans($1, rpm_runtime_t, $3, $4)
+	refpolicywarn(`$0($*) has been deprecated')
+')
+
+#####################################
+## <summary>
+##	Create, read, write, and delete
+##	rpm runtime files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`rpm_manage_runtime_files',`
+	gen_require(`
+		type rpm_runtime_t;
+	')
+
+	manage_files_pattern($1, rpm_runtime_t, rpm_runtime_t)
+	files_search_pids($1)
 ')
 
 ########################################

diff --git a/policy/modules/admin/samhain.if b/policy/modules/admin/samhain.if
@@ -176,7 +176,7 @@ interface(`samhain_manage_log_files',`
 ########################################
 ## <summary>
 ##	Create, read, write, and delete
-##	samhain pid files.
+##	samhain pid files.  (Deprecated)
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -185,12 +185,7 @@ interface(`samhain_manage_log_files',`
 ## </param>
 #
 interface(`samhain_manage_pid_files',`
-	gen_require(`
-		type samhain_runtime_t;
-	')
-
-	files_search_pids($1)
-	manage_files_pattern($1, samhain_runtime_t, samhain_runtime_t)
+	refpolicywarn(`$0($*) has been deprecated.')
 ')
 
 #######################################

diff --git a/policy/modules/admin/sblim.if b/policy/modules/admin/sblim.if
@@ -21,7 +21,7 @@ interface(`sblim_domtrans_gatherd',`
 
 ########################################
 ## <summary>
-##	Read gatherd pid files.
+##	Read gatherd pid files.  (Deprecated)
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -30,12 +30,7 @@ interface(`sblim_domtrans_gatherd',`
 ## </param>
 #
 interface(`sblim_read_pid_files',`
-	gen_require(`
-		type sblim_runtime_t;
-	')
-
-	files_search_pids($1)
-	allow $1 sblim_runtime_t:file read_file_perms;
+	refpolicywarn(`$0($*) has been deprecated.')
 ')
 
 ########################################

diff --git a/policy/modules/admin/shorewall.if b/policy/modules/admin/shorewall.if
@@ -58,34 +58,6 @@ interface(`shorewall_read_config',`
 	read_files_pattern($1, shorewall_etc_t, shorewall_etc_t)
 ')
 
-#######################################
-## <summary>
-##	Read shorewall pid files.
-## </summary>
-## <param name="domain" unused="true">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`shorewall_read_pid_files',`
-	refpolicywarn(`$0($*) has been deprecated')
-')
-
-#######################################
-## <summary>
-##	Read and write shorewall pid files.
-## </summary>
-## <param name="domain" unused="true">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`shorewall_rw_pid_files',`
-	refpolicywarn(`$0($*) has been deprecated')
-')
-
 ######################################
 ## <summary>
 ##	Read shorewall lib files.

diff --git a/policy/modules/apps/qemu.if b/policy/modules/apps/qemu.if
@@ -282,7 +282,7 @@ interface(`qemu_stream_connect',`
 
 ########################################
 ## <summary>
-##	Unlink qemu socket
+##	Unlink qemu socket  (Deprecated)
 ## </summary>
 ## <param name="domain">
 ##	<summary>
@@ -291,6 +291,21 @@ interface(`qemu_stream_connect',`
 ## </param>
 #
 interface(`qemu_delete_pid_sock_file',`
+	refpolicywarn(`$0($*) has been deprecated, please use qemu_delete_runtime_sock_files() instead.')
+	qemu_delete_runtime_sock_files($1)
+')
+
+########################################
+## <summary>
+##	Unlink qemu runtime sockets.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`qemu_delete_runtime_sock_files',`
 	gen_require(`
 		type qemu_runtime_t;
 	')