From 3c4ffa329400074feffe640f7af10b6f20e807ea Mon Sep 17 00:00:00 2001
From: Dominick Grift <domg472@gmail.com>
Date: Sep 24 2010 10:33:27 +0000
Subject: Use domtrans_pattern where possible.


---

diff --git a/policy/modules/services/ssh.te b/policy/modules/services/ssh.te
index 5315f9b..c1c7393 100644
--- a/policy/modules/services/ssh.te
+++ b/policy/modules/services/ssh.te
@@ -180,10 +180,7 @@ userdom_write_user_tmp_files(ssh_t)
 userdom_read_user_home_content_symlinks(ssh_t)
 
 tunable_policy(`allow_ssh_keysign',`
-	domain_auto_trans(ssh_t, ssh_keysign_exec_t, ssh_keysign_t)
-	allow ssh_keysign_t ssh_t:fd use;
-	allow ssh_keysign_t ssh_t:process sigchld;
-	allow ssh_keysign_t ssh_t:fifo_file rw_file_perms;
+	domtrans_pattern(ssh_t, ssh_keysign_exec_t, ssh_keysign_t)
 ')
 
 tunable_policy(`use_nfs_home_dirs',`