diff --git a/policy/modules/services/cachefilesd.te b/policy/modules/services/cachefilesd.te index 8561265..e67f987 100644 --- a/policy/modules/services/cachefilesd.te +++ b/policy/modules/services/cachefilesd.te @@ -23,7 +23,6 @@ policy_module(cachefilesd,1.0.17) # # Declarations # -require { type kernel_t; } # # Files in the cache are created by the cachefiles module with security ID diff --git a/policy/modules/services/rhcs.if b/policy/modules/services/rhcs.if index b6a524b..6928301 100644 --- a/policy/modules/services/rhcs.if +++ b/policy/modules/services/rhcs.if @@ -371,7 +371,7 @@ interface(`rhcs_rw_cluster_shm',` # interface(`rhcs_rw_cluster_semaphores',` gen_require(` - type cluster_domain; + attribute cluster_domain; ') allow $1 cluster_domain:sem { rw_sem_perms destroy }; diff --git a/policy/users b/policy/users index 7ae41a6..be2a04c 100644 --- a/policy/users +++ b/policy/users @@ -15,7 +15,7 @@ # and a user process should never be assigned the system user # identity. # -gen_user(system_u,, system_r unconfined_u, s0, s0 - mls_systemhigh, mcs_allcats) +gen_user(system_u,, system_r unconfined_r, s0, s0 - mls_systemhigh, mcs_allcats) # # user_u is a generic user identity for Linux users who have no