diff --git a/policy/modules/admin/bootloader.te b/policy/modules/admin/bootloader.te
index 59f5c82..3b5835d 100644
--- a/policy/modules/admin/bootloader.te
+++ b/policy/modules/admin/bootloader.te
@@ -93,7 +93,7 @@ fs_manage_dos_files(bootloader_t)
mls_file_read_all_levels(bootloader_t)
mls_file_write_all_levels(bootloader_t)
-term_getattr_all_user_ttys(bootloader_t)
+term_getattr_all_ttys(bootloader_t)
term_dontaudit_manage_pty_dirs(bootloader_t)
corecmd_exec_all_executables(bootloader_t)
diff --git a/policy/modules/admin/ddcprobe.te b/policy/modules/admin/ddcprobe.te
index e4daf88..6f8a615 100644
--- a/policy/modules/admin/ddcprobe.te
+++ b/policy/modules/admin/ddcprobe.te
@@ -36,8 +36,8 @@ files_read_etc_files(ddcprobe_t)
files_read_etc_runtime_files(ddcprobe_t)
files_read_usr_files(ddcprobe_t)
-term_use_all_user_ttys(ddcprobe_t)
-term_use_all_user_ptys(ddcprobe_t)
+term_use_all_ttys(ddcprobe_t)
+term_use_all_ptys(ddcprobe_t)
libs_read_lib_files(ddcprobe_t)
diff --git a/policy/modules/admin/netutils.te b/policy/modules/admin/netutils.te
index 7b81240..6a37fd1 100644
--- a/policy/modules/admin/netutils.te
+++ b/policy/modules/admin/netutils.te
@@ -147,8 +147,8 @@ ifdef(`hide_broken_symptoms',`
')
tunable_policy(`user_ping',`
- term_use_all_user_ttys(ping_t)
- term_use_all_user_ptys(ping_t)
+ term_use_all_ttys(ping_t)
+ term_use_all_ptys(ping_t)
')
optional_policy(`
@@ -218,6 +218,6 @@ dev_read_urand(traceroute_t)
files_read_usr_files(traceroute_t)
tunable_policy(`user_ping',`
- term_use_all_user_ttys(traceroute_t)
- term_use_all_user_ptys(traceroute_t)
+ term_use_all_ttys(traceroute_t)
+ term_use_all_ptys(traceroute_t)
')
diff --git a/policy/modules/admin/su.if b/policy/modules/admin/su.if
index 6c779dc..b993927 100644
--- a/policy/modules/admin/su.if
+++ b/policy/modules/admin/su.if
@@ -253,10 +253,10 @@ template(`su_role_template',`
selinux_compute_user_contexts($1_su_t)
# Relabel ttys and ptys.
- term_relabel_all_user_ttys($1_su_t)
+ term_relabel_all_ttys($1_su_t)
term_relabel_all_user_ptys($1_su_t)
# Close and re-open ttys and ptys to get the fd into the correct domain.
- term_use_all_user_ttys($1_su_t)
+ term_use_all_ttys($1_su_t)
term_use_all_user_ptys($1_su_t)
seutil_read_config($1_su_t)
diff --git a/policy/modules/admin/sudo.if b/policy/modules/admin/sudo.if
index 100ca4a..03fc2f4 100644
--- a/policy/modules/admin/sudo.if
+++ b/policy/modules/admin/sudo.if
@@ -109,8 +109,8 @@ template(`sudo_role_template',`
selinux_validate_context($1_sudo_t)
selinux_compute_relabel_context($1_sudo_t)
- term_relabel_all_user_ttys($1_sudo_t)
- term_relabel_all_user_ptys($1_sudo_t)
+ term_relabel_all_ttys($1_sudo_t)
+ term_relabel_all_ptys($1_sudo_t)
auth_run_chk_passwd($1_sudo_t, $2)
# sudo stores a token in the pam_pid directory
diff --git a/policy/modules/admin/usermanage.te b/policy/modules/admin/usermanage.te
index e07b009..e4bd126 100644
--- a/policy/modules/admin/usermanage.te
+++ b/policy/modules/admin/usermanage.te
@@ -82,8 +82,8 @@ selinux_compute_create_context(chfn_t)
selinux_compute_relabel_context(chfn_t)
selinux_compute_user_contexts(chfn_t)
-term_use_all_user_ttys(chfn_t)
-term_use_all_user_ptys(chfn_t)
+term_use_all_ttys(chfn_t)
+term_use_all_ptys(chfn_t)
fs_getattr_xattr_fs(chfn_t)
fs_search_auto_mountpoints(chfn_t)
@@ -197,8 +197,8 @@ selinux_compute_create_context(groupadd_t)
selinux_compute_relabel_context(groupadd_t)
selinux_compute_user_contexts(groupadd_t)
-term_use_all_user_ttys(groupadd_t)
-term_use_all_user_ptys(groupadd_t)
+term_use_all_ttys(groupadd_t)
+term_use_all_ptys(groupadd_t)
init_use_fds(groupadd_t)
init_read_utmp(groupadd_t)
@@ -292,8 +292,8 @@ selinux_compute_create_context(passwd_t)
selinux_compute_relabel_context(passwd_t)
selinux_compute_user_contexts(passwd_t)
-term_use_all_user_ttys(passwd_t)
-term_use_all_user_ptys(passwd_t)
+term_use_all_ttys(passwd_t)
+term_use_all_ptys(passwd_t)
auth_domtrans_chk_passwd(passwd_t)
auth_manage_shadow(passwd_t)
@@ -382,8 +382,8 @@ dev_read_urand(sysadm_passwd_t)
fs_getattr_xattr_fs(sysadm_passwd_t)
fs_search_auto_mountpoints(sysadm_passwd_t)
-term_use_all_user_ttys(sysadm_passwd_t)
-term_use_all_user_ptys(sysadm_passwd_t)
+term_use_all_ttys(sysadm_passwd_t)
+term_use_all_ptys(sysadm_passwd_t)
auth_manage_shadow(sysadm_passwd_t)
auth_relabel_shadow(sysadm_passwd_t)
@@ -469,8 +469,8 @@ selinux_compute_create_context(useradd_t)
selinux_compute_relabel_context(useradd_t)
selinux_compute_user_contexts(useradd_t)
-term_use_all_user_ttys(useradd_t)
-term_use_all_user_ptys(useradd_t)
+term_use_all_ttys(useradd_t)
+term_use_all_ptys(useradd_t)
auth_domtrans_chk_passwd(useradd_t)
auth_rw_lastlog(useradd_t)
diff --git a/policy/modules/admin/vpn.te b/policy/modules/admin/vpn.te
index bdd2b1b..028ce05 100644
--- a/policy/modules/admin/vpn.te
+++ b/policy/modules/admin/vpn.te
@@ -77,8 +77,8 @@ domain_use_interactive_fds(vpnc_t)
fs_getattr_xattr_fs(vpnc_t)
fs_getattr_tmpfs(vpnc_t)
-term_use_all_user_ptys(vpnc_t)
-term_use_all_user_ttys(vpnc_t)
+term_use_all_ptys(vpnc_t)
+term_use_all_ttys(vpnc_t)
corecmd_exec_all_executables(vpnc_t)
diff --git a/policy/modules/apps/ptchown.te b/policy/modules/apps/ptchown.te
index 6db843e..7fbaec6 100644
--- a/policy/modules/apps/ptchown.te
+++ b/policy/modules/apps/ptchown.te
@@ -24,7 +24,7 @@ files_read_etc_files(ptchown_t)
fs_rw_anon_inodefs_files(ptchown_t)
term_setattr_generic_ptys(ptchown_t)
-term_setattr_all_user_ptys(ptchown_t)
+term_setattr_all_ptys(ptchown_t)
term_use_generic_ptys(ptchown_t)
term_use_ptmx(ptchown_t)
diff --git a/policy/modules/apps/pulseaudio.te b/policy/modules/apps/pulseaudio.te
index bb5bbc8..3269d58 100644
--- a/policy/modules/apps/pulseaudio.te
+++ b/policy/modules/apps/pulseaudio.te
@@ -53,8 +53,8 @@ fs_rw_anon_inodefs_files(pulseaudio_t)
fs_getattr_tmpfs(pulseaudio_t)
fs_list_inotifyfs(pulseaudio_t)
-term_use_all_user_ttys(pulseaudio_t)
-term_use_all_user_ptys(pulseaudio_t)
+term_use_all_ttys(pulseaudio_t)
+term_use_all_ptys(pulseaudio_t)
auth_use_nsswitch(pulseaudio_t)
diff --git a/policy/modules/apps/userhelper.if b/policy/modules/apps/userhelper.if
index 1184730..ec011f9 100644
--- a/policy/modules/apps/userhelper.if
+++ b/policy/modules/apps/userhelper.if
@@ -112,11 +112,11 @@ template(`userhelper_role_template',`
# Read the devpts root directory.
term_list_ptys($1_userhelper_t)
# Relabel terminals.
- term_relabel_all_user_ttys($1_userhelper_t)
- term_relabel_all_user_ptys($1_userhelper_t)
+ term_relabel_all_ttys($1_userhelper_t)
+ term_relabel_all_ptys($1_userhelper_t)
# Access terminals.
- term_use_all_user_ttys($1_userhelper_t)
- term_use_all_user_ptys($1_userhelper_t)
+ term_use_all_ttys($1_userhelper_t)
+ term_use_all_ptys($1_userhelper_t)
auth_domtrans_chk_passwd($1_userhelper_t)
auth_manage_pam_pid($1_userhelper_t)
diff --git a/policy/modules/kernel/terminal.if b/policy/modules/kernel/terminal.if
index 22fa1c5..1362bbd 100644
--- a/policy/modules/kernel/terminal.if
+++ b/policy/modules/kernel/terminal.if
@@ -672,7 +672,7 @@ interface(`term_dontaudit_use_ptmx',`
########################################
##
-## Get the attributes of all user
+## Get the attributes of all
## pty device nodes.
##
##
@@ -682,7 +682,7 @@ interface(`term_dontaudit_use_ptmx',`
##
##
#
-interface(`term_getattr_all_user_ptys',`
+interface(`term_getattr_all_ptys',`
gen_require(`
attribute ptynode;
type devpts_t;
@@ -696,7 +696,7 @@ interface(`term_getattr_all_user_ptys',`
########################################
##
## Do not audit attempts to get the
-## attributes of any user pty
+## attributes of any pty
## device nodes.
##
##
@@ -705,7 +705,7 @@ interface(`term_getattr_all_user_ptys',`
##
##
#
-interface(`term_dontaudit_getattr_all_user_ptys',`
+interface(`term_dontaudit_getattr_all_ptys',`
gen_require(`
attribute ptynode;
')
@@ -715,7 +715,7 @@ interface(`term_dontaudit_getattr_all_user_ptys',`
########################################
##
-## Set the attributes of all user
+## Set the attributes of all
## pty device nodes.
##
##
@@ -725,7 +725,7 @@ interface(`term_dontaudit_getattr_all_user_ptys',`
##
##
#
-interface(`term_setattr_all_user_ptys',`
+interface(`term_setattr_all_ptys',`
gen_require(`
attribute ptynode;
type devpts_t;
@@ -738,7 +738,7 @@ interface(`term_setattr_all_user_ptys',`
########################################
##
-## Relabel to all user ptys.
+## Relabel to all ptys.
##
##
##
@@ -746,7 +746,7 @@ interface(`term_setattr_all_user_ptys',`
##
##
#
-interface(`term_relabelto_all_user_ptys',`
+interface(`term_relabelto_all_ptys',`
gen_require(`
attribute ptynode;
')
@@ -756,7 +756,7 @@ interface(`term_relabelto_all_user_ptys',`
########################################
##
-## Write to all user ptys.
+## Write to all ptys.
##
##
##
@@ -764,7 +764,7 @@ interface(`term_relabelto_all_user_ptys',`
##
##
#
-interface(`term_write_all_user_ptys',`
+interface(`term_write_all_ptys',`
gen_require(`
attribute ptynode;
')
@@ -775,7 +775,7 @@ interface(`term_write_all_user_ptys',`
########################################
##
-## Read and write all user ptys.
+## Read and write all ptys.
##
##
##
@@ -784,7 +784,7 @@ interface(`term_write_all_user_ptys',`
##
##
#
-interface(`term_use_all_user_ptys',`
+interface(`term_use_all_ptys',`
gen_require(`
attribute ptynode;
type devpts_t;
@@ -797,16 +797,15 @@ interface(`term_use_all_user_ptys',`
########################################
##
-## Do not audit attempts to read any
-## user ptys.
+## Do not audit attempts to read or write any ptys.
##
##
##
-## The type of the process to not audit.
+## Domain to not audit.
##
##
#
-interface(`term_dontaudit_use_all_user_ptys',`
+interface(`term_dontaudit_use_all_ptys',`
gen_require(`
attribute ptynode;
')
@@ -816,8 +815,7 @@ interface(`term_dontaudit_use_all_user_ptys',`
########################################
##
-## Relabel from and to all user
-## user pty device nodes.
+## Relabel from and to all pty device nodes.
##
##
##
@@ -825,7 +823,7 @@ interface(`term_dontaudit_use_all_user_ptys',`
##
##
#
-interface(`term_relabel_all_user_ptys',`
+interface(`term_relabel_all_ptys',`
gen_require(`
attribute ptynode;
type devpts_t;
@@ -837,6 +835,135 @@ interface(`term_relabel_all_user_ptys',`
########################################
##
+## Get the attributes of all user
+## pty device nodes. (Deprecated)
+##
+##
+##
+## Domain allowed access.
+##
+##
+##
+#
+interface(`term_getattr_all_user_ptys',`
+ refpolicywarn(`$0 has been deprecated, use term_getattr_all_ptys() instead.')
+ term_getattr_all_ptys($1)
+')
+
+########################################
+##
+## Do not audit attempts to get the
+## attributes of any user pty
+## device nodes. (Deprecated)
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`term_dontaudit_getattr_all_user_ptys',`
+ refpolicywarn(`$0 has been deprecated, use term_dontaudit_getattr_all_ptys() instead.')
+ term_dontaudit_getattr_all_ptys($1)
+')
+
+########################################
+##
+## Set the attributes of all user
+## pty device nodes. (Deprecated)
+##
+##
+##
+## Domain allowed access.
+##
+##
+##
+#
+interface(`term_setattr_all_user_ptys',`
+ refpolicywarn(`$0 has been deprecated, use term_setattr_all_ptys() instead.')
+ term_setattr_all_ptys($1)
+')
+
+########################################
+##
+## Relabel to all user ptys. (Deprecated)
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`term_relabelto_all_user_ptys',`
+ refpolicywarn(`$0 has been deprecated, use term_relabelto_all_ptys() instead.')
+ term_relabelto_all_ptys($1)
+')
+
+########################################
+##
+## Write to all user ptys. (Deprecated)
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`term_write_all_user_ptys',`
+ refpolicywarn(`$0 has been deprecated, use term_write_all_ptys() instead.')
+ term_write_all_ptys($1)
+')
+
+########################################
+##
+## Read and write all user ptys. (Deprecated)
+##
+##
+##
+## Domain allowed access.
+##
+##
+##
+#
+interface(`term_use_all_user_ptys',`
+ refpolicywarn(`$0 has been deprecated, use term_use_all_ptys() instead.')
+ term_use_all_ptys($1)
+')
+
+########################################
+##
+## Do not audit attempts to read any
+## user ptys. (Deprecated)
+##
+##
+##
+## The type of the process to not audit.
+##
+##
+#
+interface(`term_dontaudit_use_all_user_ptys',`
+ refpolicywarn(`$0 has been deprecated, use term_dontaudit_use_all_ptys() instead.')
+ term_dontaudit_use_all_ptys($1)
+')
+
+########################################
+##
+## Relabel from and to all user
+## user pty device nodes. (Deprecated)
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`term_relabel_all_user_ptys',`
+ refpolicywarn(`$0 has been deprecated, use term_relabel_all_ptys() instead.')
+ term_relabel_all_ptys($1)
+')
+
+########################################
+##
## Get the attributes of all unallocated
## tty device nodes.
##
@@ -1055,8 +1182,7 @@ interface(`term_dontaudit_use_unallocated_ttys',`
########################################
##
-## Get the attributes of all user tty
-## device nodes.
+## Get the attributes of all tty device nodes.
##
##
##
@@ -1065,7 +1191,7 @@ interface(`term_dontaudit_use_unallocated_ttys',`
##
##
#
-interface(`term_getattr_all_user_ttys',`
+interface(`term_getattr_all_ttys',`
gen_require(`
attribute ttynode;
')
@@ -1077,8 +1203,7 @@ interface(`term_getattr_all_user_ttys',`
########################################
##
## Do not audit attempts to get the
-## attributes of any user tty
-## device nodes.
+## attributes of any tty device nodes.
##
##
##
@@ -1086,7 +1211,7 @@ interface(`term_getattr_all_user_ttys',`
##
##
#
-interface(`term_dontaudit_getattr_all_user_ttys',`
+interface(`term_dontaudit_getattr_all_ttys',`
gen_require(`
attribute ttynode;
')
@@ -1097,8 +1222,7 @@ interface(`term_dontaudit_getattr_all_user_ttys',`
########################################
##
-## Set the attributes of all user tty
-## device nodes.
+## Set the attributes of all tty device nodes.
##
##
##
@@ -1107,7 +1231,7 @@ interface(`term_dontaudit_getattr_all_user_ttys',`
##
##
#
-interface(`term_setattr_all_user_ttys',`
+interface(`term_setattr_all_ttys',`
gen_require(`
attribute ttynode;
')
@@ -1118,8 +1242,7 @@ interface(`term_setattr_all_user_ttys',`
########################################
##
-## Relabel from and to all user
-## user tty device nodes.
+## Relabel from and to all tty device nodes.
##
##
##
@@ -1127,7 +1250,7 @@ interface(`term_setattr_all_user_ttys',`
##
##
#
-interface(`term_relabel_all_user_ttys',`
+interface(`term_relabel_all_ttys',`
gen_require(`
attribute ttynode;
')
@@ -1138,7 +1261,7 @@ interface(`term_relabel_all_user_ttys',`
########################################
##
-## Write to all user ttys.
+## Write to all ttys.
##
##
##
@@ -1146,7 +1269,7 @@ interface(`term_relabel_all_user_ttys',`
##
##
#
-interface(`term_write_all_user_ttys',`
+interface(`term_write_all_ttys',`
gen_require(`
attribute ttynode;
')
@@ -1157,7 +1280,7 @@ interface(`term_write_all_user_ttys',`
########################################
##
-## Read and write all user to all user ttys.
+## Read and write all ttys.
##
##
##
@@ -1166,7 +1289,7 @@ interface(`term_write_all_user_ttys',`
##
##
#
-interface(`term_use_all_user_ttys',`
+interface(`term_use_all_ttys',`
gen_require(`
attribute ttynode;
')
@@ -1178,7 +1301,7 @@ interface(`term_use_all_user_ttys',`
########################################
##
## Do not audit attempts to read or write
-## any user ttys.
+## any ttys.
##
##
##
@@ -1186,10 +1309,124 @@ interface(`term_use_all_user_ttys',`
##
##
#
-interface(`term_dontaudit_use_all_user_ttys',`
+interface(`term_dontaudit_use_all_ttys',`
gen_require(`
attribute ttynode;
')
dontaudit $1 ttynode:chr_file rw_chr_file_perms;
')
+
+########################################
+##
+## Get the attributes of all user tty
+## device nodes. (Deprecated)
+##
+##
+##
+## Domain allowed access.
+##
+##
+##
+#
+interface(`term_getattr_all_user_ttys',`
+ refpolicywarn(`$0() is deprecated, use term_getattr_all_ttys() instead.')
+ term_getattr_all_ttys($1)
+')
+
+########################################
+##
+## Do not audit attempts to get the
+## attributes of any user tty
+## device nodes. (Deprecated)
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`term_dontaudit_getattr_all_user_ttys',`
+ refpolicywarn(`$0() is deprecated, use term_dontaudit_getattr_all_ttys() instead.')
+ term_dontaudit_getattr_all_ttys($1)
+')
+
+########################################
+##
+## Set the attributes of all user tty
+## device nodes. (Deprecated)
+##
+##
+##
+## Domain allowed access.
+##
+##
+##
+#
+interface(`term_setattr_all_user_ttys',`
+ refpolicywarn(`$0() is deprecated, use term_setattr_all_ttys() instead.')
+ term_setattr_all_ttys($1)
+')
+
+########################################
+##
+## Relabel from and to all user
+## user tty device nodes. (Deprecated)
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`term_relabel_all_user_ttys',`
+ refpolicywarn(`$0() is deprecated, use term_relabel_all_ttys() instead.')
+ term_relabel_all_ttys($1)
+')
+
+########################################
+##
+## Write to all user ttys. (Deprecated)
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`term_write_all_user_ttys',`
+ refpolicywarn(`$0() is deprecated, use term_write_all_ttys() instead.')
+ term_write_all_ttys($1)
+')
+
+########################################
+##
+## Read and write all user to all user ttys. (Deprecated)
+##
+##
+##
+## Domain allowed access.
+##
+##
+##
+#
+interface(`term_use_all_user_ttys',`
+ refpolicywarn(`$0() is deprecated, use term_use_all_ttys() instead.')
+ term_use_all_ttys($1)
+')
+
+########################################
+##
+## Do not audit attempts to read or write
+## any user ttys. (Deprecated)
+##
+##
+##
+## Domain allowed access.
+##
+##
+#
+interface(`term_dontaudit_use_all_user_ttys',`
+ refpolicywarn(`$0() is deprecated, use term_dontaudit_use_all_ttys() instead.')
+ term_dontaudit_use_all_ttys($1)
+')
diff --git a/policy/modules/services/bluetooth.te b/policy/modules/services/bluetooth.te
index a04aa7d..b4fd914 100644
--- a/policy/modules/services/bluetooth.te
+++ b/policy/modules/services/bluetooth.te
@@ -206,7 +206,7 @@ kernel_read_kernel_sysctls(bluetooth_helper_t)
dev_read_urand(bluetooth_helper_t)
-term_dontaudit_use_all_user_ttys(bluetooth_helper_t)
+term_dontaudit_use_all_ttys(bluetooth_helper_t)
corecmd_exec_bin(bluetooth_helper_t)
corecmd_exec_shell(bluetooth_helper_t)
diff --git a/policy/modules/services/finger.te b/policy/modules/services/finger.te
index 225f620..b60c35a 100644
--- a/policy/modules/services/finger.te
+++ b/policy/modules/services/finger.te
@@ -63,8 +63,8 @@ dev_read_sysfs(fingerd_t)
fs_getattr_all_fs(fingerd_t)
fs_search_auto_mountpoints(fingerd_t)
-term_getattr_all_user_ttys(fingerd_t)
-term_getattr_all_user_ptys(fingerd_t)
+term_getattr_all_ttys(fingerd_t)
+term_getattr_all_ptys(fingerd_t)
auth_read_lastlog(fingerd_t)
diff --git a/policy/modules/services/portslave.te b/policy/modules/services/portslave.te
index b83e4bf..b0e86e5 100644
--- a/policy/modules/services/portslave.te
+++ b/policy/modules/services/portslave.te
@@ -80,7 +80,7 @@ fs_getattr_xattr_fs(portslave_t)
term_use_unallocated_ttys(portslave_t)
term_setattr_unallocated_ttys(portslave_t)
-term_use_all_user_ttys(portslave_t)
+term_use_all_ttys(portslave_t)
term_search_ptys(portslave_t)
auth_rw_login_records(portslave_t)
diff --git a/policy/modules/services/postfix.te b/policy/modules/services/postfix.te
index a8be639..70acaff 100644
--- a/policy/modules/services/postfix.te
+++ b/policy/modules/services/postfix.te
@@ -409,8 +409,8 @@ manage_files_pattern(postfix_postdrop_t, postfix_spool_maildrop_t, postfix_spool
corenet_udp_sendrecv_generic_if(postfix_postdrop_t)
corenet_udp_sendrecv_generic_node(postfix_postdrop_t)
-term_dontaudit_use_all_user_ptys(postfix_postdrop_t)
-term_dontaudit_use_all_user_ttys(postfix_postdrop_t)
+term_dontaudit_use_all_ptys(postfix_postdrop_t)
+term_dontaudit_use_all_ttys(postfix_postdrop_t)
mta_rw_user_mail_stream_sockets(postfix_postdrop_t)
@@ -445,8 +445,8 @@ write_fifo_files_pattern(postfix_postqueue_t, postfix_public_t, postfix_public_t
domtrans_pattern(postfix_postqueue_t, postfix_showq_exec_t, postfix_showq_t)
# to write the mailq output, it really should not need read access!
-term_use_all_user_ptys(postfix_postqueue_t)
-term_use_all_user_ttys(postfix_postqueue_t)
+term_use_all_ptys(postfix_postqueue_t)
+term_use_all_ttys(postfix_postqueue_t)
init_sigchld_script(postfix_postqueue_t)
init_use_script_fds(postfix_postqueue_t)
@@ -490,8 +490,8 @@ allow postfix_showq_t postfix_spool_maildrop_t:file read_file_perms;
allow postfix_showq_t postfix_spool_maildrop_t:lnk_file { getattr read };
# to write the mailq output, it really should not need read access!
-term_use_all_user_ptys(postfix_showq_t)
-term_use_all_user_ttys(postfix_showq_t)
+term_use_all_ptys(postfix_showq_t)
+term_use_all_ttys(postfix_showq_t)
########################################
#
diff --git a/policy/modules/services/puppet.te b/policy/modules/services/puppet.te
index 3cb1741..4ced1c6 100644
--- a/policy/modules/services/puppet.te
+++ b/policy/modules/services/puppet.te
@@ -114,7 +114,7 @@ selinux_set_generic_booleans(puppet_t)
selinux_validate_context(puppet_t)
term_dontaudit_getattr_unallocated_ttys(puppet_t)
-term_dontaudit_getattr_all_user_ttys(puppet_t)
+term_dontaudit_getattr_all_ttys(puppet_t)
init_all_labeled_script_domtrans(puppet_t)
init_domtrans_script(puppet_t)
diff --git a/policy/modules/services/remotelogin.te b/policy/modules/services/remotelogin.te
index 869ff7e..799b7c4 100644
--- a/policy/modules/services/remotelogin.te
+++ b/policy/modules/services/remotelogin.te
@@ -49,7 +49,7 @@ dev_dontaudit_search_sysfs(remote_login_t)
fs_getattr_xattr_fs(remote_login_t)
fs_search_auto_mountpoints(remote_login_t)
-term_relabel_all_user_ptys(remote_login_t)
+term_relabel_all_ptys(remote_login_t)
auth_rw_login_records(remote_login_t)
auth_rw_faillog(remote_login_t)
diff --git a/policy/modules/services/setroubleshoot.te b/policy/modules/services/setroubleshoot.te
index 8378828..882331f 100644
--- a/policy/modules/services/setroubleshoot.te
+++ b/policy/modules/services/setroubleshoot.te
@@ -82,8 +82,8 @@ fs_getattr_all_files(setroubleshootd_t)
selinux_get_enforce_mode(setroubleshootd_t)
selinux_validate_context(setroubleshootd_t)
-term_dontaudit_use_all_user_ptys(setroubleshootd_t)
-term_dontaudit_use_all_user_ttys(setroubleshootd_t)
+term_dontaudit_use_all_ptys(setroubleshootd_t)
+term_dontaudit_use_all_ttys(setroubleshootd_t)
auth_use_nsswitch(setroubleshootd_t)
diff --git a/policy/modules/services/ssh.te b/policy/modules/services/ssh.te
index a3f779a..b42ec01 100644
--- a/policy/modules/services/ssh.te
+++ b/policy/modules/services/ssh.te
@@ -290,9 +290,9 @@ files_tmp_filetrans(sshd_t, sshd_tmp_t, { dir file sock_file })
kernel_search_key(sshd_t)
kernel_link_key(sshd_t)
-term_use_all_user_ptys(sshd_t)
-term_setattr_all_user_ptys(sshd_t)
-term_relabelto_all_user_ptys(sshd_t)
+term_use_all_ptys(sshd_t)
+term_setattr_all_ptys(sshd_t)
+term_relabelto_all_ptys(sshd_t)
# for X forwarding
corenet_tcp_bind_xserver_port(sshd_t)
diff --git a/policy/modules/system/authlogin.te b/policy/modules/system/authlogin.te
index 60e54b7..bd629c2 100644
--- a/policy/modules/system/authlogin.te
+++ b/policy/modules/system/authlogin.te
@@ -165,8 +165,8 @@ fs_search_auto_mountpoints(pam_t)
miscfiles_read_localization(pam_t)
-term_use_all_user_ttys(pam_t)
-term_use_all_user_ptys(pam_t)
+term_use_all_ttys(pam_t)
+term_use_all_ptys(pam_t)
init_dontaudit_rw_utmp(pam_t)
@@ -253,8 +253,8 @@ storage_getattr_scsi_generic_dev(pam_console_t)
storage_setattr_scsi_generic_dev(pam_console_t)
term_use_console(pam_console_t)
-term_use_all_user_ttys(pam_console_t)
-term_use_all_user_ptys(pam_console_t)
+term_use_all_ttys(pam_console_t)
+term_use_all_ptys(pam_console_t)
term_setattr_console(pam_console_t)
term_getattr_unallocated_ttys(pam_console_t)
term_setattr_unallocated_ttys(pam_console_t)
@@ -354,10 +354,10 @@ dev_read_urand(utempter_t)
files_read_etc_files(utempter_t)
-term_getattr_all_user_ttys(utempter_t)
-term_getattr_all_user_ptys(utempter_t)
-term_dontaudit_use_all_user_ttys(utempter_t)
-term_dontaudit_use_all_user_ptys(utempter_t)
+term_getattr_all_ttys(utempter_t)
+term_getattr_all_ptys(utempter_t)
+term_dontaudit_use_all_ttys(utempter_t)
+term_dontaudit_use_all_ptys(utempter_t)
term_dontaudit_use_ptmx(utempter_t)
init_rw_utmp(utempter_t)
diff --git a/policy/modules/system/clock.te b/policy/modules/system/clock.te
index 8019c58..ab84f12 100644
--- a/policy/modules/system/clock.te
+++ b/policy/modules/system/clock.te
@@ -47,8 +47,8 @@ fs_search_auto_mountpoints(hwclock_t)
term_dontaudit_use_console(hwclock_t)
term_use_unallocated_ttys(hwclock_t)
-term_use_all_user_ttys(hwclock_t)
-term_use_all_user_ptys(hwclock_t)
+term_use_all_ttys(hwclock_t)
+term_use_all_ptys(hwclock_t)
domain_use_interactive_fds(hwclock_t)
diff --git a/policy/modules/system/getty.te b/policy/modules/system/getty.te
index 0bbf5b7..358ca46 100644
--- a/policy/modules/system/getty.te
+++ b/policy/modules/system/getty.te
@@ -79,9 +79,9 @@ mls_file_read_all_levels(getty_t)
mls_file_write_all_levels(getty_t)
# Chown, chmod, read and write ttys.
-term_use_all_user_ttys(getty_t)
+term_use_all_ttys(getty_t)
term_use_unallocated_ttys(getty_t)
-term_setattr_all_user_ttys(getty_t)
+term_setattr_all_ttys(getty_t)
term_setattr_unallocated_ttys(getty_t)
term_setattr_console(getty_t)
term_dontaudit_use_console(getty_t)
diff --git a/policy/modules/system/hostname.te b/policy/modules/system/hostname.te
index 22046d2..d303b70 100644
--- a/policy/modules/system/hostname.te
+++ b/policy/modules/system/hostname.te
@@ -39,8 +39,8 @@ fs_search_auto_mountpoints(hostname_t)
fs_dontaudit_use_tmpfs_chr_dev(hostname_t)
term_dontaudit_use_console(hostname_t)
-term_use_all_user_ttys(hostname_t)
-term_use_all_user_ptys(hostname_t)
+term_use_all_ttys(hostname_t)
+term_use_all_ptys(hostname_t)
init_use_fds(hostname_t)
init_use_script_fds(hostname_t)
diff --git a/policy/modules/system/ipsec.te b/policy/modules/system/ipsec.te
index d65140f..b4d92fd 100644
--- a/policy/modules/system/ipsec.te
+++ b/policy/modules/system/ipsec.te
@@ -144,7 +144,7 @@ fs_getattr_all_fs(ipsec_t)
fs_search_auto_mountpoints(ipsec_t)
term_use_console(ipsec_t)
-term_dontaudit_use_all_user_ttys(ipsec_t)
+term_dontaudit_use_all_ttys(ipsec_t)
auth_use_nsswitch(ipsec_t)
diff --git a/policy/modules/system/locallogin.te b/policy/modules/system/locallogin.te
index 731c46b..ff03897 100644
--- a/policy/modules/system/locallogin.te
+++ b/policy/modules/system/locallogin.te
@@ -112,11 +112,11 @@ storage_dontaudit_setattr_fixed_disk_dev(local_login_t)
storage_dontaudit_getattr_removable_dev(local_login_t)
storage_dontaudit_setattr_removable_dev(local_login_t)
-term_use_all_user_ttys(local_login_t)
+term_use_all_ttys(local_login_t)
term_use_unallocated_ttys(local_login_t)
term_relabel_unallocated_ttys(local_login_t)
-term_relabel_all_user_ttys(local_login_t)
-term_setattr_all_user_ttys(local_login_t)
+term_relabel_all_ttys(local_login_t)
+term_setattr_all_ttys(local_login_t)
term_setattr_unallocated_ttys(local_login_t)
auth_rw_login_records(local_login_t)
diff --git a/policy/modules/system/logging.te b/policy/modules/system/logging.te
index d244304..7d16587 100644
--- a/policy/modules/system/logging.te
+++ b/policy/modules/system/logging.te
@@ -428,7 +428,7 @@ term_write_unallocated_ttys(syslogd_t)
# for sending messages to logged in users
init_read_utmp(syslogd_t)
init_dontaudit_write_utmp(syslogd_t)
-term_write_all_user_ttys(syslogd_t)
+term_write_all_ttys(syslogd_t)
auth_use_nsswitch(syslogd_t)
diff --git a/policy/modules/system/pcmcia.te b/policy/modules/system/pcmcia.te
index 9556bde..546899e 100644
--- a/policy/modules/system/pcmcia.te
+++ b/policy/modules/system/pcmcia.te
@@ -89,8 +89,8 @@ fs_getattr_all_fs(cardmgr_t)
fs_search_auto_mountpoints(cardmgr_t)
term_use_unallocated_ttys(cardmgr_t)
-term_getattr_all_user_ttys(cardmgr_t)
-term_dontaudit_getattr_all_user_ptys(cardmgr_t)
+term_getattr_all_ttys(cardmgr_t)
+term_dontaudit_getattr_all_ptys(cardmgr_t)
libs_exec_ld_so(cardmgr_t)
libs_exec_lib_files(cardmgr_t)
diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te
index 508039e..2b14e7f 100644
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@@ -254,10 +254,10 @@ selinux_compute_create_context(newrole_t)
selinux_compute_relabel_context(newrole_t)
selinux_compute_user_contexts(newrole_t)
-term_use_all_user_ttys(newrole_t)
-term_use_all_user_ptys(newrole_t)
-term_relabel_all_user_ttys(newrole_t)
-term_relabel_all_user_ptys(newrole_t)
+term_use_all_ttys(newrole_t)
+term_use_all_ptys(newrole_t)
+term_relabel_all_ttys(newrole_t)
+term_relabel_all_ptys(newrole_t)
term_getattr_unallocated_ttys(newrole_t)
term_dontaudit_use_unallocated_ttys(newrole_t)
@@ -550,8 +550,8 @@ selinux_compute_create_context(setfiles_t)
selinux_compute_relabel_context(setfiles_t)
selinux_compute_user_contexts(setfiles_t)
-term_use_all_user_ttys(setfiles_t)
-term_use_all_user_ptys(setfiles_t)
+term_use_all_ttys(setfiles_t)
+term_use_all_ptys(setfiles_t)
term_use_unallocated_ttys(setfiles_t)
# this is to satisfy the assertion:
diff --git a/policy/modules/system/sysnetwork.te b/policy/modules/system/sysnetwork.te
index adb4d6d..ab083b9 100644
--- a/policy/modules/system/sysnetwork.te
+++ b/policy/modules/system/sysnetwork.te
@@ -119,8 +119,8 @@ files_dontaudit_search_locks(dhcpc_t)
fs_getattr_all_fs(dhcpc_t)
fs_search_auto_mountpoints(dhcpc_t)
-term_dontaudit_use_all_user_ttys(dhcpc_t)
-term_dontaudit_use_all_user_ptys(dhcpc_t)
+term_dontaudit_use_all_ttys(dhcpc_t)
+term_dontaudit_use_all_ptys(dhcpc_t)
term_dontaudit_use_unallocated_ttys(dhcpc_t)
term_dontaudit_use_generic_ptys(dhcpc_t)
@@ -276,8 +276,8 @@ files_read_etc_files(ifconfig_t)
fs_getattr_xattr_fs(ifconfig_t)
fs_search_auto_mountpoints(ifconfig_t)
-term_dontaudit_use_all_user_ttys(ifconfig_t)
-term_dontaudit_use_all_user_ptys(ifconfig_t)
+term_dontaudit_use_all_ttys(ifconfig_t)
+term_dontaudit_use_all_ptys(ifconfig_t)
files_dontaudit_read_root_files(ifconfig_t)
diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index 38684a9..cd08bc3 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -576,7 +576,7 @@ template(`userdom_common_user_template',`
')
tunable_policy(`user_ttyfile_stat',`
- term_getattr_all_user_ttys($1_t)
+ term_getattr_all_ttys($1_t)
')
optional_policy(`
diff --git a/policy/modules/system/xen.te b/policy/modules/system/xen.te
index 5dc2292..6876cdc 100644
--- a/policy/modules/system/xen.te
+++ b/policy/modules/system/xen.te
@@ -214,7 +214,7 @@ storage_raw_read_fixed_disk(xend_t)
storage_raw_write_fixed_disk(xend_t)
storage_raw_read_removable_device(xend_t)
-term_getattr_all_user_ptys(xend_t)
+term_getattr_all_ptys(xend_t)
term_use_generic_ptys(xend_t)
term_use_ptmx(xend_t)
term_getattr_pty_fs(xend_t)