From 6340c02d64ddd551f1a00e450e70ba6d483b2a16 Mon Sep 17 00:00:00 2001 From: Lukas Vrabec Date: Jun 28 2016 10:22:44 +0000 Subject: Remove all permissive domains. F24 is stable we should run all domains in enforcing mode. --- diff --git a/permissivedomains.cil b/permissivedomains.cil index 8ece76e..3a53af3 100644 --- a/permissivedomains.cil +++ b/permissivedomains.cil @@ -1,67 +1 @@ (roleattributeset cil_gen_require system_r) -(optional permissivedomains_optional_1 - (typeattributeset cil_gen_require targetd_t) - (typepermissive targetd_t) -) -(optional permissivedomains_optional_2 - (typeattributeset cil_gen_require hsqldb_t) - (typepermissive hsqldb_t) -) -(optional permissivedomains_optional_3 - (typeattributeset cil_gen_require ipmievd_t) - (typepermissive ipmievd_t) -) -(optional permissivedomains_optional_4 - (typeattributeset cil_gen_require blkmapd_t) - (typepermissive blkmapd_t) -) -(optional permissivedomains_optional_5 - (typeattributeset cil_gen_require jetty_t) - (typepermissive jetty_t) -) -(optional permissivedomains_optional_6 - (typeattributeset cil_gen_require sanlk_resetd_t) - (typepermissive sanlk_resetd_t) -) -(optional permissivedomains_optional_7 - (typeattributeset cil_gen_require systemd_machined_t) - (typepermissive systemd_machined_t) -) -(optional permissivedomains_optional_8 - (typeattributeset cil_gen_require pkcs11proxyd_t) - (typepermissive pkcs11proxyd_t) -) -(optional permissivedomains_optional_9 - (typeattributeset cil_gen_require openfortivpn_t) - (typepermissive openfortivpn_t) -) - -(optional permissivedomains_optional_10 - (typeattributeset cil_gen_require fwupd_t) - (typepermissive fwupd_t) -) - -(optional permissivedomains_optional_11 - (typeattributeset cil_gen_require lttng_sessiond_t) - (typepermissive lttng_sessiond_t) -) - -(optional permissivedomains_optional_12 - (typeattributeset cil_gen_require rkt_t) - (typepermissive rkt_t) -) - -(optional permissivedomains_optional_13 - (typeattributeset cil_gen_require systemd_hwdb_t) - (typepermissive systemd_hwdb_t) -) - -(optional permissivedomains_optional_14 - (typeattributeset cil_gen_require systemd_gpt_generator_t) - (typepermissive systemd_gpt_generator_t) -) - -(optional permissivedomains_optional_15 - (typeattributeset cil_gen_require systemd_resolved_t) - (typepermissive systemd_resolved_t) -)