From 3314785460528c93f61de3bf032ece6d85e71b49 Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Thu, 9 Jan 2025 19:01:25 +0100 Subject: [PATCH] Change /usr/sbin entries to use /usr/bin or remove them This is a follow up to commit 1be14f9b5a99 ("Alias /usr/sbin to /usr/bin and change all /usr/sbin paths to /usr/bin") for entries which were kind-of hidden and either duplicate or unnecessary obfuscated, or were added later mistakenly, --- policy/modules/contrib/kerberos.fc | 6 +++--- policy/modules/contrib/ktls.fc | 2 +- policy/modules/contrib/openshift.fc | 12 ++++++------ policy/modules/contrib/pcm.fc | 2 +- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/policy/modules/contrib/kerberos.fc b/policy/modules/contrib/kerberos.fc index 1ab3015460..39760d413e 100644 --- a/policy/modules/contrib/kerberos.fc +++ b/policy/modules/contrib/kerberos.fc @@ -18,11 +18,11 @@ HOME_DIR/\.k5users -- gen_context(system_u:object_r:krb5_home_t,s0) /etc/rc\.d/init\.d/krb5kdc -- gen_context(system_u:object_r:kerberos_initrc_exec_t,s0) /usr/bin/krb5kdc -- gen_context(system_u:object_r:krb5kdc_exec_t,s0) -/usr/(kerberos/)?sbin/krb5kdc -- gen_context(system_u:object_r:krb5kdc_exec_t,s0) +/usr/kerberos/sbin/krb5kdc -- gen_context(system_u:object_r:krb5kdc_exec_t,s0) /usr/bin/kadmind -- gen_context(system_u:object_r:kadmind_exec_t,s0) -/usr/(kerberos/)?sbin/kadmind -- gen_context(system_u:object_r:kadmind_exec_t,s0) +/usr/kerberos/sbin/kadmind -- gen_context(system_u:object_r:kadmind_exec_t,s0) /usr/bin/\_kadmind -- gen_context(system_u:object_r:kadmind_exec_t,s0) -/usr/(kerberos/)?sbin/\_kadmind -- gen_context(system_u:object_r:kadmind_exec_t,s0) +/usr/kerberos/sbin/\_kadmind -- gen_context(system_u:object_r:kadmind_exec_t,s0) /usr/kerberos/sbin/kadmin\.local -- gen_context(system_u:object_r:kadmind_exec_t,s0) /usr/kerberos/sbin/kpropd -- gen_context(system_u:object_r:kpropd_exec_t,s0) /usr/bin/kpropd -- gen_context(system_u:object_r:kpropd_exec_t,s0) diff --git a/policy/modules/contrib/ktls.fc b/policy/modules/contrib/ktls.fc index 4545ca7b09..ffc711443d 100644 --- a/policy/modules/contrib/ktls.fc +++ b/policy/modules/contrib/ktls.fc @@ -1 +1 @@ -/usr/sbin/tlshd -- gen_context(system_u:object_r:ktlshd_exec_t,s0) +/usr/bin/tlshd -- gen_context(system_u:object_r:ktlshd_exec_t,s0) diff --git a/policy/modules/contrib/openshift.fc b/policy/modules/contrib/openshift.fc index 7b628f879d..55ecea50ab 100644 --- a/policy/modules/contrib/openshift.fc +++ b/policy/modules/contrib/openshift.fc @@ -17,14 +17,14 @@ /var/log/mcollective\.log.* -- gen_context(system_u:object_r:openshift_log_t,s0) /var/log/openshift(/.*)? gen_context(system_u:object_r:openshift_log_t,s0) -/usr/s?bin/(oo|rhc)-cgroup-read -- gen_context(system_u:object_r:openshift_cgroup_read_exec_t,s0) +/usr/bin/(oo|rhc)-cgroup-read -- gen_context(system_u:object_r:openshift_cgroup_read_exec_t,s0) -/usr/s?bin/oo-lists-ports -- gen_context(system_u:object_r:openshift_net_read_exec_t,s0) +/usr/bin/oo-lists-ports -- gen_context(system_u:object_r:openshift_net_read_exec_t,s0) -/usr/s?bin/(oo|rhc)-restorer -- gen_context(system_u:object_r:openshift_initrc_exec_t,s0) -/usr/s?bin/(oo|rhc)-restorer-wrapper.sh -- gen_context(system_u:object_r:openshift_initrc_exec_t,s0) -/usr/s?bin/oo-admin-ctl-gears -- gen_context(system_u:object_r:openshift_initrc_exec_t,s0) -/usr/s?bin/mcollectived -- gen_context(system_u:object_r:openshift_initrc_exec_t,s0) +/usr/bin/(oo|rhc)-restorer -- gen_context(system_u:object_r:openshift_initrc_exec_t,s0) +/usr/bin/(oo|rhc)-restorer-wrapper.sh -- gen_context(system_u:object_r:openshift_initrc_exec_t,s0) +/usr/bin/oo-admin-ctl-gears -- gen_context(system_u:object_r:openshift_initrc_exec_t,s0) +/usr/bin/mcollectived -- gen_context(system_u:object_r:openshift_initrc_exec_t,s0) /run/stickshift(/.*)? gen_context(system_u:object_r:openshift_var_run_t,s0) /run/openshift(/.*)? gen_context(system_u:object_r:openshift_var_run_t,s0) diff --git a/policy/modules/contrib/pcm.fc b/policy/modules/contrib/pcm.fc index 3afdb1f352..ac9bd0e39c 100644 --- a/policy/modules/contrib/pcm.fc +++ b/policy/modules/contrib/pcm.fc @@ -1 +1 @@ -/usr/sbin/pcm-sensor-server -- gen_context(system_u:object_r:pcmsensor_exec_t,s0) +/usr/bin/pcm-sensor-server -- gen_context(system_u:object_r:pcmsensor_exec_t,s0)