1 files changed, 0 insertions, 129 deletions

diff --git a/policy/modules/contrib/sssd.te b/policy/modules/contrib/sssd.te
deleted file mode 100644
index 8b537aaea..000000000
--- a/policy/modules/contrib/sssd.te
+++ /dev/null
@@ -1,129 +0,0 @@
-policy_module(sssd, 1.1.4)
-
-########################################
-#
-# Declarations
-#
-
-type sssd_t;
-type sssd_exec_t;
-init_daemon_domain(sssd_t, sssd_exec_t)
-
-type sssd_initrc_exec_t;
-init_script_file(sssd_initrc_exec_t)
-
-type sssd_conf_t;
-files_config_file(sssd_conf_t)
-
-type sssd_public_t;
-files_pid_file(sssd_public_t)
-
-type sssd_var_lib_t;
-files_type(sssd_var_lib_t)
-mls_trusted_object(sssd_var_lib_t)
-
-type sssd_var_log_t;
-logging_log_file(sssd_var_log_t)
-
-type sssd_var_run_t;
-files_pid_file(sssd_var_run_t)
-
-########################################
-#
-# Local policy
-#
-
-allow sssd_t self:capability { chown dac_read_search dac_override kill net_admin sys_nice setgid setuid sys_admin sys_resource };
-allow sssd_t self:capability2 block_suspend;
-allow sssd_t self:process { setfscreate setsched sigkill signal getsched setrlimit };
-allow sssd_t self:fifo_file rw_fifo_file_perms;
-allow sssd_t self:key manage_key_perms;
-allow sssd_t self:unix_stream_socket { accept connectto listen };
-
-read_files_pattern(sssd_t, sssd_conf_t, sssd_conf_t)
-
-manage_dirs_pattern(sssd_t, sssd_public_t, sssd_public_t)
-manage_files_pattern(sssd_t, sssd_public_t, sssd_public_t)
-
-manage_dirs_pattern(sssd_t, sssd_var_lib_t, sssd_var_lib_t)
-manage_files_pattern(sssd_t, sssd_var_lib_t, sssd_var_lib_t)
-manage_lnk_files_pattern(sssd_t, sssd_var_lib_t, sssd_var_lib_t)
-manage_sock_files_pattern(sssd_t, sssd_var_lib_t, sssd_var_lib_t)
-files_var_lib_filetrans(sssd_t, sssd_var_lib_t, { file dir })
-
-append_files_pattern(sssd_t, sssd_var_log_t, sssd_var_log_t)
-create_files_pattern(sssd_t, sssd_var_log_t, sssd_var_log_t)
-setattr_files_pattern(sssd_t, sssd_var_log_t, sssd_var_log_t)
-logging_log_filetrans(sssd_t, sssd_var_log_t, file)
-
-manage_dirs_pattern(sssd_t, sssd_var_run_t, sssd_var_run_t)
-manage_files_pattern(sssd_t, sssd_var_run_t, sssd_var_run_t)
-files_pid_filetrans(sssd_t, sssd_var_run_t, { file dir })
-
-kernel_read_network_state(sssd_t)
-kernel_read_system_state(sssd_t)
-
-corenet_all_recvfrom_unlabeled(sssd_t)
-corenet_all_recvfrom_netlabel(sssd_t)
-corenet_udp_sendrecv_generic_if(sssd_t)
-corenet_udp_sendrecv_generic_node(sssd_t)
-corenet_udp_sendrecv_all_ports(sssd_t)
-corenet_udp_bind_generic_node(sssd_t)
-
-corenet_sendrecv_generic_server_packets(sssd_t)
-corenet_udp_bind_generic_port(sssd_t)
-corenet_dontaudit_udp_bind_all_ports(sssd_t)
-
-corecmd_exec_bin(sssd_t)
-
-dev_read_urand(sssd_t)
-dev_read_sysfs(sssd_t)
-
-domain_read_all_domains_state(sssd_t)
-domain_obj_id_change_exemption(sssd_t)
-
-files_list_tmp(sssd_t)
-files_read_etc_files(sssd_t)
-files_read_etc_runtime_files(sssd_t)
-files_read_usr_files(sssd_t)
-files_list_var_lib(sssd_t)
-
-fs_list_inotifyfs(sssd_t)
-
-selinux_validate_context(sssd_t)
-
-seutil_read_file_contexts(sssd_t)
-# sssd wants to write /etc/selinux/<policy>/logins/ for SELinux PAM module
-# seutil_rw_login_config_dirs(sssd_t)
-# seutil_manage_login_config_files(sssd_t)
-
-mls_file_read_to_clearance(sssd_t)
-mls_socket_read_to_clearance(sssd_t)
-mls_socket_write_to_clearance(sssd_t)
-mls_trusted_object(sssd_t)
-
-auth_domtrans_chk_passwd(sssd_t)
-auth_domtrans_upd_passwd(sssd_t)
-auth_manage_cache(sssd_t)
-
-init_read_utmp(sssd_t)
-
-logging_send_syslog_msg(sssd_t)
-logging_send_audit_msgs(sssd_t)
-
-miscfiles_read_generic_certs(sssd_t)
-miscfiles_read_localization(sssd_t)
-
-sysnet_dns_name_resolve(sssd_t)
-sysnet_use_ldap(sssd_t)
-
-optional_policy(`
-	dbus_system_bus_client(sssd_t)
-	dbus_connect_system_bus(sssd_t)
-')
-
-optional_policy(`
-	kerberos_read_config(sssd_t)
-	kerberos_manage_host_rcache(sssd_t)
-	kerberos_tmp_filetrans_host_rcache(sssd_t, file, "host_0")
-')