Remove calls that are merged (were in distro_gentoo blocks but not needed anymore)

7 files changed, 0 insertions, 77 deletions

diff --git a/policy/modules/admin/usermanage.if b/policy/modules/admin/usermanage.if
index 38aad9002..99e3903ea 100644
--- a/policy/modules/admin/usermanage.if
+++ b/policy/modules/admin/usermanage.if
@@ -331,41 +331,3 @@ interface(`usermanage_read_crack_db',`
 	files_search_var($1)
 	read_files_pattern($1, crack_db_t, crack_db_t)
 ')
-
-# Gentoo specific interfaces but cannot use ifdef distro_gentoo here
-
-########################################
-## <summary>
-##	Check execute rights on passwd binaries
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`usermanage_check_exec_passwd',`
-	gen_require(`
-		type passwd_exec_t;
-	')
-
-	allow $1 passwd_exec_t:file { execute getattr_file_perms };
-')
-
-########################################
-## <summary>
-##	Check execute rights on useradd binaries
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`usermanage_check_exec_useradd',`
-	gen_require(`
-		type useradd_exec_t;
-	')
-
-	allow $1 useradd_exec_t:file { execute getattr_file_perms };
-')
diff --git a/policy/modules/contrib/portage.fc b/policy/modules/contrib/portage.fc
index 49431b06b..8584af442 100644
--- a/policy/modules/contrib/portage.fc
+++ b/policy/modules/contrib/portage.fc
@@ -37,5 +37,4 @@
 
 ifdef(`distro_gentoo',`
 /var/log/sandbox(/.*)?	gen_context(system_u:object_r:portage_log_t,s0)
-/etc/make\.profile	-l	gen_context(system_u:object_r:portage_conf_t,s0)
 ')
diff --git a/policy/modules/contrib/puppet.te b/policy/modules/contrib/puppet.te
index d753ac8bd..9f89323dc 100644
--- a/policy/modules/contrib/puppet.te
+++ b/policy/modules/contrib/puppet.te
@@ -344,7 +344,6 @@ optional_policy(`
 ')
 
 ifdef(`distro_gentoo',`
-	init_daemon_run_dir(puppet_var_run_t, "puppet")
 	##########################################
 	#
 	# Puppet master policy
@@ -363,35 +362,14 @@ ifdef(`distro_gentoo',`
 	#
 	# Puppet client policy
 	#
-	allow puppet_t self:capability { chown sys_admin };
-	allow puppet_t self:udp_socket create_socket_perms;
-	allow puppet_t self:netlink_route_socket create_netlink_socket_perms;
-	allow puppet_t puppet_log_t:file read_file_perms;
-
-	can_exec(puppet_t, puppet_var_lib_t) # module helper scripts
-
-	kernel_read_kernel_sysctls(puppet_t)
-	kernel_read_net_sysctls(puppet_t)
-	kernel_read_network_state(puppet_t)
-
-	corenet_all_recvfrom_netlabel(puppet_t)
-	corenet_all_recvfrom_unlabeled(puppet_t)
-	corenet_tcp_sendrecv_generic_if(puppet_t)
-	corenet_tcp_sendrecv_generic_node(puppet_t)
 	corenet_tcp_bind_generic_node(puppet_t)
 
 	corenet_sendrecv_puppetclient_server_packets(puppet_t)
 	corenet_tcp_bind_puppetclient_port(puppet_t)
 	corenet_tcp_sendrecv_puppetclient_port(puppet_t)
 
-	files_search_var_lib(puppet_t)
-
-	sysnet_use_ldap(puppet_t)
-
 	usermanage_domtrans_passwd(puppet_t)
 
-	selinux_get_fs_mount(puppet_t)
-
 	tunable_policy(`puppet_manage_all_files',`
 		# We should use files_relabel_all_files here, but it calls
 		# seutil_relabelto_bin_policy which sets a "typeattribute type attr",
diff --git a/policy/modules/services/postgresql.te b/policy/modules/services/postgresql.te
index eb99da28b..346d0116c 100644
--- a/policy/modules/services/postgresql.te
+++ b/policy/modules/services/postgresql.te
@@ -363,10 +363,6 @@ userdom_dontaudit_use_unpriv_user_fds(postgresql_t)
 userdom_dontaudit_search_user_home_dirs(postgresql_t)
 userdom_dontaudit_use_user_terminals(postgresql_t)
 
-ifdef(`distro_gentoo',`
-	allow postgresql_t self:unix_stream_socket connectto;
-')
-
 optional_policy(`
 	mta_getattr_spool(postgresql_t)
 ')
diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index 0699378b1..4276cb110 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -938,10 +938,6 @@ ifdef(`distro_gentoo',`
 	')
 
 	optional_policy(`
-		stunnel_read_config(initrc_t)
-	')
-
-	optional_policy(`
 		udev_create_rules_dirs(initrc_t)
 		udev_pid_filetrans_rules(initrc_t, dir, "rules.d")
 	')
diff --git a/policy/modules/system/logging.te b/policy/modules/system/logging.te
index 0a5c1a01b..e044c287a 100644
--- a/policy/modules/system/logging.te
+++ b/policy/modules/system/logging.te
@@ -480,11 +480,6 @@ ifdef(`distro_gentoo',`
 	# and high priority messages to /dev/tty12
 	term_append_unallocated_ttys(syslogd_t)
 	term_dontaudit_setattr_unallocated_ttys(syslogd_t)
-
-	cron_create_log_files(syslogd_t)
-	cron_generic_log_filetrans_log(syslogd_t, file, "cron.log")
-	cron_setattr_log_files(syslogd_t)
-	cron_write_log_files(syslogd_t)
 ')
 
 ifdef(`distro_suse',`
diff --git a/policy/modules/system/lvm.te b/policy/modules/system/lvm.te
index 2470f3456..86ad35887 100644
--- a/policy/modules/system/lvm.te
+++ b/policy/modules/system/lvm.te
@@ -362,9 +362,6 @@ ifdef(`distro_gentoo',`
 	create_dirs_pattern(lvm_t, lvm_etc_t, lvm_metadata_t)
 	filetrans_pattern(lvm_t, lvm_etc_t, lvm_metadata_t, dir, "cache")
 
-	manage_dirs_pattern(lvm_t, lvm_lock_t, lvm_lock_t)
-	files_lock_filetrans(lvm_t, lvm_lock_t, dir, "lvm")
-
 	kernel_request_load_module(lvm_t)
 
 	dev_filetrans(lvm_t, lvm_lock_t, dir, ".lvm")