From owner-p4-projects Wed Jul 10 11: 2:22 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 8747F37B401; Wed, 10 Jul 2002 11:01:19 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EA6EC37B400 for ; Wed, 10 Jul 2002 11:01:18 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3466443E3B for ; Wed, 10 Jul 2002 11:01:18 -0700 (PDT) (envelope-from cvance@tislabs.com) Received: from freefall.freebsd.org (perforce@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g6AI1IJU011953 for ; Wed, 10 Jul 2002 11:01:18 -0700 (PDT) (envelope-from cvance@tislabs.com) Received: (from perforce@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g6AI1H1P011950 for perforce@freebsd.org; Wed, 10 Jul 2002 11:01:17 -0700 (PDT) Date: Wed, 10 Jul 2002 11:01:17 -0700 (PDT) Message-Id: <200207101801.g6AI1H1P011950@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to cvance@tislabs.com using -f From: Chris Vance Subject: PERFORCE change 14049 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://people.freebsd.org/~peter/p4db/chv.cgi?CH=14049 Change 14049 by cvance@cvance_korben on 2002/07/10 11:01:00 Sync with SELinux file contexts (soon to diverge drastically) Linux's POSIX 1003.2 regular expression compliance was looser than FreeBSD's, so convert (|/foo) to (/foo)? Affected files ... .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/acct.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/apache.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/atd.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/authbind.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/backup.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/cardmgr.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/courier.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/crack.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/crond.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/cups.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/ddt-client.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/devfsd.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/dhcpc.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/dhcpd.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/dictd.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/dpkg.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/ftpd.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/gatekeeper.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/gpg.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/ipsec.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/lpd.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/modutil.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/named.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/netscape.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/ntpd.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/portslave.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/postfix.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/qmail.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/quota.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/radius.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/rpm.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/run_init.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/sendmail.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/setfiles.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/slapd.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/snmpd.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/snort.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/squid.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/sysstat.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/vmware.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/watchdog.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/xdm.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/xfs.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/xserver.fc#2 edit .. //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/types.fc#2 edit Differences ... ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/acct.fc#2 (text+ko) ==== @@ -1,4 +1,4 @@ # berkeley process accounting /usr/sbin/accton system_u:object_r:acct_exec_t -/var/account(|/.*) system_u:object_r:acct_data_t +/var/account(/.*)? system_u:object_r:acct_data_t /etc/cron.(daily|monthly)/acct system_u:object_r:acct_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/apache.fc#2 (text+ko) ==== @@ -1,17 +1,17 @@ # apache -/var/www/html(|/.*) system_u:object_r:httpd_sys_content_t -/var/www/cgi-bin(|/.*) system_u:object_r:httpd_sys_script_t -/var/www/perl(|/.*) system_u:object_r:httpd_sys_script_t -/var/www/icons(|/.*) system_u:object_r:httpd_sys_content_t -/var/cache/httpd(|/.*) system_u:object_r:httpd_cache_t +/var/www/html(/.*)? system_u:object_r:httpd_sys_content_t +/var/www/cgi-bin(/.*)? system_u:object_r:httpd_sys_script_t +/var/www/perl(/.*)? system_u:object_r:httpd_sys_script_t +/var/www/icons(/.*)? system_u:object_r:httpd_sys_content_t +/var/cache/httpd(/.*)? system_u:object_r:httpd_cache_t /etc/httpd system_u:object_r:httpd_config_t -/etc/httpd/conf(|/.*) system_u:object_r:httpd_config_t +/etc/httpd/conf(/.*)? system_u:object_r:httpd_config_t /etc/httpd/logs system_u:object_r:httpd_log_files_t /etc/httpd/modules system_u:object_r:httpd_modules_t -/usr/lib/apache(|/.*) system_u:object_r:httpd_modules_t +/usr/lib/apache(/.*)? system_u:object_r:httpd_modules_t /usr/sbin/httpd system_u:object_r:httpd_exec_t /usr/sbin/apache system_u:object_r:httpd_exec_t /usr/sbin/suexec system_u:object_r:httpd_suexec_exec_t -/var/log/httpd(|/.*) system_u:object_r:httpd_log_files_t -/var/log/apache(|/.*) system_u:object_r:httpd_log_files_t +/var/log/httpd(/.*)? system_u:object_r:httpd_log_files_t +/var/log/apache(/.*)? system_u:object_r:httpd_log_files_t /var/cache/ssl.*\.sem system_u:object_r:httpd_cache_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/atd.fc#2 (text+ko) ==== @@ -1,3 +1,3 @@ # atd /usr/sbin/atd system_u:object_r:atd_exec_t -/var/spool/at(|/.*) system_u:object_r:at_spool_t +/var/spool/at(/.*)? system_u:object_r:at_spool_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/authbind.fc#2 (text+ko) ==== @@ -1,3 +1,3 @@ # authbind -/etc/authbind(|/.*) system_u:object_r:etc_authbind_t +/etc/authbind(/.*)? system_u:object_r:etc_authbind_t /usr/lib/authbind/helper system_u:object_r:authbind_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/backup.fc#2 (text+ko) ==== @@ -1,4 +1,4 @@ # backup #/usr/local/bin/backup-script system_u:object_r:backup_exec_t #/var/backup system_u:object_r:backup_store_t -/var/backups(|/.*) system_u:object_r:backup_store_t +/var/backups(/.*)? system_u:object_r:backup_store_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/cardmgr.fc#2 (text+ko) ==== @@ -1,4 +1,5 @@ # cardmgr /sbin/cardmgr system_u:object_r:cardmgr_exec_t +/sbin/cardctl system_u:object_r:cardmgr_exec_t /var/run/stab system_u:object_r:cardmgr_var_run_t /etc/apm/event.d/pcmcia system_u:object_r:cardmgr_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/courier.fc#2 (text+ko) ==== @@ -1,5 +1,5 @@ # courier pop, imap, and webmail -/usr/lib/courier(|/.*) system_u:object_r:etc_courier_t +/usr/lib/courier(/.*)? system_u:object_r:etc_courier_t /usr/lib/courier/authlib/.* system_u:object_r:courier_authdaemon_exec_t /usr/lib/courier/courier/.* system_u:object_r:courier_exec_t /usr/lib/courier/courier/courierpop.* system_u:object_r:courier_pop_exec_t @@ -13,4 +13,4 @@ /usr/sbin/courierlogger system_u:object_r:courier_exec_t /usr/sbin/couriertcpd system_u:object_r:courier_tcpd_exec_t /var/run/courier.* system_u:object_r:courier_var_run_t -/etc/courier(|/.*) system_u:object_r:etc_courier_t +/etc/courier(/.*)? system_u:object_r:etc_courier_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/crack.fc#2 (text+ko) ==== @@ -1,3 +1,3 @@ # crack - for password checking /usr/sbin/crack_[a-z]* system_u:object_r:crack_exec_t -/var/cache/cracklib(|/.*) system_u:object_r:crack_db_t +/var/cache/cracklib(/.*)? system_u:object_r:crack_db_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/crond.fc#2 (text+ko) ==== @@ -1,8 +1,8 @@ # crond /etc/crontab system_u:object_r:system_crond_script_t -/etc/cron.d(|/.*) system_u:object_r:system_crond_script_t +/etc/cron.d(/.*)? system_u:object_r:system_crond_script_t /etc/security/cron_context.* system_u:object_r:cron_context_t -/usr/sbin/cron(|d) system_u:object_r:crond_exec_t +/usr/sbin/cron(d)? system_u:object_r:crond_exec_t /usr/sbin/anacron system_u:object_r:anacron_exec_t /usr/sbin/fcron system_u:object_r:anacron_exec_t /var/spool/cron system_u:object_r:cron_spool_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/cups.fc#2 (text+ko) ==== @@ -1,8 +1,8 @@ # cups printing -/etc/cups(|/.*) system_u:object_r:etc_cupsd_t +/etc/cups(/.*)? system_u:object_r:etc_cupsd_t /etc/cups/client.conf system_u:object_r:etc_t /etc/printcap.cups system_u:object_r:etc_cupsd_t /usr/lib/cups/backend/.* system_u:object_r:cupsd_exec_t /usr/sbin/cupsd system_u:object_r:cupsd_exec_t -/var/log/cups(|/.*) system_u:object_r:var_log_cups_t -/var/spool/cups(|/.*) system_u:object_r:cupsd_spool_t +/var/log/cups(/.*)? system_u:object_r:var_log_cups_t +/var/spool/cups(/.*)? system_u:object_r:cupsd_spool_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/ddt-client.fc#2 (text+ko) ==== @@ -2,5 +2,5 @@ /usr/sbin/ddtcd system_u:object_r:ddt_client_exec_t /var/run/ddtcd.pid system_u:object_r:var_run_ddt_client_t /etc/ddtcd.conf system_u:object_r:etc_ddt_client_t -/var/lib/ddt-client(|/.*) system_u:object_r:var_lib_ddt_client_t +/var/lib/ddt-client(/.*)? system_u:object_r:var_lib_ddt_client_t /var/log/ddtcd.log.* system_u:object_r:var_log_ddt_client_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/devfsd.fc#2 (text+ko) ==== @@ -1,4 +1,4 @@ # devfsd -/etc/devfs(|/.*) system_u:object_r:etc_devfsd_t +/etc/devfs(/.*)? system_u:object_r:etc_devfsd_t /sbin/devfsd.* system_u:object_r:devfsd_exec_t /etc/init.d/makedev system_u:object_r:devfsd_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/dhcpc.fc#2 (text+ko) ==== @@ -1,5 +1,5 @@ # dhcpcd -/etc/dhcpc.*(|/.*) system_u:object_r:etc_dhcpc_t +/etc/dhcpc.*(/.*)? system_u:object_r:etc_dhcpc_t /etc/dhclient.conf system_u:object_r:etc_dhcpc_t /etc/dhclient-script system_u:object_r:etc_dhcpc_t /sbin/dhcpcd system_u:object_r:dhcpc_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/dhcpd.fc#2 (text+ko) ==== @@ -1,5 +1,5 @@ # dhcpd /etc/dhcpd.conf system_u:object_r:etc_dhcpd_t -/usr/sbin/dhcpd(|-.*) system_u:object_r:dhcpd_exec_t +/usr/sbin/dhcpd(-.*)? system_u:object_r:dhcpd_exec_t /var/lib/dhcp system_u:object_r:dhcp_state_t /var/lib/dhcp/dhcpd.leases.* system_u:object_r:dhcpd_state_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/dictd.fc#2 (text+ko) ==== @@ -1,4 +1,4 @@ # dictd /etc/dictd.conf system_u:object_r:etc_dictd_t /usr/sbin/dictd system_u:object_r:dictd_exec_t -/var/lib/dictd(|/.*) system_u:object_r:var_lib_dictd_t +/var/lib/dictd(/.*)? system_u:object_r:var_lib_dictd_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/dpkg.fc#2 (text+ko) ==== @@ -1,5 +1,5 @@ # dpkg/dselect/apt -/etc/apt(|/.*) system_u:object_r:etc_apt_t +/etc/apt(/.*)? system_u:object_r:etc_apt_t /usr/bin/apt-cache system_u:object_r:apt_exec_t /usr/bin/apt-config system_u:object_r:apt_exec_t /usr/bin/apt-get system_u:object_r:apt_exec_t @@ -8,19 +8,20 @@ /usr/bin/dselect system_u:object_r:dpkg_exec_t /usr/bin/update-menus system_u:object_r:install_menu_exec_t /usr/lib/apt/methods/.* system_u:object_r:apt_exec_t +/usr/lib/man-db(/.*)? system_u:object_r:bin_t /usr/lib/dpkg/.* system_u:object_r:dpkg_exec_t /usr/sbin/dpkg-preconfigure system_u:object_r:dpkg_exec_t /usr/sbin/install-menu system_u:object_r:install_menu_exec_t -/usr/share/applnk(|/.*) system_u:object_r:debian_menu_t -/usr/share/debconf(|/.*) system_u:object_r:dpkg_exec_t +/usr/share/applnk(/.*)? system_u:object_r:debian_menu_t +/usr/share/debconf(/.*)? system_u:object_r:dpkg_exec_t /usr/share/lintian/.* system_u:object_r:bin_t /usr/share/kernel-package/.* system_u:object_r:bin_t -/var/cache/apt(|/.*) system_u:object_r:var_cache_apt_t -/var/lib/apt(|/.*) system_u:object_r:var_lib_apt_t -/var/lib/dpkg(|/.*) system_u:object_r:var_lib_dpkg_t -/var/lib/dpkg/(|meth)lock system_u:object_r:dpkg_lock_t -/var/lib/kde(|/.*) system_u:object_r:debian_menu_t -/var/spool/kdeapplnk(|/.*) system_u:object_r:debian_menu_t +/var/cache/apt(/.*)? system_u:object_r:var_cache_apt_t +/var/lib/apt(/.*)? system_u:object_r:var_lib_apt_t +/var/lib/dpkg(/.*)? system_u:object_r:var_lib_dpkg_t +/var/lib/dpkg/(meth)?lock system_u:object_r:dpkg_lock_t +/var/lib/kde(/.*)? system_u:object_r:debian_menu_t +/var/spool/kdeapplnk(/.*)? system_u:object_r:debian_menu_t /etc/dpkg/.* system_u:object_r:etc_dpkg_t /etc/menu-methods/.* system_u:object_r:install_menu_exec_t /etc/kde2/.*\.sh system_u:object_r:install_menu_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/ftpd.fc#2 (text+ko) ==== @@ -1,5 +1,8 @@ # ftpd /usr/sbin/in.ftpd system_u:object_r:ftpd_exec_t /usr/sbin/proftpd system_u:object_r:ftpd_exec_t +/usr/sbin/muddleftpd system_u:object_r:ftpd_exec_t +/usr/sbin/ftpwho system_u:object_r:ftpd_exec_t /etc/proftpd.conf system_u:object_r:etc_ftpd_t /var/run/proftpd/proftpd-inetd system_u:object_r:ftpd_var_run_t +/var/log/muddleftpd.log.* system_u:object_r:xferlog_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/gatekeeper.fc#2 (text+ko) ==== @@ -3,4 +3,4 @@ /usr/sbin/gk system_u:object_r:gatekeeper_exec_t /usr/sbin/gnugk system_u:object_r:gatekeeper_exec_t /var/run/gk.pid system_u:object_r:var_run_gatekeeper_t -/var/log/gnugk(|/.*) system_u:object_r:var_log_gatekeeper_t +/var/log/gnugk(/.*)? system_u:object_r:var_log_gatekeeper_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/gpg.fc#2 (text+ko) ==== @@ -1,4 +1,4 @@ # gpg -/home/.*/\.gnupg(|/.*) system_u:object_r:user_gpg_secret_t -/root/.*/\.gnupg(|/.*) system_u:object_r:sysadm_gpg_secret_t +/home/.*/\.gnupg(/.*)? system_u:object_r:user_gpg_secret_t +/root/.*/\.gnupg(/.*)? system_u:object_r:sysadm_gpg_secret_t /usr/bin/gpg system_u:object_r:gpg_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/ipsec.fc#2 (text+ko) ==== @@ -2,7 +2,7 @@ /etc/ipsec.secrets system_u:object_r:ipsec_key_file_t /etc/ipsec.conf system_u:object_r:ipsec_conf_file_t -/etc/ipsec.d(|/.*) system_u:object_r:ipsec_key_file_t +/etc/ipsec.d(/.*)? system_u:object_r:ipsec_key_file_t /usr/lib/ipsec/.* system_u:object_r:ipsec_mgmt_exec_t /usr/local/lib/ipsec/.* system_u:object_r:ipsec_mgmt_exec_t /usr/lib/ipsec/eroute system_u:object_r:ipsec_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/lpd.fc#2 (text+ko) ==== @@ -2,5 +2,5 @@ /dev/printer system_u:object_r:printer_t /usr/sbin/lpd system_u:object_r:lpd_exec_t /usr/sbin/checkpc system_u:object_r:checkpc_exec_t -/var/spool/lpd(|/.*) system_u:object_r:lpd_spool_t +/var/spool/lpd(/.*)? system_u:object_r:lpd_spool_t /usr/share/printconf/.* system_u:object_r:printconf_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/modutil.fc#2 (text+ko) ==== @@ -1,6 +1,6 @@ # module utilities -/etc/modules.conf(|.old) system_u:object_r:modules_conf_t -/lib/modules(|/.*) system_u:object_r:modules_object_t +/etc/modules.conf(.old)? system_u:object_r:modules_conf_t +/lib/modules(/.*)? system_u:object_r:modules_object_t /lib/modules/[^/]*/modules\..* system_u:object_r:modules_dep_t /sbin/depmod system_u:object_r:depmod_exec_t #/sbin/modprobe system_u:object_r:insmod_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/named.fc#2 (text+ko) ==== @@ -1,10 +1,10 @@ # named -/var/named(|/.*) system_u:object_r:named_conf_t +/var/named(/.*)? system_u:object_r:named_conf_t /etc/named.conf system_u:object_r:named_conf_t -/etc/bind(|/.*) system_u:object_r:named_zone_t +/etc/bind(/.*)? system_u:object_r:named_zone_t /etc/bind/named.conf system_u:object_r:named_conf_t /usr/sbin/named.* system_u:object_r:named_exec_t /usr/sbin/ndc system_u:object_r:ndc_exec_t -/var/cache/bind(|/.*) system_u:object_r:named_cache_t +/var/cache/bind(/.*)? system_u:object_r:named_cache_t /var/run/ndc system_u:object_r:var_run_named_t /usr/sbin/lwresd system_u:object_r:named_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/netscape.fc#2 (text+ko) ==== @@ -1,8 +1,8 @@ # netscape/mozilla -/root/\.netscape(|/.*) system_u:object_r:sysadm_netscape_rw_t -/root/\.mozilla(|/.*) system_u:object_r:sysadm_netscape_rw_t -/home/.*/\.netscape(|/.*) system_u:object_r:user_netscape_rw_t -/home/.*/\.mozilla(|/.*) system_u:object_r:user_netscape_rw_t +/root/\.netscape(/.*)? system_u:object_r:sysadm_netscape_rw_t +/root/\.mozilla(/.*)? system_u:object_r:sysadm_netscape_rw_t +/home/.*/\.netscape(/.*)? system_u:object_r:user_netscape_rw_t +/home/.*/\.mozilla(/.*)? system_u:object_r:user_netscape_rw_t /usr/bin/netscape system_u:object_r:netscape_exec_t /usr/bin/mozilla system_u:object_r:netscape_exec_t /usr/bin/mozilla-[0-9].* system_u:object_r:netscape_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/ntpd.fc#2 (text+ko) ==== @@ -1,6 +1,6 @@ -/var/lib/ntp(|/.*) system_u:object_r:var_lib_ntp_t +/var/lib/ntp(/.*)? system_u:object_r:var_lib_ntp_t /etc/ntp.conf system_u:object_r:etc_ntp_t /usr/sbin/ntpd system_u:object_r:ntpd_exec_t -/var/log/ntpstats(|/.*) system_u:object_r:var_log_ntp_t +/var/log/ntpstats(/.*)? system_u:object_r:var_log_ntp_t /var/log/ntpd system_u:object_r:var_log_ntp_t /etc/cron.(daily|weekly)/ntp-simple system_u:object_r:ntpd_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/portslave.fc#2 (text+ko) ==== @@ -1,3 +1,3 @@ # portslave /usr/sbin/portslave system_u:object_r:portslave_exec_t -/etc/portslave(|/.*) system_u:object_r:portslave_etc_t +/etc/portslave(/.*)? system_u:object_r:portslave_etc_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/postfix.fc#2 (text+ko) ==== @@ -1,5 +1,5 @@ # postfix -/etc/postfix(|/.*) system_u:object_r:etc_postfix_t +/etc/postfix(/.*)? system_u:object_r:etc_postfix_t /etc/postfix/postfix-script.* system_u:object_r:postfix_exec_t /etc/postfix/prng_exch system_u:object_r:postfix_prng_t /usr/lib/postfix/.* system_u:object_r:postfix_exec_t @@ -24,12 +24,12 @@ /usr/sbin/postqueue system_u:object_r:postfix_postqueue_exec_t /usr/sbin/postsuper system_u:object_r:postfix_master_exec_t /usr/sbin/rmail system_u:object_r:postfix_master_exec_t -/var/spool/postfix/active(|/.*) system_u:object_r:postfix_spool_t -/var/spool/postfix/incoming(|/.*) system_u:object_r:postfix_spool_t -/var/spool/postfix/maildrop(|/.*) system_u:object_r:postfix_spool_maildrop_t +/var/spool/postfix/active(/.*)? system_u:object_r:postfix_spool_t +/var/spool/postfix/incoming(/.*)? system_u:object_r:postfix_spool_t +/var/spool/postfix/maildrop(/.*)? system_u:object_r:postfix_spool_maildrop_t /var/spool/postfix/pid system_u:object_r:var_run_t /var/spool/postfix/pid/.* system_u:object_r:postfix_var_run_t -/var/spool/postfix/private(|/.*) system_u:object_r:postfix_private_t -/var/spool/postfix/public(|/.*) system_u:object_r:postfix_public_t -/var/spool/postfix/defer(|red)(|/.*) system_u:object_r:postfix_spool_t -/var/spool/postfix/bounce(|/.*) system_u:object_r:postfix_spool_bounce_t +/var/spool/postfix/private(/.*)? system_u:object_r:postfix_private_t +/var/spool/postfix/public(/.*)? system_u:object_r:postfix_public_t +/var/spool/postfix/defer(red)(/.*)? system_u:object_r:postfix_spool_t +/var/spool/postfix/bounce(/.*)? system_u:object_r:postfix_spool_bounce_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/qmail.fc#2 (text+ko) ==== @@ -1,7 +1,7 @@ # qmail -/etc/qmail(|/.*) system_u:object_r:etc_qmail_t -/var/qmail(|/.*) system_u:object_r:etc_qmail_t -/var/spool/qmail(|/.*) system_u:object_r:qmail_spool_t +/etc/qmail(/.*)? system_u:object_r:etc_qmail_t +/var/qmail(/.*)? system_u:object_r:etc_qmail_t +/var/spool/qmail(/.*)? system_u:object_r:qmail_spool_t /usr/sbin/qmail-start system_u:object_r:qmail_start_exec_t /usr/sbin/qmail-lspawn system_u:object_r:qmail_lspawn_exec_t /usr/bin/tcp-env system_u:object_r:qmail_tcp_env_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/quota.fc#2 (text+ko) ==== @@ -1,3 +1,3 @@ # quota system -/var/lib/quota(|/.*) system_u:object_r:quota_flag_t +/var/lib/quota(/.*)? system_u:object_r:quota_flag_t /sbin/quota(check|on) system_u:object_r:quota_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/radius.fc#2 (text+ko) ==== @@ -1,9 +1,9 @@ # radius -/etc/raddb(|/.*) system_u:object_r:etc_radiusd_t +/etc/raddb(/.*)? system_u:object_r:etc_radiusd_t /usr/sbin/radiusd system_u:object_r:radiusd_exec_t -/var/log/radiusd-freeradius(|/.*) system_u:object_r:var_log_radiusd_t +/var/log/radiusd-freeradius(/.*)? system_u:object_r:var_log_radiusd_t /var/log/radius.log.* system_u:object_r:var_log_radiusd_t -/var/log/radacct(|/.*) system_u:object_r:var_log_radiusd_t +/var/log/radacct(/.*)? system_u:object_r:var_log_radiusd_t /var/log/radutmp system_u:object_r:var_log_radiusd_t /var/log/radwtmp.* system_u:object_r:var_log_radiusd_t /etc/cron.(daily|monthly)/radiusd system_u:object_r:radiusd_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/rpm.fc#2 (text+ko) ==== @@ -1,4 +1,4 @@ # rpm -/var/lib/rpm(|/.*) system_u:object_r:var_lib_rpm_t +/var/lib/rpm(/.*)? system_u:object_r:var_lib_rpm_t /bin/rpm system_u:object_r:rpm_exec_t /var/log/rpmpkgs.* system_u:object_r:var_log_rpm_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/run_init.fc#2 (text+ko) ==== @@ -1,3 +1,3 @@ # run_init -/usr/local/selinux/bin/run_init system_u:object_r:run_init_exec_t +/usr/local/selinux/sbin/run_init system_u:object_r:run_init_exec_t /usr/sbin/run_init system_u:object_r:run_init_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/sendmail.fc#2 (text+ko) ==== @@ -1,9 +1,10 @@ # sendmail /etc/aliases system_u:object_r:etc_aliases_t /etc/aliases.db system_u:object_r:etc_aliases_t -/etc/mail(|/.*) system_u:object_r:etc_mail_t +/etc/mail(/.*)? system_u:object_r:etc_mail_t /usr/sbin/sendmail system_u:object_r:sendmail_exec_t -/var/spool/mail(|/.*) system_u:object_r:mail_spool_t -/var/spool/mqueue(|/.*) system_u:object_r:mqueue_spool_t +/usr/sbin/sendmail.sendmail system_u:object_r:sendmail_exec_t +/var/spool/mail(/.*)? system_u:object_r:mail_spool_t +/var/spool/mqueue(/.*)? system_u:object_r:mqueue_spool_t /var/log/sendmail.st system_u:object_r:sendmail_var_log_t -/var/mail(|/.*) system_u:object_r:mail_spool_t +/var/mail(/.*)? system_u:object_r:mail_spool_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/setfiles.fc#2 (text+ko) ==== @@ -1,3 +1,3 @@ # setfiles /usr/sbin/setfiles system_u:object_r:setfiles_exec_t -/usr/local/selinux/sbin/setfiles system_u:object_r:setfiles_exec_t +/usr/local/selinux/bin/setfiles system_u:object_r:setfiles_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/slapd.fc#2 (text+ko) ==== @@ -1,5 +1,5 @@ # slapd - ldap server /usr/sbin/slapd system_u:object_r:slapd_exec_t -/var/lib/ldap(|/.*) system_u:object_r:slapd_db_t -/var/lib/ldap/replog(|/.*) system_u:object_r:slapd_replog_t +/var/lib/ldap(/.*)? system_u:object_r:slapd_db_t +/var/lib/ldap/replog(/.*)? system_u:object_r:slapd_replog_t /var/run/slapd.args system_u:object_r:var_run_slapd_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/snmpd.fc#2 (text+ko) ==== @@ -1,3 +1,3 @@ # snmpd -/usr/sbin/snmp(|trap)d system_u:object_r:snmpd_exec_t -/var/lib/snmp(|/.*) system_u:object_r:var_lib_snmpd_t +/usr/sbin/snmp(trap)?d system_u:object_r:snmpd_exec_t +/var/lib/snmp(/.*)? system_u:object_r:var_lib_snmpd_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/snort.fc#2 (text+ko) ==== @@ -1,4 +1,4 @@ # SNORT /usr/sbin/snort system_u:object_r:snort_exec_t -/etc/snort(|/.*) system_u:object_r:snort_etc_t -/var/log/snort(|/.*) system_u:object_r:snort_log_t +/etc/snort(/.*)? system_u:object_r:snort_etc_t +/var/log/snort(/.*)? system_u:object_r:snort_log_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/squid.fc#2 (text+ko) ==== @@ -1,6 +1,6 @@ # squid /usr/sbin/squid system_u:object_r:squid_exec_t -/var/cache/squid(|/.*) system_u:object_r:squid_cache_t -/var/spool/squid(|/.*) system_u:object_r:squid_cache_t -/var/log/squid(|/.*) system_u:object_r:var_log_squid_t +/var/cache/squid(/.*)? system_u:object_r:squid_cache_t +/var/spool/squid(/.*)? system_u:object_r:squid_cache_t +/var/log/squid(/.*)? system_u:object_r:var_log_squid_t /etc/squid.conf system_u:object_r:squid_conf_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/sysstat.fc#2 (text+ko) ==== @@ -1,5 +1,5 @@ # sysstat and other sar programs /usr/lib/atsar/atsadc system_u:object_r:sysstat_exec_t /usr/lib/sysstat/sa.* system_u:object_r:sysstat_exec_t -/var/log/atsar(|/.*) system_u:object_r:var_log_sysstat_t -/var/log/sysstat(|/.*) system_u:object_r:var_log_sysstat_t +/var/log/atsar(/.*)? system_u:object_r:var_log_sysstat_t +/var/log/sysstat(/.*)? system_u:object_r:var_log_sysstat_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/vmware.fc#2 (text+ko) ==== @@ -31,7 +31,7 @@ /dev/vmnet8 system_u:object_r:vmware_device_t /dev/vmnet9 system_u:object_r:vmware_device_t -/etc/vmware.*(|/.*) system_u:object_r:vmware_sys_conf_t +/etc/vmware.*(/.*)? system_u:object_r:vmware_sys_conf_t /usr/lib/vmware/config system_u:object_r:vmware_sys_conf_t /usr/lib/vmware/bin/vmware-mks system_u:object_r:vmware_user_exec_t @@ -42,5 +42,5 @@ # files. A general user can execute vmware and start a vmware session # but the user cannot modify the session configuration information # -#/usr/local/vmware(|/.*) system_u:object_r:vmware_user_file_t +#/usr/local/vmware(/.*)? system_u:object_r:vmware_user_file_t #/usr/local/vmware/[^/]*/.*\.cfg system_u:object_r:vmware_user_conf_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/watchdog.fc#2 (text+ko) ==== @@ -1,2 +1,3 @@ # watchdog /usr/sbin/watchdog system_u:object_r:watchdog_exec_t +/dev/watchdog system_u:object_r:watchdog_device_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/xdm.fc#2 (text+ko) ==== @@ -1,9 +1,10 @@ # X Display Manager /usr/bin/[xgk]dm system_u:object_r:xdm_exec_t -/var/[xgk]dm(|/.*) system_u:object_r:xdm_log_t -/usr/var/[xgk]dm(|/.*) system_u:object_r:xdm_log_t +/var/[xgk]dm(/.*)? system_u:object_r:xdm_log_t +/usr/var/[xgk]dm(/.*)? system_u:object_r:xdm_log_t +/var/log/kdm.log system_u:object_r:xdm_log_t # Uncomment if you are running an X Display Manager. #/var/log/XFree86.* system_u:object_r:xdm_log_t -#/tmp/.X11-unix(|/.*) system_u:object_r:xdm_tmp_t +#/tmp/.X11-unix(/.*)? system_u:object_r:xdm_tmp_t #/tmp/.X0-lock system_u:object_r:xdm_tmp_t -/var/log/kdm.log system_u:object_r:xdm_log_t + ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/xfs.fc#2 (text+ko) ==== @@ -1,3 +1,3 @@ # xfs -/tmp/.font-unix(|/.*) system_u:object_r:xfs_tmp_t +/tmp/.font-unix(/.*)? system_u:object_r:xfs_tmp_t /usr/X11R6/bin/xfs system_u:object_r:xfs_exec_t ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/program/xserver.fc#2 (text+ko) ==== @@ -1,10 +1,12 @@ # X server /dev/agpgart system_u:object_r:agp_device_t -/dev/dri(|/.*) system_u:object_r:dri_device_t -/tmp/.X11-unix(|/.*) system_u:object_r:user_xserver_tmp_t +/dev/dri(/.*)? system_u:object_r:dri_device_t +/tmp/.X11-unix(/.*)? system_u:object_r:user_xserver_tmp_t /tmp/.X0-lock system_u:object_r:user_xserver_tmp_t /usr/X11R6/bin/Xwrapper system_u:object_r:xserver_exec_t +/usr/X11R6/bin/X system_u:object_r:xserver_exec_t +/usr/X11R6/bin/XFree86 system_u:object_r:xserver_exec_t +/var/lib/xkb(/.*)? system_u:object_r:var_lib_xkb_t # Comment out if you are running an X Display Manager. /var/log/XFree86.* system_u:object_r:xserver_var_log_t -/usr/X11R6/bin/X system_u:object_r:xserver_exec_t -/var/lib/xkb(|/.*) system_u:object_r:var_lib_xkb_t + ==== //depot/projects/trustedbsd/mac/contrib/sebsd/policy/file_contexts/types.fc#2 (text+ko) ==== @@ -51,40 +51,41 @@ # # /var # -/var(|/.*) system_u:object_r:var_t -/var/catman(|/.*) system_u:object_r:catman_t -/var/cache/man(|/.*) system_u:object_r:catman_t -/var/yp(|/.*) system_u:object_r:var_yp_t -/var/lib(|/.*) system_u:object_r:var_lib_t -/var/lib/nfs(|/.*) system_u:object_r:var_lib_nfs_t -/var/lock(|/.*) system_u:object_r:var_lock_t +/var(/.*)? system_u:object_r:var_t +/var/catman(/.*)? system_u:object_r:catman_t +/var/cache/man(/.*)? system_u:object_r:catman_t +/var/yp(/.*)? system_u:object_r:var_yp_t +/var/lib(/.*)? system_u:object_r:var_lib_t +/var/lib/nfs(/.*)? system_u:object_r:var_lib_nfs_t +/var/lock(/.*)? system_u:object_r:var_lock_t /var/tmp system_u:object_r:tmp_t /var/tmp/.* <> +/var/tmp/vi.recover system_u:object_r:tmp_t # # /var/ftp # -/var/ftp/bin(|/.*) system_u:object_r:bin_t +/var/ftp/bin(/.*)? system_u:object_r:bin_t /var/ftp/bin/ls system_u:object_r:ls_exec_t -/var/ftp/lib(|/.*) system_u:object_r:lib_t +/var/ftp/lib(/.*)? system_u:object_r:lib_t /var/ftp/lib/ld.*\.so.* system_u:object_r:ld_so_t /var/ftp/lib/lib.*\.so.* system_u:object_r:shlib_t -/var/ftp/etc(|/.*) system_u:object_r:etc_t +/var/ftp/etc(/.*)? system_u:object_r:etc_t # # The superuser home directory. # -/root(|/.*) system_u:object_r:sysadm_home_t +/root(/.*)? system_u:object_r:sysadm_home_t # # Other user home directories. # -/home(|/.*) system_u:object_r:user_home_t +/home(/.*)? system_u:object_r:user_home_t # # /bin # -/bin(|/.*) system_u:object_r:bin_t +/bin(/.*)? system_u:object_r:bin_t /bin/tcsh system_u:object_r:shell_exec_t /bin/bash system_u:object_r:shell_exec_t /bin/ash system_u:object_r:shell_exec_t @@ -93,18 +94,19 @@ # # /boot # -/boot(|/.*) system_u:object_r:boot_t +/boot(/.*)? system_u:object_r:boot_t /boot/System.map-.* system_u:object_r:system_map_t # # /dev # -/dev(|/.*) system_u:object_r:device_t +/dev(/.*)? system_u:object_r:device_t /dev/MAKEDEV system_u:object_r:sbin_t /dev/null system_u:object_r:null_device_t /dev/zero system_u:object_r:zero_device_t /dev/console system_u:object_r:console_device_t /dev/(kmem|mem|port) system_u:object_r:memory_device_t +/dev/nvram system_u:object_r:memory_device_t /dev/random system_u:object_r:random_device_t /dev/urandom system_u:object_r:random_device_t /dev/[^/]*tty[^/]* system_u:object_r:tty_device_t @@ -112,20 +114,22 @@ /dev/tty system_u:object_r:devtty_t /dev/sd[^/]* system_u:object_r:fixed_disk_device_t /dev/hd[^/]* system_u:object_r:fixed_disk_device_t +/dev/ataraid/d[^/]* system_u:object_r:fixed_disk_device_t +/dev/md[0-9]* system_u:object_r:fixed_disk_device_t /dev/s(cd|r)[^/]* system_u:object_r:removable_device_t -/dev/fd[^/]* system_u:object_r:removable_device_t +/dev/fd[^/]+ system_u:object_r:removable_device_t /dev/rtc system_u:object_r:clock_device_t /dev/psaux system_u:object_r:mouse_device_t /dev/.*mouse.* -c system_u:object_r:mouse_device_t /dev/input/.*mouse.* system_u:object_r:mouse_device_t /dev/ptmx system_u:object_r:ptmx_t /dev/sequencer system_u:object_r:misc_device_t -/dev/fb[0-9]* system_u:object_r:framebuf_device_t +/dev/fb[0-9]* system_u:object_r:framebuf_device_t # # /etc # -/etc(|/.*) system_u:object_r:etc_t +/etc(/.*)? system_u:object_r:etc_t /etc/fstab.REVOKE system_u:object_r:etc_runtime_t /etc/HOSTNAME system_u:object_r:etc_runtime_t /etc/ioctl.save system_u:object_r:etc_runtime_t @@ -138,14 +142,14 @@ /etc/ld.so.preload system_u:object_r:ld_so_cache_t /etc/resolv.conf.* system_u:object_r:resolv_conf_t /etc/adjtime system_u:object_r:adjtime_t -/etc/mrtg(|/.*) system_u:object_r:etc_mrtg_t -/etc/selinux(|/.*) system_u:object_r:policy_src_t -/etc/security/selinux(|/.*) system_u:object_r:policy_config_t +/etc/mrtg(/.*)? system_u:object_r:etc_mrtg_t +/etc/selinux(/.*)? system_u:object_r:policy_src_t +/etc/security/selinux(/.*)? system_u:object_r:policy_config_t # # /lib # -/lib(|/.*) system_u:object_r:lib_t +/lib(/.*)? system_u:object_r:lib_t /lib/ld.*\.so.* system_u:object_r:ld_so_t /lib/lib.*\.so.* system_u:object_r:shlib_t /lib/[^/]*/lib.*\.so.* system_u:object_r:shlib_t @@ -155,7 +159,7 @@ # # /sbin # -/sbin(|/.*) system_u:object_r:sbin_t +/sbin(/.*)? system_u:object_r:sbin_t /sbin/.*_chkpwd system_u:object_r:chkpwd_exec_t # @@ -164,147 +168,147 @@ /tmp system_u:object_r:tmp_t /tmp/.* <> /tmp/orbit.* system_u:object_r:user_tmp_t -/tmp/.ICE-unix(|/.*) system_u:object_r:user_tmp_t +/tmp/.ICE-unix(/.*)? system_u:object_r:user_tmp_t # # /usr # -/usr(|/.*) system_u:object_r:usr_t -/usr/etc(|/.*) system_u:object_r:etc_t -/usr/libexec(|/.*) system_u:object_r:lib_t -/usr/src(|/.*) system_u:object_r:src_t -/usr/tmp(|/.*) system_u:object_r:tmp_t -/usr/man(|/.*) system_u:object_r:man_t +/usr(/.*)? system_u:object_r:usr_t +/usr/etc(/.*)? system_u:object_r:etc_t +/usr/libexec(/.*)? system_u:object_r:lib_t +/usr/src(/.*)? system_u:object_r:src_t +/usr/tmp(/.*)? system_u:object_r:tmp_t +/usr/man(/.*)? system_u:object_r:man_t # # /usr/bin # -/usr/bin(|/.*) system_u:object_r:bin_t +/usr/bin(/.*)? system_u:object_r:bin_t /usr/bin/makemap system_u:object_r:sbin_t # # /usr/lib # -/usr/lib(|/.*) system_u:object_r:lib_t +/usr/lib(/.*)? system_u:object_r:lib_t /usr/lib/lib.*\.so.* system_u:object_r:shlib_t /usr/lib/python.*\.so system_u:object_r:shlib_t /usr/lib/[^/]*/lib.*\.so.* system_u:object_r:shlib_t /usr/lib/autofs/.*\.so system_u:object_r:shlib_t -/usr/lib/perl5/man(|/.*) system_u:object_r:man_t +/usr/lib/perl5/man(/.*)? system_u:object_r:man_t /usr/lib/perl.*\.so system_u:object_r:shlib_t /usr/lib/locale/.*/LC_.* system_u:object_r:writeable_t -/usr/lib/selinux(|/.*) system_u:object_r:policy_src_t +/usr/lib/selinux(/.*)? system_u:object_r:policy_src_t /usr/lib/emacsen-common/.* system_u:object_r:bin_t /usr/share/locale/.*/LC_.* system_u:object_r:writeable_t -/usr/share/selinux(|/.*) system_u:object_r:policy_src_t -/usr/games(|/.*) system_u:object_r:bin_t +/usr/share/selinux(/.*)? system_u:object_r:policy_src_t +/usr/games(/.*)? system_u:object_r:bin_t # # /usr/.*glibc.*-linux/lib # -/usr/.*glibc.*-linux/lib(|/.*) system_u:object_r:lib_t +/usr/.*glibc.*-linux/lib(/.*)? system_u:object_r:lib_t /usr/.*glibc.*-linux/lib/ld.*\.so.* system_u:object_r:ld_so_t /usr/.*glibc.*-linux/lib/lib.*\.so.* system_u:object_r:shlib_t # /usr/.*redhat-linux/lib # -/usr/.*redhat-linux/lib(|/.*) system_u:object_r:lib_t +/usr/.*redhat-linux/lib(/.*)? system_u:object_r:lib_t /usr/.*redhat-linux/lib/ld.*\.so.* system_u:object_r:ld_so_t /usr/.*redhat-linux/lib/lib.*\.so.* system_u:object_r:shlib_t # # /usr/.*linux-libc.*/lib # -/usr/.*linux-libc.*/lib(|/.*) system_u:object_r:lib_t +/usr/.*linux-libc.*/lib(/.*)? system_u:object_r:lib_t /usr/.*linux-libc.*/lib/ld.*\.so.* system_u:object_r:ld_so_t /usr/.*linux-libc.*/lib/lib.*\.so.* system_u:object_r:shlib_t # # /usr/local # -/usr/local/etc(|/.*) system_u:object_r:etc_t -/usr/local/src(|/.*) system_u:object_r:src_t -/usr/local/sbin(|/.*) system_u:object_r:sbin_t -/usr/local/man(|/.*) system_u:object_r:man_t +/usr/local/etc(/.*)? system_u:object_r:etc_t +/usr/local/src(/.*)? system_u:object_r:src_t +/usr/local/sbin(/.*)? system_u:object_r:sbin_t +/usr/local/man(/.*)? system_u:object_r:man_t # # /usr/local/bin # -/usr/local/bin(|/.*) system_u:object_r:bin_t +/usr/local/bin(/.*)? system_u:object_r:bin_t # # /usr/local/lib # -/usr/local/lib(|/.*) system_u:object_r:lib_t +/usr/local/lib(/.*)? system_u:object_r:lib_t /usr/local/lib/.*\.so system_u:object_r:shlib_t # # /usr/sbin # -/usr/sbin(|/.*) system_u:object_r:sbin_t +/usr/sbin(/.*)? system_u:object_r:sbin_t /usr/sbin/makemap system_u:object_r:sbin_t # # /usr/X11R6/bin # -/usr/X11R6/bin(|/.*) system_u:object_r:bin_t +/usr/X11R6/bin(/.*)? system_u:object_r:bin_t # # /usr/X11R6/lib # -/usr/X11R6/lib(|/.*) system_u:object_r:lib_t +/usr/X11R6/lib(/.*)? system_u:object_r:lib_t /usr/X11R6/lib/lib.*\.so.* system_u:object_r:shlib_t # # /usr/X11R6/man # -/usr/X11R6/man(|/.*) system_u:object_r:man_t +/usr/X11R6/man(/.*)? system_u:object_r:man_t # # /usr/kerberos # -/usr/kerberos/bin(|/.*) system_u:object_r:bin_t -/usr/kerberos/sbin(|/.*) system_u:object_r:sbin_t -/usr/kerberos/lib(|/.*) system_u:object_r:lib_t +/usr/kerberos/bin(/.*)? system_u:object_r:bin_t +/usr/kerberos/sbin(/.*)? system_u:object_r:sbin_t +/usr/kerberos/lib(/.*)? system_u:object_r:lib_t /usr/kerberos/lib/lib.*\.so.* system_u:object_r:shlib_t # # /usr/local/selinux # -/usr/local/selinux/bin(|/.*) system_u:object_r:bin_t -/usr/local/selinux/sbin(|/.*) system_u:object_r:bin_t -/usr/local/selinux/lib(|/.*) system_u:object_r:lib_t -/usr/local/selinux/libexec(|/.*) system_u:object_r:lib_t +/usr/local/selinux/bin(/.*)? system_u:object_r:bin_t +/usr/local/selinux/sbin(/.*)? system_u:object_r:bin_t +/usr/local/selinux/lib(/.*)? system_u:object_r:lib_t +/usr/local/selinux/libexec(/.*)? system_u:object_r:lib_t # # /var/run # -/var/run(|/.*) system_u:object_r:var_run_t +/var/run(/.*)? system_u:object_r:var_run_t /var/run/.*\.*pid <> # # /var/spool # -/var/spool(|/.*) system_u:object_r:var_spool_t +/var/spool(/.*)? system_u:object_r:var_spool_t # # /var/log # -/var/log(|/.*) system_u:object_r:var_log_t +/var/log(/.*)? system_u:object_r:var_log_t /var/log/wtmp system_u:object_r:wtmp_t -/var/log/sa(|/.*) system_u:object_r:var_log_sa_t +/var/log/sa(/.*)? system_u:object_r:var_log_sa_t /var/log/ksyms.* system_u:object_r:var_log_ksyms_t /var/log/lastlog system_u:object_r:lastlog_t -/var/log/ksymoops(|/.*) system_u:object_r:var_log_ksyms_t +/var/log/ksymoops(/.*)? system_u:object_r:var_log_ksyms_t /var/log/syslog system_u:object_r:var_log_t # # Persistent label mappings. # -.*/\.\.\.security(|/.*) system_u:object_r:file_labels_t +.*/\.\.\.security(/.*)? system_u:object_r:file_labels_t # # Lost and found directories. # -.*/lost\+found(|/.*) system_u:object_r:lost_found_t +.*/lost\+found(/.*)? system_u:object_r:lost_found_t To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message