[refpolicy] [ system layer patch 1/1] system: domain { allowed to transition, allowed access, to not audit }.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: domg472@gmail.com (Dominick Grift)
To: refpolicy@oss.tresys.com
Subject: [refpolicy] [ system layer patch 1/1] system: domain { allowed to transition, allowed access, to not audit }.
Date: Wed, 4 Aug 2010 11:22:55 +0200	[thread overview]
Message-ID: <20100804092250.GA15656@localhost.localdomain> (raw)

Signed-off-by: Dominick Grift <domg472@gmail.com>
---
:100644 100644 54b9826... 7fddc24... M	policy/modules/system/authlogin.if
:100644 100644 4cf09f6... 31853d4... M	policy/modules/system/clock.if
:100644 100644 feef778... 89cc088... M	policy/modules/system/daemontools.if
:100644 100644 1c51b4b... 6bc7ca0... M	policy/modules/system/fstools.if
:100644 100644 b2b003d... e4376aa... M	policy/modules/system/getty.if
:100644 100644 8fdea3b... 1ef2854... M	policy/modules/system/hostname.if
:100644 100644 321d2e6... 40eb10c... M	policy/modules/system/hotplug.if
:100644 100644 59f9068... f6aafe7... M	policy/modules/system/init.if
:100644 100644 e0f0224... ce48e44... M	policy/modules/system/ipsec.if
:100644 100644 6aca04d... 34335ce... M	policy/modules/system/iptables.if
:100644 100644 88e3b32... 663a47b... M	policy/modules/system/iscsi.if
:100644 100644 19e65b8... 4198ff5... M	policy/modules/system/kdump.if
:100644 100644 33ffdb6... d97d16d... M	policy/modules/system/libraries.if
:100644 100644 37292fd... 0e3c2a9... M	policy/modules/system/locallogin.if
:100644 100644 fa5684a... 07af21c... M	policy/modules/system/logging.if
:100644 100644 779cc29... 58bc27f... M	policy/modules/system/lvm.if
:100644 100644 a70ed72... 17de283... M	policy/modules/system/miscfiles.if
:100644 100644 e1057e3... 6075331... M	policy/modules/system/modutils.if
:100644 100644 d7e78ad... 66caf37... M	policy/modules/system/mount.if
:100644 100644 b37cd5b... 5dccc0a... M	policy/modules/system/netlabel.if
:100644 100644 ac2b18b... fa701e9... M	policy/modules/system/pcmcia.if
:100644 100644 b3c7bfb... c817fda... M	policy/modules/system/raid.if
:100644 100644 d37974c... 9b75ca1... M	policy/modules/system/selinuxutil.if
:100644 100644 8de660e... efa9c27... M	policy/modules/system/setrans.if
:100644 100644 938f800... e1f9e5f... M	policy/modules/system/sysnetwork.if
:100644 100644 bfc4c75... 025348a... M	policy/modules/system/udev.if
:100644 100644 c11cb30... 416e668... M	policy/modules/system/unconfined.if
:100644 100644 fafdd3d... 42ef0e1... M	policy/modules/system/userdomain.if
:100644 100644 086e8c6... 77d41b6... M	policy/modules/system/xen.if
 policy/modules/system/authlogin.if   |   40 +++++++++++++++++-----------------
 policy/modules/system/clock.if       |    6 ++--
 policy/modules/system/daemontools.if |    8 +++---
 policy/modules/system/fstools.if     |   12 +++++-----
 policy/modules/system/getty.if       |    2 +-
 policy/modules/system/hostname.if    |    4 +-
 policy/modules/system/hotplug.if     |    4 +-
 policy/modules/system/init.if        |   34 ++++++++++++++--------------
 policy/modules/system/ipsec.if       |   22 +++++++++---------
 policy/modules/system/iptables.if    |    8 +++---
 policy/modules/system/iscsi.if       |    2 +-
 policy/modules/system/kdump.if       |    4 +-
 policy/modules/system/libraries.if   |    6 ++--
 policy/modules/system/locallogin.if  |    6 ++--
 policy/modules/system/logging.if     |   22 +++++++++---------
 policy/modules/system/lvm.if         |    8 +++---
 policy/modules/system/miscfiles.if   |   10 ++++----
 policy/modules/system/modutils.if    |   14 ++++++------
 policy/modules/system/mount.if       |   10 ++++----
 policy/modules/system/netlabel.if    |    4 +-
 policy/modules/system/pcmcia.if      |    6 ++--
 policy/modules/system/raid.if        |    4 +-
 policy/modules/system/selinuxutil.if |   36 +++++++++++++++---------------
 policy/modules/system/setrans.if     |    2 +-
 policy/modules/system/sysnetwork.if  |   32 +++++++++++++-------------
 policy/modules/system/udev.if        |    6 ++--
 policy/modules/system/unconfined.if  |    8 +++---
 policy/modules/system/userdomain.if  |   32 +++++++++++++-------------
 policy/modules/system/xen.if         |    6 ++--
 29 files changed, 179 insertions(+), 179 deletions(-)

diff --git a/policy/modules/system/authlogin.if b/policy/modules/system/authlogin.if
index 54b9826..7fddc24 100644
--- a/policy/modules/system/authlogin.if
+++ b/policy/modules/system/authlogin.if
@@ -162,7 +162,7 @@ interface(`auth_login_pgm_domain',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of process using the login program as entry point.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -180,7 +180,7 @@ interface(`auth_login_entry_type',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="target_domain">
@@ -205,7 +205,7 @@ interface(`auth_domtrans_login_program',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="target_domain">
@@ -332,7 +332,7 @@ interface(`auth_var_filetrans_cache',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -381,7 +381,7 @@ interface(`auth_domtrans_chk_passwd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -402,7 +402,7 @@ interface(`auth_domtrans_chkpwd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -446,7 +446,7 @@ interface(`auth_domtrans_upd_passwd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -582,7 +582,7 @@ interface(`auth_tunable_read_shadow',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the domain to not audit.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -800,7 +800,7 @@ interface(`auth_rw_lastlog',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -836,7 +836,7 @@ interface(`auth_signal_pam',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -978,7 +978,7 @@ interface(`auth_manage_pam_pid',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -1098,7 +1098,7 @@ interface(`auth_delete_pam_console_data',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the domain perfoming this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="exception_types" optional="true">
@@ -1123,7 +1123,7 @@ interface(`auth_read_all_dirs_except_shadow',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the domain perfoming this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="exception_types" optional="true">
@@ -1149,7 +1149,7 @@ interface(`auth_read_all_files_except_shadow',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the domain perfoming this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="exception_types" optional="true">
@@ -1174,7 +1174,7 @@ interface(`auth_read_all_symlinks_except_shadow',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the domain perfoming this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="exception_types" optional="true">
@@ -1200,7 +1200,7 @@ interface(`auth_relabel_all_files_except_shadow',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the domain perfoming this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="exception_types" optional="true">
@@ -1226,7 +1226,7 @@ interface(`auth_rw_all_files_except_shadow',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the domain perfoming this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <param name="exception_types" optional="true">
@@ -1251,7 +1251,7 @@ interface(`auth_manage_all_files_except_shadow',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -1269,7 +1269,7 @@ interface(`auth_domtrans_utempter',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -1351,7 +1351,7 @@ interface(`auth_read_login_records',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 ## <rolecap/>
diff --git a/policy/modules/system/clock.if b/policy/modules/system/clock.if
index 4cf09f6..31853d4 100644
--- a/policy/modules/system/clock.if
+++ b/policy/modules/system/clock.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`clock_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -50,7 +50,7 @@ interface(`clock_run',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-## 	The type of the process performing this action.
+## 	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/daemontools.if b/policy/modules/system/daemontools.if
index feef778..89cc088 100644
--- a/policy/modules/system/daemontools.if
+++ b/policy/modules/system/daemontools.if
@@ -11,7 +11,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access to svc_start_t.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -59,7 +59,7 @@ interface(`daemontools_service_domain',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -77,7 +77,7 @@ interface(`daemontools_domtrans_start',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -95,7 +95,7 @@ interface(`daemontools_domtrans_run',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/fstools.if b/policy/modules/system/fstools.if
index 1c51b4b..6bc7ca0 100644
--- a/policy/modules/system/fstools.if
+++ b/policy/modules/system/fstools.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`fstools_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -51,7 +51,7 @@ interface(`fstools_run',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -106,7 +106,7 @@ interface(`fstools_read_pipes',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -125,7 +125,7 @@ interface(`fstools_relabelto_entry_files',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -143,7 +143,7 @@ interface(`fstools_manage_entry_files',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/getty.if b/policy/modules/system/getty.if
index b2b003d..e4376aa 100644
--- a/policy/modules/system/getty.if
+++ b/policy/modules/system/getty.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/hostname.if b/policy/modules/system/hostname.if
index 8fdea3b..1ef2854 100644
--- a/policy/modules/system/hostname.if
+++ b/policy/modules/system/hostname.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`hostname_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/system/hotplug.if b/policy/modules/system/hotplug.if
index 321d2e6..40eb10c 100644
--- a/policy/modules/system/hotplug.if
+++ b/policy/modules/system/hotplug.if
@@ -9,7 +9,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -139,7 +139,7 @@ interface(`hotplug_search_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
diff --git a/policy/modules/system/init.if b/policy/modules/system/init.if
index 59f9068..f6aafe7 100644
--- a/policy/modules/system/init.if
+++ b/policy/modules/system/init.if
@@ -420,7 +420,7 @@ interface(`init_ranged_system_domain',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -571,7 +571,7 @@ interface(`init_use_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -730,7 +730,7 @@ interface(`init_dontaudit_rw_initctl',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain for which init scripts are an entrypoint.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 # cjp: added for gentoo integrated run_init
@@ -748,7 +748,7 @@ interface(`init_script_file_entry_type',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -775,7 +775,7 @@ interface(`init_spec_domtrans_script',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -812,7 +812,7 @@ interface(`init_domtrans_script',`
 ## </desc>
 ## <param name="source_domain">
 ##	<summary>
-##	Domain to transition from.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="target_domain">
@@ -837,7 +837,7 @@ interface(`init_script_file_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="init_script_file">
@@ -862,7 +862,7 @@ interface(`init_labeled_script_domtrans',`
 ## </summary>
 ## <param name="domain">
 ## 	<summary>
-##		Domain allowed access
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -1064,7 +1064,7 @@ interface(`init_read_all_script_files',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1144,7 +1144,7 @@ interface(`init_use_script_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1305,7 +1305,7 @@ interface(`init_rw_script_stream_sockets',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1429,7 +1429,7 @@ interface(`init_getattr_script_status_files',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1553,7 +1553,7 @@ interface(`init_read_utmp',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1591,7 +1591,7 @@ interface(`init_write_utmp',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1628,7 +1628,7 @@ interface(`init_rw_utmp',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1646,7 +1646,7 @@ interface(`init_dontaudit_rw_utmp',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain access allowed.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -1666,7 +1666,7 @@ interface(`init_manage_utmp',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain access allowed.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/ipsec.if b/policy/modules/system/ipsec.if
index e0f0224..ce48e44 100644
--- a/policy/modules/system/ipsec.if
+++ b/policy/modules/system/ipsec.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -24,7 +24,7 @@ interface(`ipsec_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -43,7 +43,7 @@ interface(`ipsec_stream_connect',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -62,7 +62,7 @@ interface(`ipsec_stream_connect_racoon',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -80,7 +80,7 @@ interface(`ipsec_getattr_key_sockets',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -98,7 +98,7 @@ interface(`ipsec_exec_mgmt',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -175,7 +175,7 @@ interface(`ipsec_write_pid',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -194,7 +194,7 @@ interface(`ipsec_manage_pid',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -212,7 +212,7 @@ interface(`ipsec_domtrans_racoon',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -237,7 +237,7 @@ interface(`ipsec_run_racoon',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -255,7 +255,7 @@ interface(`ipsec_domtrans_setkey',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/system/iptables.if b/policy/modules/system/iptables.if
index 6aca04d..34335ce 100644
--- a/policy/modules/system/iptables.if
+++ b/policy/modules/system/iptables.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`iptables_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -76,7 +76,7 @@ interface(`iptables_exec',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -134,7 +134,7 @@ interface(`iptables_read_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/iscsi.if b/policy/modules/system/iscsi.if
index 88e3b32..663a47b 100644
--- a/policy/modules/system/iscsi.if
+++ b/policy/modules/system/iscsi.if
@@ -24,7 +24,7 @@ interface(`iscsid_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/kdump.if b/policy/modules/system/kdump.if
index 19e65b8..4198ff5 100644
--- a/policy/modules/system/kdump.if
+++ b/policy/modules/system/kdump.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`kdump_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/libraries.if b/policy/modules/system/libraries.if
index 33ffdb6..d97d16d 100644
--- a/policy/modules/system/libraries.if
+++ b/policy/modules/system/libraries.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`libs_domtrans_ldconfig',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -201,7 +201,7 @@ interface(`libs_search_lib',`
 ## </desc>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/locallogin.if b/policy/modules/system/locallogin.if
index 37292fd..0e3c2a9 100644
--- a/policy/modules/system/locallogin.if
+++ b/policy/modules/system/locallogin.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -28,7 +28,7 @@ interface(`locallogin_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -118,7 +118,7 @@ interface(`locallogin_link_keys',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/logging.if b/policy/modules/system/logging.if
index fa5684a..07af21c 100644
--- a/policy/modules/system/logging.if
+++ b/policy/modules/system/logging.if
@@ -70,7 +70,7 @@ interface(`logging_send_audit_msgs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -150,7 +150,7 @@ interface(`logging_read_audit_log',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -169,7 +169,7 @@ interface(`logging_domtrans_auditctl',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -194,7 +194,7 @@ interface(`logging_run_auditctl',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -213,7 +213,7 @@ interface(`logging_domtrans_auditd',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -270,7 +270,7 @@ interface(`logging_domtrans_dispatcher',`
 ## </summary>
 ## <param name="domain">
 ## <summary>
-##	Domain allowed to transition.
+##	Domain allowed access.
 ## </summary>
 ## </param>
 #
@@ -382,7 +382,7 @@ interface(`logging_manage_audit_log',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -421,7 +421,7 @@ interface(`logging_check_exec_syslog',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -570,7 +570,7 @@ interface(`logging_read_audit_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -686,7 +686,7 @@ interface(`logging_rw_generic_log_dirs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -848,7 +848,7 @@ interface(`logging_write_generic_logs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/lvm.if b/policy/modules/system/lvm.if
index 779cc29..58bc27f 100644
--- a/policy/modules/system/lvm.if
+++ b/policy/modules/system/lvm.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -25,7 +25,7 @@ interface(`lvm_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -44,7 +44,7 @@ interface(`lvm_exec',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -69,7 +69,7 @@ interface(`lvm_run',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
diff --git a/policy/modules/system/miscfiles.if b/policy/modules/system/miscfiles.if
index a70ed72..17de283 100644
--- a/policy/modules/system/miscfiles.if
+++ b/policy/modules/system/miscfiles.if
@@ -115,7 +115,7 @@ interface(`miscfiles_setattr_fonts_dirs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -134,7 +134,7 @@ interface(`miscfiles_dontaudit_setattr_fonts_dirs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -198,7 +198,7 @@ interface(`miscfiles_setattr_fonts_cache_dirs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -374,7 +374,7 @@ interface(`miscfiles_legacy_read_localization',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain to not audit.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -573,7 +573,7 @@ interface(`miscfiles_exec_tetex_data',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain to be entered.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/modutils.if b/policy/modules/system/modutils.if
index e1057e3..6075331 100644
--- a/policy/modules/system/modutils.if
+++ b/policy/modules/system/modutils.if
@@ -126,7 +126,7 @@ interface(`modutils_manage_module_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -147,7 +147,7 @@ interface(`modutils_domtrans_insmod_uncond',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -170,7 +170,7 @@ interface(`modutils_domtrans_insmod',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -214,7 +214,7 @@ interface(`modutils_exec_insmod',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -233,7 +233,7 @@ interface(`modutils_domtrans_depmod',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -277,7 +277,7 @@ interface(`modutils_exec_depmod',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -296,7 +296,7 @@ interface(`modutils_domtrans_update_mods',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/system/mount.if b/policy/modules/system/mount.if
index d7e78ad..66caf37 100644
--- a/policy/modules/system/mount.if
+++ b/policy/modules/system/mount.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`mount_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -55,7 +55,7 @@ interface(`mount_run',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -139,7 +139,7 @@ interface(`mount_send_nfs_client_request',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -159,7 +159,7 @@ interface(`mount_domtrans_unconfined',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/system/netlabel.if b/policy/modules/system/netlabel.if
index b37cd5b..5dccc0a 100644
--- a/policy/modules/system/netlabel.if
+++ b/policy/modules/system/netlabel.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`netlabel_domtrans_mgmt',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/system/pcmcia.if b/policy/modules/system/pcmcia.if
index ac2b18b..fa701e9 100644
--- a/policy/modules/system/pcmcia.if
+++ b/policy/modules/system/pcmcia.if
@@ -22,7 +22,7 @@ interface(`pcmcia_stub',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -58,7 +58,7 @@ interface(`pcmcia_use_cardmgr_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -77,7 +77,7 @@ interface(`pcmcia_domtrans_cardctl',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/system/raid.if b/policy/modules/system/raid.if
index b3c7bfb..c817fda 100644
--- a/policy/modules/system/raid.if
+++ b/policy/modules/system/raid.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -33,7 +33,7 @@ interface(`raid_domtrans_mdadm',`
 ## </desc>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/selinuxutil.if b/policy/modules/system/selinuxutil.if
index d37974c..9b75ca1 100644
--- a/policy/modules/system/selinuxutil.if
+++ b/policy/modules/system/selinuxutil.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -28,7 +28,7 @@ interface(`seutil_domtrans_checkpolicy',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -74,7 +74,7 @@ interface(`seutil_exec_checkpolicy',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -95,7 +95,7 @@ interface(`seutil_domtrans_loadpolicy',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -158,7 +158,7 @@ interface(`seutil_read_loadpolicy',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -180,7 +180,7 @@ interface(`seutil_domtrans_newrole',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -228,7 +228,7 @@ interface(`seutil_exec_newrole',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -311,7 +311,7 @@ interface(`seutil_dontaudit_use_newrole_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -328,7 +328,7 @@ interface(`seutil_domtrans_restorecon',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -365,7 +365,7 @@ interface(`seutil_exec_restorecon',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -391,7 +391,7 @@ interface(`seutil_domtrans_runinit',`
 ## </desc>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -415,7 +415,7 @@ interface(`seutil_init_script_domtrans_runinit',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -456,7 +456,7 @@ interface(`seutil_run_runinit',`
 ## </desc>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -502,7 +502,7 @@ interface(`seutil_use_runinit_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -524,7 +524,7 @@ interface(`seutil_domtrans_setfiles',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -803,7 +803,7 @@ interface(`seutil_read_file_contexts',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -1015,7 +1015,7 @@ interface(`seutil_domtrans_semanage',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -1141,7 +1141,7 @@ interface(`seutil_libselinux_linked',`
 ## </desc>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/setrans.if b/policy/modules/system/setrans.if
index 8de660e..efa9c27 100644
--- a/policy/modules/system/setrans.if
+++ b/policy/modules/system/setrans.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/sysnetwork.if b/policy/modules/system/sysnetwork.if
index 938f800..e1f9e5f 100644
--- a/policy/modules/system/sysnetwork.if
+++ b/policy/modules/system/sysnetwork.if
@@ -6,7 +6,7 @@
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -26,7 +26,7 @@ interface(`sysnet_domtrans_dhcpc',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -69,7 +69,7 @@ interface(`sysnet_run_dhcpc',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain sending the SIGCHLD.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -87,7 +87,7 @@ interface(`sysnet_dontaudit_use_dhcpc_fds',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain sending the SIGCHLD.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -105,7 +105,7 @@ interface(`sysnet_sigchld_dhcpc',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain sending the SIGKILL.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -124,7 +124,7 @@ interface(`sysnet_kill_dhcpc',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain sending the SIGSTOP.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -142,7 +142,7 @@ interface(`sysnet_sigstop_dhcpc',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain sending the null signal.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -160,7 +160,7 @@ interface(`sysnet_signull_dhcpc',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain sending the signal.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 ## <rolecap/>
@@ -200,7 +200,7 @@ interface(`sysnet_dbus_chat_dhcpc',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -219,7 +219,7 @@ interface(`sysnet_rw_dhcp_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The domain allowed access.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -376,7 +376,7 @@ interface(`sysnet_create_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -394,7 +394,7 @@ interface(`sysnet_etc_filetrans_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -416,7 +416,7 @@ interface(`sysnet_manage_config',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -435,7 +435,7 @@ interface(`sysnet_read_dhcpc_pid',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -453,7 +453,7 @@ interface(`sysnet_delete_dhcpc_pid',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -474,7 +474,7 @@ interface(`sysnet_domtrans_ifconfig',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
diff --git a/policy/modules/system/udev.if b/policy/modules/system/udev.if
index bfc4c75..025348a 100644
--- a/policy/modules/system/udev.if
+++ b/policy/modules/system/udev.if
@@ -24,7 +24,7 @@ interface(`udev_signal',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -60,7 +60,7 @@ interface(`udev_exec',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -199,7 +199,7 @@ interface(`udev_read_db',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/unconfined.if b/policy/modules/system/unconfined.if
index c11cb30..416e668 100644
--- a/policy/modules/system/unconfined.if
+++ b/policy/modules/system/unconfined.if
@@ -185,7 +185,7 @@ interface(`unconfined_execmem_alias_program',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -203,7 +203,7 @@ interface(`unconfined_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	The type of the process performing this action.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="role">
@@ -227,7 +227,7 @@ interface(`unconfined_run',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -413,7 +413,7 @@ interface(`unconfined_read_pipes',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index fafdd3d..42ef0e1 100644
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -1356,7 +1356,7 @@ interface(`userdom_getattr_user_home_dirs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1543,7 +1543,7 @@ interface(`userdom_home_filetrans_user_home_dir',`
 ## </desc>
 ## <param name="source_domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 ## <param name="target_domain">
@@ -1568,7 +1568,7 @@ interface(`userdom_user_home_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain to not audit
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1643,7 +1643,7 @@ interface(`userdom_delete_user_home_content_dirs',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1837,7 +1837,7 @@ interface(`userdom_exec_user_home_content_files',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -1877,7 +1877,7 @@ interface(`userdom_manage_user_home_content_files',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -2493,7 +2493,7 @@ interface(`userdom_getattr_user_ttys',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -2529,7 +2529,7 @@ interface(`userdom_setattr_user_ttys',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -2620,7 +2620,7 @@ interface(`userdom_use_user_terminals',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -2641,7 +2641,7 @@ interface(`userdom_dontaudit_use_user_terminals',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -2664,7 +2664,7 @@ interface(`userdom_spec_domtrans_all_users',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -2687,7 +2687,7 @@ interface(`userdom_xsession_spec_domtrans_all_users',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -2710,7 +2710,7 @@ interface(`userdom_spec_domtrans_unpriv_users',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -2770,7 +2770,7 @@ interface(`userdom_manage_unpriv_user_shared_mem',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain allowed to transition.
 ##	</summary>
 ## </param>
 #
@@ -2934,7 +2934,7 @@ interface(`userdom_relabelto_user_ptys',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
@@ -2970,7 +2970,7 @@ interface(`userdom_write_user_tmp_files',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain allowed access.
+##	Domain to not audit.
 ##	</summary>
 ## </param>
 #
diff --git a/policy/modules/system/xen.if b/policy/modules/system/xen.if
index 086e8c6..77d41b6 100644
--- a/policy/modules/system/xen.if
+++ b/policy/modules/system/xen.if
@@ -24,7 +24,7 @@ interface(`xen_domtrans',`
 ## </summary>
 ## <param name="domain">
 ##	<summary>
-##	Domain to not audit.
+##	Domain allowed access.
 ##	</summary>
 ## </param>
 #
@@ -83,7 +83,7 @@ interface(`xen_read_image_files',`
 ## </summary>
 ## <param name="domain">
 ## 	<summary>
-##	Domain allowed to transition.
+##	Domain allowed access.
 ## 	</summary>
 ## </param>
 #
@@ -104,7 +104,7 @@ interface(`xen_rw_image_files',`
 ## </summary>
 ## <param name="domain">
 ## 	<summary>
-##	Domain allowed to transition.
+##	Domain allowed access.
 ## 	</summary>
 ## </param>
 #
-- 
1.7.2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100804/158d027a/attachment-0001.bin

                 reply	other threads:[~2010-08-04  9:22 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:54b9826 dfblob:7fddc24 dfblob:4cf09f6 dfblob:31853d4
dfblob:feef778 dfblob:89cc088 dfblob:1c51b4b dfblob:6bc7ca0
dfblob:b2b003d dfblob:e4376aa dfblob:8fdea3b dfblob:1ef2854
dfblob:321d2e6 dfblob:40eb10c dfblob:59f9068 dfblob:f6aafe7
dfblob:e0f0224 dfblob:ce48e44 dfblob:6aca04d dfblob:34335ce
dfblob:88e3b32 dfblob:663a47b dfblob:19e65b8 dfblob:4198ff5
dfblob:33ffdb6 dfblob:d97d16d dfblob:37292fd dfblob:0e3c2a9
dfblob:fa5684a dfblob:07af21c dfblob:779cc29 dfblob:58bc27f
dfblob:a70ed72 dfblob:17de283 dfblob:e1057e3 dfblob:6075331
dfblob:d7e78ad dfblob:66caf37 dfblob:b37cd5b dfblob:5dccc0a
dfblob:ac2b18b dfblob:fa701e9 dfblob:b3c7bfb dfblob:c817fda
dfblob:d37974c dfblob:9b75ca1 dfblob:8de660e dfblob:efa9c27
dfblob:938f800 dfblob:e1f9e5f dfblob:bfc4c75 dfblob:025348a
dfblob:c11cb30 dfblob:416e668 dfblob:fafdd3d dfblob:42ef0e1
dfblob:086e8c6 dfblob:77d41b6 )
 OR (
bs:"[refpolicy] [ system layer patch 1/1] system: domain { allowed to transition, allowed access, to not audit }." )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20100804092250.GA15656@localhost.localdomain \
    --to=domg472@gmail.com \
    --cc=refpolicy@oss.tresys.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.