File foo2.patch of Package selinux-policy

Index: selinux-policy-20250528/dist/targeted/modules.conf
===================================================================
--- selinux-policy-20250528.orig/dist/targeted/modules.conf
+++ selinux-policy-20250528/dist/targeted/modules.conf
@@ -2678,13 +2678,6 @@ freeipmi = module
 snapper = module
 
 # Layer: contrib
-# Module: pcp
-# 
-# pcp policy
-#
-pcp = module
-
-# Layer: contrib
 # Module: geoclue
 #
 # Add policy for Geoclue. Geoclue is a D-Bus service that provides location information
Index: selinux-policy-20250528/policy/modules/contrib/pcp.fc
===================================================================
--- selinux-policy-20250528.orig/policy/modules/contrib/pcp.fc
+++ /dev/null
@@ -1,37 +0,0 @@
-/etc/rc\.d/init\.d/pmcd		--	gen_context(system_u:object_r:pcp_pmcd_initrc_exec_t,s0)
-/etc/rc\.d/init\.d/pmlogger 	--      gen_context(system_u:object_r:pcp_pmlogger_initrc_exec_t,s0)
-/etc/pcp/pmlogger/rc 		--      gen_context(system_u:object_r:pcp_pmlogger_initrc_exec_t,s0)
-/etc/rc\.d/init\.d/pmproxy 	--	gen_context(system_u:object_r:pcp_pmproxy_initrc_exec_t,s0)
-/etc/rc\.d/init\.d/pmie      --       gen_context(system_u:object_r:pcp_pmie_initrc_exec_t,s0)
-
-/usr/bin/pmie       --      gen_context(system_u:object_r:pcp_pmie_exec_t,s0)
-/usr/bin/pmcd	    --	    gen_context(system_u:object_r:pcp_pmcd_exec_t,s0)
-/usr/bin/pmlogger   --      gen_context(system_u:object_r:pcp_pmlogger_exec_t,s0)
-/usr/bin/pmproxy    --      gen_context(system_u:object_r:pcp_pmproxy_exec_t,s0)
-
-
-/usr/libexec/pcp/bin/pmcd	--	gen_context(system_u:object_r:pcp_pmcd_exec_t,s0)
-/usr/libexec/pcp/bin/pmlogger   --      gen_context(system_u:object_r:pcp_pmlogger_exec_t,s0)
-/usr/libexec/pcp/bin/pmproxy    --      gen_context(system_u:object_r:pcp_pmproxy_exec_t,s0)
-/usr/libexec/pcp/bin/pmie     --      gen_context(system_u:object_r:pcp_pmie_exec_t,s0)
-
-/usr/libexec/pcp/lib/pmcd	--	gen_context(system_u:object_r:pcp_pmcd_initrc_exec_t,s0)
-/usr/libexec/pcp/lib/pmlogger	--	gen_context(system_u:object_r:pcp_pmlogger_initrc_exec_t,s0)
-/usr/libexec/pcp/lib/pmproxy	--	gen_context(system_u:object_r:pcp_pmproxy_initrc_exec_t,s0)
-/usr/libexec/pcp/lib/pmie	--	gen_context(system_u:object_r:pcp_pmie_initrc_exec_t,s0)
-
-/usr/share/pcp/lib/pmie     --      gen_context(system_u:object_r:pcp_pmie_exec_t,s0)
-
-/usr/share/pcp/lib/pmlogger   --      gen_context(system_u:object_r:pcp_pmlogger_exec_t,s0)
-
-/var/lib/pcp(/.*)?		gen_context(system_u:object_r:pcp_var_lib_t,s0)
-
-/var/lib/pcp/pmdas/.*/Install   -- gen_context(system_u:object_r:pcp_plugin_exec_t,s0)
-/var/lib/pcp/pmdas/.*/Remove   -- gen_context(system_u:object_r:pcp_plugin_exec_t,s0)
-/var/lib/pcp/pmdas/.*/Upgrade   -- gen_context(system_u:object_r:pcp_plugin_exec_t,s0)
-
-/var/log/pcp(/.*)?		gen_context(system_u:object_r:pcp_log_t,s0)
-
-/run/pcp(/.*)?		gen_context(system_u:object_r:pcp_var_run_t,s0)
-/run/pmcd\.socket    --  gen_context(system_u:object_r:pcp_var_run_t,s0)
-/run/pmlogger\.primary\.socket    -l  gen_context(system_u:object_r:pcp_var_run_t,s0)
Index: selinux-policy-20250528/policy/modules/contrib/pcp.te
===================================================================
--- selinux-policy-20250528.orig/policy/modules/contrib/pcp.te
+++ /dev/null
@@ -1,320 +0,0 @@
-policy_module(pcp, 1.1.0)
-
-########################################
-#
-# Declarations
-#
-
-
-## <desc>
-## <p>
-## Allow pcp to bind to all unreserved_ports
-## </p>
-## </desc>
-gen_tunable(pcp_bind_all_unreserved_ports, false)
-
-## <desc>
-## <p>
-## Allow pcp to read generic logs
-## </p>
-## </desc>
-gen_tunable(pcp_read_generic_logs, false)
-
-attribute pcp_domain;
-
-pcp_domain_template(pmcd)
-pcp_domain_template(pmlogger)
-pcp_domain_template(pmproxy)
-pcp_domain_template(pmie)
-pcp_domain_template(plugin)
-
-type pcp_log_t;
-logging_log_file(pcp_log_t)
-
-type pcp_var_lib_t;
-files_type(pcp_var_lib_t)
-
-type pcp_var_run_t;
-files_pid_file(pcp_var_run_t)
-
-type pcp_tmp_t;
-files_tmp_file(pcp_tmp_t)
-
-type pcp_tmpfs_t;
-files_tmpfs_file(pcp_tmpfs_t)
-
-########################################
-#
-# pcp domain local  policy
-#
-
-allow pcp_domain self:capability { setuid setgid dac_read_search  };
-allow pcp_domain self:process signal_perms;
-allow pcp_domain self:tcp_socket create_stream_socket_perms;
-allow pcp_domain self:udp_socket create_socket_perms;
-allow pcp_domain self:netlink_route_socket create_socket_perms;
-allow pcp_domain self:unix_stream_socket connectto;
-
-corenet_tcp_connect_all_ephemeral_ports(pcp_domain)
-
-manage_dirs_pattern(pcp_domain, pcp_log_t, pcp_log_t)
-manage_files_pattern(pcp_domain, pcp_log_t, pcp_log_t)
-logging_log_filetrans(pcp_domain, pcp_log_t, { dir })
-
-manage_dirs_pattern(pcp_domain, pcp_var_lib_t, pcp_var_lib_t)
-manage_files_pattern(pcp_domain, pcp_var_lib_t, pcp_var_lib_t)
-manage_sock_files_pattern(pcp_domain, pcp_var_lib_t, pcp_var_lib_t)
-manage_lnk_files_pattern(pcp_domain, pcp_var_lib_t, pcp_var_lib_t)
-exec_files_pattern(pcp_domain, pcp_var_lib_t, pcp_var_lib_t)
-files_var_lib_filetrans(pcp_domain, pcp_var_lib_t, { dir})
-
-manage_dirs_pattern(pcp_domain, pcp_var_run_t, pcp_var_run_t)
-manage_files_pattern(pcp_domain, pcp_var_run_t, pcp_var_run_t)
-manage_sock_files_pattern(pcp_domain, pcp_var_run_t, pcp_var_run_t)
-manage_lnk_files_pattern(pcp_domain, pcp_var_run_t, pcp_var_run_t)
-files_pid_filetrans(pcp_domain, pcp_var_run_t, { dir file sock_file lnk_file })
-
-manage_dirs_pattern(pcp_domain, pcp_tmp_t, pcp_tmp_t)
-manage_files_pattern(pcp_domain, pcp_tmp_t, pcp_tmp_t)
-manage_sock_files_pattern(pcp_domain, pcp_tmp_t, pcp_tmp_t)
-files_tmp_filetrans(pcp_domain, pcp_tmp_t, { dir file sock_file })
-
-manage_dirs_pattern(pcp_domain, pcp_tmpfs_t, pcp_tmpfs_t)
-manage_files_pattern(pcp_domain, pcp_tmpfs_t, pcp_tmpfs_t)
-fs_tmpfs_filetrans(pcp_domain, pcp_tmpfs_t, { dir file })
-can_exec(pcp_domain, pcp_tmpfs_t)
-
-dev_read_urand(pcp_domain)
-
-files_read_etc_files(pcp_domain)
-
-fs_getattr_all_fs(pcp_domain)
-
-miscfiles_read_generic_certs(pcp_domain)
-
-sysnet_read_config(pcp_domain)
-
-tunable_policy(`pcp_bind_all_unreserved_ports',`
-    corenet_sendrecv_all_server_packets(pcp_pmcd_t)
-    corenet_sendrecv_all_server_packets(pcp_pmlogger_t)
-    corenet_tcp_bind_all_unreserved_ports(pcp_pmcd_t)
-    corenet_tcp_bind_all_unreserved_ports(pcp_pmlogger_t)
-    
-')
-
-
-########################################
-#
-# pcp_pmcd local  policy
-#
-
-allow pcp_pmcd_t self:capability { dac_read_search dac_override ipc_owner net_admin sys_admin sys_ptrace };
-allow pcp_pmcd_t self:process { setsched };
-allow pcp_pmcd_t self:unix_dgram_socket create_socket_perms;
-allow pcp_pmcd_t self:cap_userns sys_ptrace;
-
-kernel_get_sysvipc_info(pcp_pmcd_t)
-kernel_manage_perf_event(pcp_pmcd_t)
-kernel_read_debugfs(pcp_pmcd_t)
-kernel_read_network_state(pcp_pmcd_t)
-kernel_read_system_state(pcp_pmcd_t)
-kernel_read_state(pcp_pmcd_t)
-kernel_read_fs_sysctls(pcp_pmcd_t)
-kernel_read_rpc_sysctls(pcp_pmcd_t)
-kernel_search_network_sysctl(pcp_pmcd_t)
-kernel_read_net_sysctls(pcp_pmcd_t)
-
-corecmd_exec_bin(pcp_pmcd_t)
-
-corenet_tcp_bind_amqp_port(pcp_pmcd_t)
-corenet_tcp_connect_amqp_port(pcp_pmcd_t)
-corenet_tcp_connect_http_port(pcp_pmcd_t)
-corenet_udp_bind_statsd_port(pcp_pmcd_t)
-
-dev_read_sysfs(pcp_pmcd_t)
-dev_rw_lvm_control(pcp_pmcd_t)
-
-domain_read_all_domains_state(pcp_pmcd_t)
-domain_getattr_all_domains(pcp_pmcd_t)
-
-dev_getattr_all_blk_files(pcp_pmcd_t)
-dev_getattr_all_chr_files(pcp_pmcd_t)
-dev_read_sysfs(pcp_pmcd_t)
-dev_read_urand(pcp_pmcd_t)
-
-fs_getattr_all_fs(pcp_pmcd_t)
-fs_getattr_all_dirs(pcp_pmcd_t)
-fs_list_cgroup_dirs(pcp_pmcd_t)
-fs_read_cgroup_files(pcp_pmcd_t)
-fs_read_nfsd_files(pcp_pmcd_t)
-fs_search_tracefs_dirs(pcp_pmcd_t)
-
-init_read_utmp(pcp_pmcd_t)
-
-logging_send_syslog_msg(pcp_pmcd_t)
-
-lvm_domtrans(pcp_pmcd_t)
-
-storage_getattr_fixed_disk_dev(pcp_pmcd_t)
-storage_raw_read_fixed_disk(pcp_pmcd_t)
-
-userdom_read_user_tmp_files(pcp_pmcd_t)
-userdom_manage_unpriv_user_semaphores(pcp_pmcd_t)
-
-optional_policy(`
-	acct_search_data(pcp_pmcd_t)
-')
-
-optional_policy(`
-	cron_read_pid_files(pcp_pmcd_t)
-')
-
-optional_policy(`
-    container_manage_lib_files(pcp_pmcd_t)
-')
-
-optional_policy(`
-    mock_read_lib_files(pcp_pmcd_t)
-')
-
-optional_policy(`
-    mysql_stream_connect(pcp_pmcd_t)
-')
-
-optional_policy(`
-    dbus_system_bus_client(pcp_pmcd_t)
-
-    optional_policy(`
-        avahi_dbus_chat(pcp_pmcd_t)
-    ')
-')
-
-optional_policy(`
-    postfix_read_config(pcp_pmcd_t)
-    postfix_search_spool(pcp_pmcd_t)
-')
-
-optional_policy(`
-    raid_domtrans_mdadm(pcp_pmcd_t)
-    raid_access_check_mdadm(pcp_pmcd_t)
-')
-
-tunable_policy(`pcp_read_generic_logs',`
-    logging_read_generic_logs(pcp_pmcd_t)
-
-')
-
-########################################
-#
-# pcp_pmproxy local  policy
-#
-
-allow pcp_pmproxy_t self:process setsched;
-allow pcp_pmproxy_t self:unix_dgram_socket create_socket_perms;
-
-kernel_search_network_sysctl(pcp_pmproxy_t)
-
-logging_send_syslog_msg(pcp_pmproxy_t)
-
-optional_policy(`
-    dbus_system_bus_client(pcp_pmproxy_t)
-
-    optional_policy(`
-        avahi_dbus_chat(pcp_pmproxy_t)
-    ')
-')
-
-########################################
-#
-# pcp_pmie local  policy
-#
-allow pcp_pmie_t self:capability { chown fsetid sys_ptrace };
-allow pcp_pmie_t self:cap_userns sys_ptrace;
-allow pcp_pmie_t self:netlink_route_socket { create_socket_perms nlmsg_read };
-allow pcp_pmie_t self:unix_dgram_socket { create_socket_perms sendto };
-
-allow pcp_pmie_t pcp_pmcd_t:unix_stream_socket connectto;
-
-allow pcp_pmie_t pcp_pmcd_t:process signal;
-
-kernel_read_net_sysctls(pcp_pmie_t)
-kernel_read_network_state(pcp_pmie_t)
-kernel_read_system_state(pcp_pmie_t)
-kernel_dontaudit_request_load_module(pcp_pmie_t)
-
-can_exec(pcp_pmie_t, pcp_pmie_exec_t)
-
-corecmd_exec_bin(pcp_pmie_t)
-corecmd_getattr_all_executables(pcp_pmie_t)
-
-domain_read_all_domains_state(pcp_pmie_t)
-
-fs_search_cgroup_dirs(pcp_pmie_t)
-
-init_status(pcp_pmie_t)
-
-logging_send_syslog_msg(pcp_pmie_t)
-
-systemd_exec_systemctl(pcp_pmie_t)
-systemd_read_unit_files(pcp_pmie_t)
-systemd_search_unit_dirs(pcp_pmie_t)
-
-userdom_read_user_tmp_files(pcp_pmie_t)
-
-########################################
-#
-# pcp_pmlogger local  policy
-#
-
-allow pcp_pmlogger_t self:capability { dac_read_search dac_override chown fowner sys_ptrace };
-allow pcp_pmlogger_t self:process setpgid;
-allow pcp_pmlogger_t self:netlink_route_socket {create_socket_perms nlmsg_read };
-
-allow pcp_pmlogger_t pcp_pmcd_t:unix_stream_socket connectto;
-allow pcp_pmlogger_t self:unix_dgram_socket create_socket_perms;
-
-allow pcp_pmlogger_t pcp_pmlogger_exec_t:file execute_no_trans;
-
-dontaudit pcp_pmlogger_t self:cap_userns { sys_ptrace };
-
-kernel_read_system_state(pcp_pmlogger_t)
-kernel_read_network_state(pcp_pmlogger_t)
-kernel_read_all_sysctls(pcp_pmlogger_t)
-
-corecmd_exec_bin(pcp_pmlogger_t)
-
-corenet_tcp_bind_dey_sapi_port(pcp_pmlogger_t)
-corenet_tcp_bind_commplex_link_port(pcp_pmlogger_t)
-corenet_tcp_bind_generic_node(pcp_pmlogger_t)
-
-domain_read_all_domains_state(pcp_pmlogger_t)
-
-fs_mount_tracefs(pcp_pmlogger_t)
-fs_getattr_all_fs(pcp_pmlogger_t)
-
-init_read_utmp(pcp_pmlogger_t)
-init_status(pcp_pmlogger_t)
-
-logging_send_syslog_msg(pcp_pmlogger_t)
-
-systemd_exec_systemctl(pcp_pmlogger_t)
-systemd_getattr_unit_files(pcp_pmlogger_t)
-
-optional_policy(`
-    hostname_exec(pcp_pmlogger_t)
-')
-
-optional_policy(`
-    rpm_script_signal(pcp_pmlogger_t)
-')
-
-########################################
-#
-# pcp_plugin local  policy
-#
-
-domtrans_pattern(pcp_domain, pcp_plugin_exec_t, pcp_plugin_t)
-
-optional_policy(`
-    unconfined_domain(pcp_plugin_t)
-')
Places

File foo2.patch of Package selinux-policy

Places
