remove ceph code

This patch removes initial ceph code, due to license issue.

Change-Id: I092d44f601cdf34aed92300fe13214925563081c
Signed-off-by: Qiaowei Ren <qiaowei.ren@intel.com>

5 files changed, 0 insertions, 413 deletions

diff --git a/src/ceph/selinux/.gitignore b/src/ceph/selinux/.gitignore
deleted file mode 100644
index 6c00c98..0000000
--- a/src/ceph/selinux/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-/ceph.pp
-/tmp
diff --git a/src/ceph/selinux/CMakeLists.txt b/src/ceph/selinux/CMakeLists.txt
deleted file mode 100644
index d0a7e54..0000000
--- a/src/ceph/selinux/CMakeLists.txt
+++ /dev/null
@@ -1,11 +0,0 @@
-add_custom_target(
-  ceph.pp ALL
-  COMMAND ln -sf ${CMAKE_CURRENT_SOURCE_DIR}/ceph.* .
-  COMMAND make -f ${SELINUX_MAKEFILE} ceph.pp
-  DEPENDS ceph.te ceph.fc ceph.if)
-
-set(datadir ${CMAKE_INSTALL_PREFIX}/share/selinux)
-install(FILES ${CMAKE_CURRENT_BINARY_DIR}/ceph.pp
-  DESTINATION ${datadir}/packages)
-install(FILES ceph.if
-  DESTINATION ${datadir}/devel/include/contrib)
diff --git a/src/ceph/selinux/ceph.fc b/src/ceph/selinux/ceph.fc
deleted file mode 100644
index df47fe1..0000000
--- a/src/ceph/selinux/ceph.fc
+++ /dev/null
@@ -1,15 +0,0 @@
-/etc/rc\.d/init\.d/ceph		--	gen_context(system_u:object_r:ceph_initrc_exec_t,s0)
-/etc/rc\.d/init\.d/radosgw	--	gen_context(system_u:object_r:ceph_initrc_exec_t,s0)
-
-/usr/bin/ceph-mgr		--	gen_context(system_u:object_r:ceph_exec_t,s0)
-/usr/bin/ceph-mon		--	gen_context(system_u:object_r:ceph_exec_t,s0)
-/usr/bin/ceph-mds		--	gen_context(system_u:object_r:ceph_exec_t,s0)
-/usr/bin/ceph-osd		--	gen_context(system_u:object_r:ceph_exec_t,s0)
-/usr/bin/radosgw		--	gen_context(system_u:object_r:ceph_exec_t,s0)
-
-/var/lib/ceph(/.*)?		gen_context(system_u:object_r:ceph_var_lib_t,s0)
-
-/var/log/ceph(/.*)?		gen_context(system_u:object_r:ceph_log_t,s0)
-/var/log/radosgw(/.*)?		gen_context(system_u:object_r:ceph_log_t,s0)
-
-/var/run/ceph(/.*)?		gen_context(system_u:object_r:ceph_var_run_t,s0)
diff --git a/src/ceph/selinux/ceph.if b/src/ceph/selinux/ceph.if
deleted file mode 100644
index ed747a8..0000000
--- a/src/ceph/selinux/ceph.if
+++ /dev/null
@@ -1,265 +0,0 @@
-
-## <summary>policy for ceph</summary>
-
-########################################
-## <summary>
-##	Execute ceph_exec_t in the ceph domain.
-## </summary>
-## <param name="domain">
-## <summary>
-##	Domain allowed to transition.
-## </summary>
-## </param>
-#
-interface(`ceph_domtrans',`
-	gen_require(`
-		type ceph_t, ceph_exec_t;
-	')
-
-	corecmd_search_bin($1)
-	domtrans_pattern($1, ceph_exec_t, ceph_t)
-')
-
-######################################
-## <summary>
-##	Execute ceph in the caller domain.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`ceph_exec',`
-	gen_require(`
-		type ceph_exec_t;
-	')
-
-	corecmd_search_bin($1)
-	can_exec($1, ceph_exec_t)
-')
-
-########################################
-## <summary>
-##	Execute ceph server in the ceph domain.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`ceph_initrc_domtrans',`
-	gen_require(`
-		type ceph_initrc_exec_t;
-	')
-
-	init_labeled_script_domtrans($1, ceph_initrc_exec_t)
-')
-########################################
-## <summary>
-##	Read ceph's log files.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-## <rolecap/>
-#
-interface(`ceph_read_log',`
-	gen_require(`
-		type ceph_log_t;
-	')
-
-	logging_search_logs($1)
-	read_files_pattern($1, ceph_log_t, ceph_log_t)
-')
-
-########################################
-## <summary>
-##	Append to ceph log files.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`ceph_append_log',`
-	gen_require(`
-		type ceph_log_t;
-	')
-
-	logging_search_logs($1)
-	append_files_pattern($1, ceph_log_t, ceph_log_t)
-')
-
-########################################
-## <summary>
-##	Manage ceph log files
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`ceph_manage_log',`
-	gen_require(`
-		type ceph_log_t;
-	')
-
-	logging_search_logs($1)
-	manage_dirs_pattern($1, ceph_log_t, ceph_log_t)
-	manage_files_pattern($1, ceph_log_t, ceph_log_t)
-	manage_lnk_files_pattern($1, ceph_log_t, ceph_log_t)
-')
-
-########################################
-## <summary>
-##	Search ceph lib directories.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`ceph_search_lib',`
-	gen_require(`
-		type ceph_var_lib_t;
-	')
-
-	allow $1 ceph_var_lib_t:dir search_dir_perms;
-	files_search_var_lib($1)
-')
-
-########################################
-## <summary>
-##	Read ceph lib files.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`ceph_read_lib_files',`
-	gen_require(`
-		type ceph_var_lib_t;
-	')
-
-	files_search_var_lib($1)
-	read_files_pattern($1, ceph_var_lib_t, ceph_var_lib_t)
-')
-
-########################################
-## <summary>
-##	Manage ceph lib files.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`ceph_manage_lib_files',`
-	gen_require(`
-		type ceph_var_lib_t;
-	')
-
-	files_search_var_lib($1)
-	manage_files_pattern($1, ceph_var_lib_t, ceph_var_lib_t)
-')
-
-########################################
-## <summary>
-##	Manage ceph lib directories.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`ceph_manage_lib_dirs',`
-	gen_require(`
-		type ceph_var_lib_t;
-	')
-
-	files_search_var_lib($1)
-	manage_dirs_pattern($1, ceph_var_lib_t, ceph_var_lib_t)
-')
-
-########################################
-## <summary>
-##	Read ceph PID files.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`ceph_read_pid_files',`
-	gen_require(`
-		type ceph_var_run_t;
-	')
-
-	files_search_pids($1)
-	read_files_pattern($1, ceph_var_run_t, ceph_var_run_t)
-')
-
-
-########################################
-## <summary>
-##	All of the rules required to administrate
-##	an ceph environment
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-## <param name="role">
-##	<summary>
-##	Role allowed access.
-##	</summary>
-## </param>
-## <rolecap/>
-#
-interface(`ceph_admin',`
-	gen_require(`
-		type ceph_t;
-		type ceph_initrc_exec_t;
-		type ceph_log_t;
-		type ceph_var_lib_t;
-		type ceph_var_run_t;
-	')
-
-	allow $1 ceph_t:process { signal_perms };
-	ps_process_pattern($1, ceph_t)
-
-    tunable_policy(`deny_ptrace',`',`
-        allow $1 ceph_t:process ptrace;
-    ')
-
-	ceph_initrc_domtrans($1)
-	domain_system_change_exemption($1)
-	role_transition $2 ceph_initrc_exec_t system_r;
-	allow $2 system_r;
-
-	logging_search_logs($1)
-	admin_pattern($1, ceph_log_t)
-
-	files_search_var_lib($1)
-	admin_pattern($1, ceph_var_lib_t)
-
-	files_search_pids($1)
-	admin_pattern($1, ceph_var_run_t)
-	optional_policy(`
-		systemd_passwd_agent_exec($1)
-		systemd_read_fifo_file_passwd_run($1)
-	')
-')
diff --git a/src/ceph/selinux/ceph.te b/src/ceph/selinux/ceph.te
deleted file mode 100644
index 0a93498..0000000
--- a/src/ceph/selinux/ceph.te
+++ /dev/null
@@ -1,120 +0,0 @@
-policy_module(ceph, 1.1.1)
-
-require {
-	type sysfs_t;
-	type var_run_t;
-	type random_device_t;
-	type urandom_device_t;
-	type setfiles_t;
-	type nvme_device_t;
-	class sock_file unlink;
-	class lnk_file read;
-	class dir read;
-	class file { getattr read open };
-	class blk_file { getattr ioctl open read write };
-}
-
-########################################
-#
-# Declarations
-#
-
-type ceph_t;
-type ceph_exec_t;
-init_daemon_domain(ceph_t, ceph_exec_t)
-
-permissive ceph_t;
-
-type ceph_initrc_exec_t;
-init_script_file(ceph_initrc_exec_t)
-
-type ceph_log_t;
-logging_log_file(ceph_log_t)
-
-type ceph_var_lib_t;
-files_type(ceph_var_lib_t)
-
-type ceph_var_run_t;
-files_pid_file(ceph_var_run_t)
-
-########################################
-#
-# ceph local policy
-#
-
-allow ceph_t self:process { signal_perms };
-allow ceph_t self:fifo_file rw_fifo_file_perms;
-allow ceph_t self:unix_stream_socket create_stream_socket_perms;
-allow ceph_t self:capability { setuid setgid dac_override };
-
-manage_dirs_pattern(ceph_t, ceph_log_t, ceph_log_t)
-manage_files_pattern(ceph_t, ceph_log_t, ceph_log_t)
-manage_lnk_files_pattern(ceph_t, ceph_log_t, ceph_log_t)
-
-manage_dirs_pattern(ceph_t, ceph_var_lib_t, ceph_var_lib_t)
-manage_files_pattern(ceph_t, ceph_var_lib_t, ceph_var_lib_t)
-manage_lnk_files_pattern(ceph_t, ceph_var_lib_t, ceph_var_lib_t)
-
-manage_dirs_pattern(ceph_t, ceph_var_run_t, ceph_var_run_t)
-manage_files_pattern(ceph_t, ceph_var_run_t, ceph_var_run_t)
-manage_lnk_files_pattern(ceph_t, ceph_var_run_t, ceph_var_run_t)
-
-kernel_read_system_state(ceph_t)
-kernel_read_network_state(ceph_t)
-
-corenet_all_recvfrom_unlabeled(ceph_t)
-corenet_all_recvfrom_netlabel(ceph_t)
-corenet_udp_sendrecv_generic_if(ceph_t)
-corenet_udp_sendrecv_generic_node(ceph_t)
-corenet_udp_bind_generic_node(ceph_t)
-corenet_tcp_bind_generic_node(ceph_t)
-
-corenet_sendrecv_cyphesis_server_packets(ceph_t)
-corenet_tcp_bind_cyphesis_port(ceph_t)
-corenet_tcp_sendrecv_cyphesis_port(ceph_t)
-
-corecmd_exec_bin(ceph_t)
-corecmd_exec_shell(ceph_t)
-
-dev_read_urand(ceph_t)
-
-domain_read_all_domains_state(ceph_t)
-
-fs_getattr_all_fs(ceph_t)
-
-auth_use_nsswitch(ceph_t)
-
-logging_send_syslog_msg(ceph_t)
-
-sysnet_dns_name_resolve(ceph_t)
-
-allow ceph_t nvme_device_t:blk_file { getattr ioctl open read write };
-
-# basis for future security review
-allow ceph_t ceph_var_run_t:sock_file { create unlink write setattr };
-allow ceph_t self:capability { sys_rawio chown };
-
-allow ceph_t self:tcp_socket { accept listen };
-corenet_tcp_connect_cyphesis_port(ceph_t)
-corenet_tcp_connect_generic_port(ceph_t)
-files_list_tmp(ceph_t)
-files_manage_generic_tmp_files(ceph_t)
-fstools_exec(ceph_t)
-nis_use_ypbind_uncond(ceph_t)
-storage_raw_rw_fixed_disk(ceph_t)
-files_manage_generic_locks(ceph_t)
-
-allow ceph_t sysfs_t:dir read;
-allow ceph_t sysfs_t:file { read getattr open };
-allow ceph_t sysfs_t:lnk_file { read getattr };
-
-allow ceph_t random_device_t:chr_file getattr;
-allow ceph_t urandom_device_t:chr_file getattr;
-allow ceph_t self:process setpgid;
-allow ceph_t var_run_t:dir { write create add_name };
-allow ceph_t var_run_t:file { read write create open getattr };
-
-fsadm_manage_pid(ceph_t)
-
-#============= setfiles_t ==============
-allow setfiles_t ceph_var_lib_t:file write;