[selinux-policy: 12/3172] add dontaudit fs getattr
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 19:06:01 UTC 2010
commit 053f6a200a53d2873dac08009d32d40e462fe57d
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Tue Apr 19 18:56:47 2005 +0000
add dontaudit fs getattr
refpolicy/policy/modules/kernel/filesystem.if | 14 ++++++++++++++
1 files changed, 14 insertions(+), 0 deletions(-)
---
diff --git a/refpolicy/policy/modules/kernel/filesystem.if b/refpolicy/policy/modules/kernel/filesystem.if
index 078fc71..470d732 100644
--- a/refpolicy/policy/modules/kernel/filesystem.if
+++ b/refpolicy/policy/modules/kernel/filesystem.if
@@ -101,6 +101,20 @@ class filesystem getattr;
########################################
#
+# filesystem_ignore_read_persistent_filesystem_stats(domain,[`optional'])
+#
+define(`filesystem_ignore_read_persistent_filesystem_stats',`
+requires_block_template(filesystem_ignore_read_persistent_filesystem_stats_depend,$2)
+dontaudit $1 fs_t:filesystem getattr;
+')
+
+define(`filesystem_ignore_read_persistent_filesystem_stats_depend',`
+type fs_t;
+class filesystem getattr;
+')
+
+########################################
+#
# filesystem_mount_automount_filesystem(domain,[`optional'])
#
define(`filesystem_mount_automount_filesystem',`
More information about the scm-commits
mailing list