[selinux-policy: 54/3172] add console dontaudit
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 19:09:39 UTC 2010
commit 81198502973c1ec58514f2050647806396a37cfb
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Wed Apr 27 21:54:39 2005 +0000
add console dontaudit
refpolicy/policy/modules/kernel/terminal.if | 14 ++++++++++++++
1 files changed, 14 insertions(+), 0 deletions(-)
---
diff --git a/refpolicy/policy/modules/kernel/terminal.if b/refpolicy/policy/modules/kernel/terminal.if
index 3887e74..e1002e5 100644
--- a/refpolicy/policy/modules/kernel/terminal.if
+++ b/refpolicy/policy/modules/kernel/terminal.if
@@ -43,6 +43,20 @@ devices_list_device_nodes_depend
########################################
#
+# terminal_ignore_use_console(domain,[`optional'])
+#
+define(`terminal_ignore_use_console',`
+requires_block_template(terminal_ignore_use_console_depend,$2)
+dontaudit $1 console_device_t:chr_file { read write };
+')
+
+define(`terminal_ignore_use_console_depend',`
+type console_device_t;
+class chr_file { read write };
+')
+
+########################################
+#
# terminal_use_controlling_terminal(domain,[`optional'])
#
define(`terminal_use_controlling_terminal',`
More information about the scm-commits
mailing list