[selinux-policy: 43/3172] add missing transition dontaudits

[Daniel J Walsh]

commit b303042477208bfc3113a428fbe26f33593941d2
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Mon Apr 25 21:07:59 2005 +0000

    add missing transition dontaudits

 refpolicy/policy/modules/system/domain.if |    7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)
---
diff --git a/refpolicy/policy/modules/system/domain.if b/refpolicy/policy/modules/system/domain.if
index 9b65ac4..ebcb4d2 100644
--- a/refpolicy/policy/modules/system/domain.if
+++ b/refpolicy/policy/modules/system/domain.if
@@ -120,11 +120,12 @@ define(`domain_all_init_domains_transition',`
 requires_block_template(domain_all_init_domains_transition_depend,$3)
 allow $1 init_domain:process transition;
 allow $1 init_domain_entry:file { getattr read execute };
+dontaudit $1 daemon_domain:process { noatsecure siginh rlimitinh };
 ')
 
 define(`domain_all_init_domains_transition_depend',`
 attribute init_domain, init_domain_entry;
-class process transition;
+class process { transition noatsecure siginh rlimitinh };
 class file { getattr read execute };
 ')
 
@@ -136,11 +137,13 @@ define(`domain_all_daemon_domains_transition',`
 requires_block_template(domain_all_daemon_domains_transition_depend,$3)
 allow $1 daemon_domain:process transition;
 allow $1 daemon_domain_entry:file { getattr read execute };
+allow init_domain $1:fd use;
+dontaudit $1 daemon_domain:process { noatsecure siginh rlimitinh };
 ')
 
 define(`domain_all_daemon_domains_transition_depend',`
 attribute daemon_domain, daemon_domain_entry;
-class process transition;
+class process { transition noatsecure siginh rlimitinh };
 class file { getattr read execute };
 ')