[selinux-policy] Remove allow_ptrace and replace it with deny_ptrace, which will remove all ptrace from the system Re
Daniel J Walsh
dwalsh at fedoraproject.org
Wed Oct 12 14:13:21 UTC 2011
commit 2f4dfeb4256cbc5fdec6ca70ef2e17754d671968
Author: Dan Walsh <dwalsh at redhat.com>
Date: Wed Oct 12 10:13:18 2011 -0400
Remove allow_ptrace and replace it with deny_ptrace, which will remove all
ptrace from the system
Remove 2000 dontaudit rules between confined domains on transition
and replace with single
dontaudit domain domain:process { noatsecure siginh rlimitinh } ;
dontaudit.patch | 23 -----------------------
selinux-policy.spec | 2 --
2 files changed, 0 insertions(+), 25 deletions(-)
---
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 93631ef..18e473b 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -29,7 +29,6 @@ patch4: execmem.patch
patch5: userdomain.patch
patch6: apache.patch
patch7: ptrace.patch
-patch8: dontaudit.patch
Source1: modules-targeted.conf
Source2: booleans-targeted.conf
Source3: Makefile.devel
@@ -250,7 +249,6 @@ Based off of reference policy: Checked out revision 2.20091117
%patch5 -p1 -b .userdomain
%patch6 -p1 -b .apache
%patch7 -p1 -b .ptrace
-%patch8 -p1 -b .dontaudit
%install
mkdir selinux_config
More information about the scm-commits
mailing list