[PATCH] refpolicy: kernel_selinux changes

Eliminates lots of avc messages generated by change in libselinux --- nsaserefpolicy/policy/modules/kernel/selinux.if 2007-07-03 07:05:38.000000000 -0400 +++ serefpolicy-3.0.5/policy/modules/kernel/selinux.if 2007-08-02 11:02:02.000000000 -0400 @@ -138,6 +139,7 @@ type security_t; ')
+ selinux_dontaudit_getattr_fs($1)
dontaudit $1 security_t:dir search_dir_perms; dontaudit $1 security_t:file { getattr read };  ')
@@ -159,6 +161,7 @@ type security_t; ')
+ selinux_get_fs_mount($1)
allow $1 security_t:dir list_dir_perms; allow $1 security_t:file { getattr read };  ') -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.

• This message: [ Message body ]
• Next message: dwalsh_at_nospam: "[PATCH] refpolicy: system_netlabel changes"
• Previous message: Stephen Smalley: "Re: strict/targeted merge snag"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]