[refpolicy] [ patch 31/44] su: do not audit attempts to search /root.
Dominick Grift
domg472 at gmail.com
Mon Oct 4 13:23:43 CDT 2010
Signed-off-by: Dominick Grift <domg472 at gmail.com>
---
:100644 100644 a0aa8c5... 9337ed7... M policy/modules/admin/su.if
policy/modules/admin/su.if | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
diff --git a/policy/modules/admin/su.if b/policy/modules/admin/su.if
index a0aa8c5..9337ed7 100644
--- a/policy/modules/admin/su.if
+++ b/policy/modules/admin/su.if
@@ -223,6 +223,7 @@ template(`su_role_template',`
files_read_etc_runtime_files($1_su_t)
files_search_var_lib($1_su_t)
files_dontaudit_getattr_tmp_dirs($1_su_t)
+ files_dontaudit_list_default($1_su_t)
init_dontaudit_use_fds($1_su_t)
# Write to utmp.
--
1.7.2.3
More information about the refpolicy
mailing list