Do not audit ioctl operation attempts whenever write
operations on the xserver log should not be audited.
Signed-off-by: Guido Trentalancia <[email protected]>
---
policy/modules/services/xserver.if | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/policy/modules/services/xserver.if 2017-09-16 16:21:46.522402219 +0200
+++ b/policy/modules/services/xserver.if 2017-09-16 16:30:12.480405471 +0200
@@ -1129,7 +1129,7 @@ interface(`xserver_dontaudit_write_log',
type xserver_log_t;
')
- dontaudit $1 xserver_log_t:file { append write };
+ dontaudit $1 xserver_log_t:file { append ioctl write };
')
########################################
On 09/16/2017 05:39 PM, Guido Trentalancia via refpolicy wrote:
> Do not audit ioctl operation attempts whenever write
> operations on the xserver log should not be audited.
>
> Signed-off-by: Guido Trentalancia <[email protected]>
> ---
> policy/modules/services/xserver.if | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> --- a/policy/modules/services/xserver.if 2017-09-16 16:21:46.522402219 +0200
> +++ b/policy/modules/services/xserver.if 2017-09-16 16:30:12.480405471 +0200
> @@ -1129,7 +1129,7 @@ interface(`xserver_dontaudit_write_log',
> type xserver_log_t;
> ')
>
> - dontaudit $1 xserver_log_t:file { append write };
> + dontaudit $1 xserver_log_t:file { append ioctl write };
> ')
>
> ########################################
Merged.
--
Chris PeBenito