Hi Russel,
in the monit policy patch you sent to refpolicy mailing list, you
included the permission
allow monit_t self:sem rw_sem_perms;
In which scenario is this access required or how can I reproduce these audits?
This question came up on my followup patch [1].
Best regards,
Christian G?ttsche
[1] https://github.com/TresysTechnology/refpolicy-contrib/pull/53
On Saturday, 18 March 2017 2:50:04 PM AEDT cgzones wrote:
> in the monit policy patch you sent to refpolicy mailing list, you
> included the permission
>
> allow monit_t self:sem rw_sem_perms;
>
> In which scenario is this access required or how can I reproduce these
> audits? This question came up on my followup patch [1].
I don't recall. I took the policy you gave me and spent about 5 minutes doing
a quick test run and made a couple of minor changes, I had thought that part
came from you, but I guess not. If it's not something that you had in your
original policy and your use of it doesn't require that permission then feel
free to drop it. It's easy enough to add it again if we find a need for it.
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/