From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Fri, 4 Apr 2014 15:15:33 -0400
Subject: [refpolicy] [PATCH] apt: remove non-existing permission set
	write_dir_perms
In-Reply-To: <1394903591-7094-1-git-send-email-nicolas.iooss@m4x.org>
References: <1394903591-7094-1-git-send-email-nicolas.iooss@m4x.org>
Message-ID: <533F04D5.9060809@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 03/15/2014 01:13 PM, Nicolas Iooss wrote:
> write_dir_perms doesn't exist in policy/support/obj_perm_sets.spt so this
> patch removes the buggy dontaudit statement from apt_read_cache.
> ---
>  apt.if | 1 -
>  1 file changed, 1 deletion(-)
> 
> diff --git a/apt.if b/apt.if
> index cde81d2..0a1bc49 100644
> --- a/apt.if
> +++ b/apt.if
> @@ -171,7 +171,6 @@ interface(`apt_read_cache',`
>  
>  	files_search_var($1)
>  	allow $1 apt_var_cache_t:dir list_dir_perms;
> -	dontaudit $1 apt_var_cache_t:dir write_dir_perms;
>  	allow $1 apt_var_cache_t:file read_file_perms;
>  ')

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com