From: russell@coker.com.au (Russell Coker) Date: Sun, 19 Mar 2017 01:42:33 +1100 Subject: [refpolicy] monit policy In-Reply-To: References: Message-ID: <2460297.OH548OFQCT@russell.coker.com.au> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Saturday, 18 March 2017 2:50:04 PM AEDT cgzones wrote: > in the monit policy patch you sent to refpolicy mailing list, you > included the permission > > allow monit_t self:sem rw_sem_perms; > > In which scenario is this access required or how can I reproduce these > audits? This question came up on my followup patch [1]. I don't recall. I took the policy you gave me and spent about 5 minutes doing a quick test run and made a couple of minor changes, I had thought that part came from you, but I guess not. If it's not something that you had in your original policy and your use of it doesn't require that permission then feel free to drop it. It's easy enough to add it again if we find a need for it. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/