From: guido@trentalancia.net (Guido Trentalancia) Date: Fri, 14 Apr 2017 01:25:11 +0200 Subject: [refpolicy] [PATCH 5/10] evolution: do not audit kernel read state Message-ID: <1492125911.14193.43.camel@trentalancia.net> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Update the evolution module in order to not audit unnecessary permissions. Signed-off-by: Guido Trentalancia --- policy/modules/contrib/evolution.te | 2 ++ 1 file changed, 2 insertions(+) --- refpolicy-2.20170204-orig/policy/modules/contrib/evolution.te 2017-04-13 13:15:17.786342624 +0200 +++ refpolicy-2.20170204/policy/modules/contrib/evolution.te 2017-04-13 13:13:45.236343002 +0200 @@ -312,6 +312,8 @@ stream_connect_pattern(evolution_alarm_t stream_connect_pattern(evolution_alarm_t, evolution_exchange_orbit_tmp_t, evolution_exchange_orbit_tmp_t, evolution_exchange_t) stream_connect_pattern(evolution_alarm_t, evolution_server_orbit_tmp_t, evolution_server_orbit_tmp_t, evolution_server_t) +kernel_dontaudit_read_system_state(evolution_alarm_t) + dev_read_urand(evolution_alarm_t) files_read_usr_files(evolution_alarm_t)