From: guido@trentalancia.net (Guido Trentalancia)
Date: Fri, 14 Apr 2017 01:25:11 +0200
Subject: [refpolicy] [PATCH 5/10] evolution: do not audit kernel read state
Message-ID: <1492125911.14193.43.camel@trentalancia.net>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Update the evolution module in order to not audit unnecessary
permissions.

Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
---
 policy/modules/contrib/evolution.te |    2 ++
 1 file changed, 2 insertions(+)

--- refpolicy-2.20170204-orig/policy/modules/contrib/evolution.te	2017-04-13 13:15:17.786342624 +0200
+++ refpolicy-2.20170204/policy/modules/contrib/evolution.te	2017-04-13 13:13:45.236343002 +0200
@@ -312,6 +312,8 @@ stream_connect_pattern(evolution_alarm_t
 stream_connect_pattern(evolution_alarm_t, evolution_exchange_orbit_tmp_t, evolution_exchange_orbit_tmp_t, evolution_exchange_t)
 stream_connect_pattern(evolution_alarm_t, evolution_server_orbit_tmp_t, evolution_server_orbit_tmp_t, evolution_server_t)
 
+kernel_dontaudit_read_system_state(evolution_alarm_t)
+
 dev_read_urand(evolution_alarm_t)
 
 files_read_usr_files(evolution_alarm_t)