From: guido@trentalancia.com (Guido Trentalancia) Date: Sat, 16 Sep 2017 23:39:04 +0200 Subject: [refpolicy] [PATCH 6/6] xserver: do not audit ioctl operations on log files Message-ID: <1505597944.13203.47.camel@trentalancia.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Do not audit ioctl operation attempts whenever write operations on the xserver log should not be audited. Signed-off-by: Guido Trentalancia --- policy/modules/services/xserver.if | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/policy/modules/services/xserver.if 2017-09-16 16:21:46.522402219 +0200 +++ b/policy/modules/services/xserver.if 2017-09-16 16:30:12.480405471 +0200 @@ -1129,7 +1129,7 @@ interface(`xserver_dontaudit_write_log', type xserver_log_t; ') - dontaudit $1 xserver_log_t:file { append write }; + dontaudit $1 xserver_log_t:file { append ioctl write }; ') ########################################