diff options
author | Guido Trentalancia <guido@trentalancia.com> | 2017-09-16 23:39:04 +0200 |
---|---|---|
committer | Jason Zaman <jason@perfinion.com> | 2017-10-29 20:58:03 +0800 |
commit | 184b5ccd5d2ff9b8b573c31b887b882ea0ceeae5 (patch) | |
tree | 131563dd587eb4f64e276e7d24b6b037555fc27c /policy/modules/services/xserver.if | |
parent | Avoid memory leak warning. (diff) | |
download | hardened-refpolicy-184b5ccd5d2ff9b8b573c31b887b882ea0ceeae5.tar.gz hardened-refpolicy-184b5ccd5d2ff9b8b573c31b887b882ea0ceeae5.tar.bz2 hardened-refpolicy-184b5ccd5d2ff9b8b573c31b887b882ea0ceeae5.zip |
xserver: do not audit ioctl operations on log files
Do not audit ioctl operation attempts whenever write
operations on the xserver log should not be audited.
Signed-off-by: Guido Trentalancia <guido@trentalancia.com>
Diffstat (limited to 'policy/modules/services/xserver.if')
-rw-r--r-- | policy/modules/services/xserver.if | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/policy/modules/services/xserver.if b/policy/modules/services/xserver.if index 13f80093..e0c5be82 100644 --- a/policy/modules/services/xserver.if +++ b/policy/modules/services/xserver.if @@ -1129,7 +1129,7 @@ interface(`xserver_dontaudit_write_log',` type xserver_log_t; ') - dontaudit $1 xserver_log_t:file { append write }; + dontaudit $1 xserver_log_t:file { append ioctl write }; ') ######################################## |