diff options
author | Chris PeBenito <pebenito@ieee.org> | 2017-02-15 18:47:33 -0500 |
---|---|---|
committer | Jason Zaman <jason@perfinion.com> | 2017-02-17 16:13:38 +0800 |
commit | b8090bfeb7461011bfbbfc43d47caab6fc863d3d (patch) | |
tree | 6506d53221c4d5a0ca619d4cacbf4c861acccd84 /policy/modules/system/getty.te | |
parent | inherited file and fifo perms (diff) | |
download | hardened-refpolicy-b8090bfeb7461011bfbbfc43d47caab6fc863d3d.tar.gz hardened-refpolicy-b8090bfeb7461011bfbbfc43d47caab6fc863d3d.tar.bz2 hardened-refpolicy-b8090bfeb7461011bfbbfc43d47caab6fc863d3d.zip |
Sort capabilities permissions from Russell Coker.
Diffstat (limited to 'policy/modules/system/getty.te')
-rw-r--r-- | policy/modules/system/getty.te | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/policy/modules/system/getty.te b/policy/modules/system/getty.te index af8989978..69c2274d3 100644 --- a/policy/modules/system/getty.te +++ b/policy/modules/system/getty.te @@ -33,7 +33,7 @@ files_pid_file(getty_var_run_t) # # Use capabilities. -allow getty_t self:capability { dac_override chown setgid sys_admin sys_resource sys_tty_config fowner fsetid }; +allow getty_t self:capability { chown dac_override fowner fsetid setgid sys_admin sys_resource sys_tty_config }; dontaudit getty_t self:capability sys_tty_config; allow getty_t self:process { getpgid setpgid getsession signal_perms }; allow getty_t self:fifo_file rw_fifo_file_perms; |