From 87e9fcf6365210468004ac8283fed3400b1306fb Mon Sep 17 00:00:00 2001 From: Miroslav Grepl Date: Nov 14 2012 16:59:11 +0000 Subject: Revert "Add files_dontaudit_list_tmp() for domains to which we added sys_nice/setsched" This reverts commit 012d8cc97f5fdbf2c473105fb5fe3ec54b89d860. --- diff --git a/cups.te b/cups.te index d62fe74..196238b 100644 --- a/cups.te +++ b/cups.te @@ -421,7 +421,6 @@ dev_read_rand(cupsd_config_t) dev_rw_generic_usb_dev(cupsd_config_t) files_search_all_mountpoints(cupsd_config_t) -files_dontaudit_list_tmp(cupsd_config_t) fs_getattr_all_fs(cupsd_config_t) fs_search_auto_mountpoints(cupsd_config_t) @@ -718,7 +717,6 @@ files_read_etc_files(hplip_t) files_read_etc_runtime_files(hplip_t) files_read_usr_files(hplip_t) files_dontaudit_write_usr_dirs(hplip_t) -files_dontaudit_list_tmp(hplip_t) fs_getattr_all_fs(hplip_t) fs_search_auto_mountpoints(hplip_t) diff --git a/fail2ban.te b/fail2ban.te index f1aa519..60cf17f 100644 --- a/fail2ban.te +++ b/fail2ban.te @@ -83,7 +83,6 @@ files_read_etc_runtime_files(fail2ban_t) files_read_usr_files(fail2ban_t) files_list_var(fail2ban_t) files_search_var_lib(fail2ban_t) -files_dontaudit_list_tmp(fail2ban_t) fs_list_inotifyfs(fail2ban_t) fs_getattr_all_fs(fail2ban_t) diff --git a/firewalld.te b/firewalld.te index 9a2b4db..72f0c9b 100644 --- a/firewalld.te +++ b/firewalld.te @@ -58,9 +58,9 @@ dev_read_urand(firewalld_t) domain_use_interactive_fds(firewalld_t) +files_list_tmp(firewalld_t) files_read_etc_files(firewalld_t) files_read_usr_files(firewalld_t) -files_dontaudit_list_tmp(firewalld_t) fs_getattr_xattr_fs(firewalld_t) diff --git a/logwatch.te b/logwatch.te index 0a72cd5..12abef6 100644 --- a/logwatch.te +++ b/logwatch.te @@ -75,7 +75,6 @@ files_dontaudit_search_home(logwatch_t) files_dontaudit_search_boot(logwatch_t) # Execs df and if file system mounted with a context avc raised files_dontaudit_search_all_dirs(logwatch_t) -files_dontaudit_list_tmp(logwatch_t) fs_getattr_all_fs(logwatch_t) fs_dontaudit_list_auto_mountpoints(logwatch_t) diff --git a/tuned.te b/tuned.te index f0b3e04..8843888 100644 --- a/tuned.te +++ b/tuned.te @@ -67,7 +67,7 @@ dev_rw_netcontrol(tuned_t) files_read_usr_files(tuned_t) files_dontaudit_search_home(tuned_t) -files_dontaudit_list_tmp(tuned_t) +files_list_tmp(tuned_t) fs_getattr_all_fs(tuned_t)