vmojzis / rpms / fapolicyd

Forked from rpms/fapolicyd 2 years ago
Clone
Source Code
GIT

Files

f28 f29 f30 f31 f32 f33 f34 main rawhide
  1.   main
  2.   fapolicyd-revert-watch-selinux.patch
Blob Blame History Raw 
From c61dbd615b73c1fa0d66943e35ce6475f64ef7a9 Mon Sep 17 00:00:00 2001
From: Radovan Sroka <rsroka@redhat.com>
Date: Thu, 25 Mar 2021 21:38:45 +0100
Subject: [PATCH] Revert "Allow fapolicyd watch directories"

This reverts commit ed8aac4ef057fc7e5051041bbf7e9bb6dfb12915.
---
 fapolicyd.te | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/fapolicyd-selinux-0.4/fapolicyd.te b/fapolicyd-selinux-0.4/fapolicyd.te
index f5d0052..bd71e0f 100644
--- a/fapolicyd-selinux-0.4/fapolicyd.te
+++ b/fapolicyd-selinux-0.4/fapolicyd.te
@@ -63,21 +63,11 @@ domain_read_all_domains_state(fapolicyd_t)
 
 files_mmap_usr_files(fapolicyd_t)
 files_read_all_files(fapolicyd_t)
-files_watch_mount_generic_tmp_dirs(fapolicyd_t)
-files_watch_with_perm_generic_tmp_dirs(fapolicyd_t)
-files_watch_mount_root_dirs(fapolicyd_t)
-files_watch_with_perm_root_dirs(fapolicyd_t)
-
 fs_getattr_xattr_fs(fapolicyd_t)
-fs_watch_mount_tmpfs_dirs(fapolicyd_t)
-fs_watch_with_perm_tmpfs_dirs(fapolicyd_t)
 
 logging_send_syslog_msg(fapolicyd_t)
 dbus_system_bus_client(fapolicyd_t)
 
-userdom_watch_mount_tmp_dirs(fapolicyd_t)
-userdom_watch_with_perm_tmp_dirs(fapolicyd_t)
-
 optional_policy(`
         rpm_read_db(fapolicyd_t)
         allow fapolicyd_t rpm_var_lib_t:file { create };
-- 
2.26.3
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.