commit: a84cf781659c60e5684f8759e85d9a9267a13c87
Author: James Carter <jwcart2 <AT> tycho <DOT> nsa <DOT> gov>
AuthorDate: Wed Apr 11 18:56:34 2018 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Apr 22 11:53:03 2018 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=a84cf781
Remove use of undeclared attribute from portage.te
Removed two dontaudit rules that referred to device_type.
This attribute was not declared in policy and its only use was in a
TODO ifdef block in portage.te.
Signed-off-by: James Carter <jwcart2 <AT> tycho.nsa.gov>
policy/modules/contrib/portage.te | 2 --
1 file changed, 2 deletions(-)
diff --git a/policy/modules/contrib/portage.te
b/policy/modules/contrib/portage.te
index 224eedc0..b033e44f 100644
--- a/policy/modules/contrib/portage.te
+++ b/policy/modules/contrib/portage.te
@@ -241,8 +241,6 @@ ifdef(`TODO',`
# seems to work ok without these
dontaudit portage_t device_t:{ blk_file chr_file } getattr;
dontaudit portage_t proc_t:dir setattr_dir_perms;
-dontaudit portage_t device_type:chr_file read_chr_file_perms;
-dontaudit portage_t device_type:blk_file read_blk_file_perms;
')
##########################################
