From 47cf98ddd567c4e2e5142a116a07bfbe601ddd6c Mon Sep 17 00:00:00 2001
From: Dominick Grift <domg472@gmail.com>
Date: Sep 15 2010 15:42:28 +0000
Subject: Permission to get attributes of target devicekit_t, devicekit_disk_t and devicekit_power_t domains are included with ps_process_patterns.


Signed-off-by: Dominick Grift <domg472@gmail.com>

---

diff --git a/policy/modules/services/devicekit.if b/policy/modules/services/devicekit.if
index f706b99..70cf018 100644
--- a/policy/modules/services/devicekit.if
+++ b/policy/modules/services/devicekit.if
@@ -165,13 +165,13 @@ interface(`devicekit_admin',`
 		type devicekit_var_lib_t, devicekit_var_run_t, devicekit_tmp_t;
 	')
 
-	allow $1 devicekit_t:process { ptrace signal_perms getattr };
+	allow $1 devicekit_t:process { ptrace signal_perms };
 	ps_process_pattern($1, devicekit_t)
 
-	allow $1 devicekit_disk_t:process { ptrace signal_perms getattr };
+	allow $1 devicekit_disk_t:process { ptrace signal_perms };
 	ps_process_pattern($1, devicekit_disk_t)
 
-	allow $1 devicekit_power_t:process { ptrace signal_perms getattr };
+	allow $1 devicekit_power_t:process { ptrace signal_perms };
 	ps_process_pattern($1, devicekit_power_t)
 
 	admin_pattern($1, devicekit_tmp_t)