From d2c57395ab2372913809610eaef4807e8414865e Mon Sep 17 00:00:00 2001 From: Don Miner Date: Oct 24 2005 22:20:04 +0000 Subject: Fixed an allow that should have been a dontaudit --- diff --git a/refpolicy/policy/modules/services/bluetooth.if b/refpolicy/policy/modules/services/bluetooth.if index d0b4322..0965ddb 100644 --- a/refpolicy/policy/modules/services/bluetooth.if +++ b/refpolicy/policy/modules/services/bluetooth.if @@ -8,11 +8,11 @@ ## Domain allowed access. ## # -interface(`bluetooth_read_helper_files',` +interface(`bluetooth_dontaudit_read_helper_files',` gen_require(` type bluetooth_helper_t; ') - allow $1 bluetooth_helper_t:dir search; - allow $1 bluetooth_helper_t:file { read getattr }; + dontaudit $1 bluetooth_helper_t:dir search; + dontaudit $1 bluetooth_helper_t:file { read getattr }; ') diff --git a/refpolicy/policy/modules/services/networkmanager.te b/refpolicy/policy/modules/services/networkmanager.te index afc0dbf..3b17fa7 100644 --- a/refpolicy/policy/modules/services/networkmanager.te +++ b/refpolicy/policy/modules/services/networkmanager.te @@ -112,7 +112,7 @@ ifdef(`targeted_policy', ` ') optional_policy(`bluetooth.te',` - bluetooth_read_helper_files(NetworkManager_t) + bluetooth_dontaudit_read_helper_files(NetworkManager_t) ') optional_policy(`consoletype.te',`