diff --git a/policy/modules/services/cgroup.if b/policy/modules/services/cgroup.if index 5770206..21d29ff 100644 --- a/policy/modules/services/cgroup.if +++ b/policy/modules/services/cgroup.if @@ -121,7 +121,7 @@ interface(`cgroup_admin',` gen_require(` type cgred_t, cgconfigparser_t, cgred_var_run_t; type cgconfig_etc_t, cgconfig_initrc_exec_t, cgred_initrc_exec_t; - type cgred_etc_t, cgroup_t; + type cgred_etc_t; ') allow $1 cgconfigparser_t:process { ptrace signal_perms getattr }; @@ -130,8 +130,6 @@ interface(`cgroup_admin',` allow $1 cgred_t:process { ptrace signal_perms getattr }; read_files_pattern($1, cgred_t, cgred_t) - admin_pattern($1, cgroup_t) - admin_pattern($1, cgconfig_etc_t) admin_pattern($1, cgred_etc_t) files_search_etc($1)