screen: add interface to dontaudit runtime sock file

Signed-off-by: Kenton Groombridge <me@concord.sh>

policy/modules/apps/screen.if

@@ -120,3 +120,21 @@ interface(`screen_execute_sock_file',`
 	allow $1 screen_runtime_t:sock_file execute;
 	allow $1 screen_tmp_t:dir search;
 ')
+
+########################################
+## <summary>
+##	Do not audit attempts to get the attributes
+##	of the screen runtime named socket.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain to not audit.
+##	</summary>
+## </param>
+interface(`screen_dontaudit_getattr_sock_file',`
+	gen_require(`
+		type screen_runtime_t;
+	')
+
+	dontaudit $1 screen_runtime_t:sock_file getattr;
+')