dontaudit mount writes to newly mounted filesystems
Signed-off-by: Chris Richards <gizmo@giz-works.com>
This commit is contained in:
Chris Richards
Chris PeBenito
parent
7644a58c1f
commit
55d8395f49
|
|
@ -3789,6 +3789,25 @@ interface(`fs_manage_tmpfs_dirs',`
|
||||||
allow $1 tmpfs_t:dir manage_dir_perms;
|
allow $1 tmpfs_t:dir manage_dir_perms;
|
||||||
')
|
')
|
||||||
|
|
||||||
|
########################################
|
||||||
|
## <summary>
|
||||||
|
## Do not audit attempts to write
|
||||||
|
## tmpfs directories
|
||||||
|
## </summary>
|
||||||
|
## <param name="domain">
|
||||||
|
## <summary>
|
||||||
|
## Domain allowed access.
|
||||||
|
## </summary>
|
||||||
|
## </param>
|
||||||
|
#
|
||||||
|
interface(`fs_dontaudit_write_tmpfs_dirs',`
|
||||||
|
gen_require(`
|
||||||
|
type tmpfs_t;
|
||||||
|
')
|
||||||
|
|
||||||
|
dontaudit $1 tmpfs_t:dir write;
|
||||||
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Create an object in a tmpfs filesystem, with a private
|
## Create an object in a tmpfs filesystem, with a private
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue