Remove the second copy of a permission in instances where the exact same permission is repeated twice in a row
Signed-off-by: Daniel Burgener <Daniel.Burgener@microsoft.com>
This commit is contained in:
parent
4f846ea99d
commit
ce8f00538a
|
@ -109,7 +109,7 @@ ifdef(`enable_mls',`
|
||||||
# Cups local policy
|
# Cups local policy
|
||||||
#
|
#
|
||||||
|
|
||||||
allow cupsd_t self:capability { chown dac_override dac_override dac_read_search fowner fsetid ipc_lock kill setgid setuid sys_admin sys_rawio sys_resource sys_tty_config };
|
allow cupsd_t self:capability { chown dac_override dac_read_search fowner fsetid ipc_lock kill setgid setuid sys_admin sys_rawio sys_resource sys_tty_config };
|
||||||
dontaudit cupsd_t self:capability { net_admin sys_tty_config };
|
dontaudit cupsd_t self:capability { net_admin sys_tty_config };
|
||||||
allow cupsd_t self:capability2 block_suspend;
|
allow cupsd_t self:capability2 block_suspend;
|
||||||
allow cupsd_t self:process { getpgid setpgid setsched signal_perms };
|
allow cupsd_t self:process { getpgid setpgid setsched signal_perms };
|
||||||
|
|
|
@ -45,7 +45,7 @@ ifdef(`enable_mcs',`
|
||||||
# udev Local policy
|
# udev Local policy
|
||||||
#
|
#
|
||||||
|
|
||||||
allow udev_t self:capability { chown dac_override dac_read_search fowner fsetid mknod net_admin net_raw setgid setuid sys_admin sys_nice sys_nice sys_ptrace sys_rawio sys_resource };
|
allow udev_t self:capability { chown dac_override dac_read_search fowner fsetid mknod net_admin net_raw setgid setuid sys_admin sys_nice sys_ptrace sys_rawio sys_resource };
|
||||||
dontaudit udev_t self:capability sys_tty_config;
|
dontaudit udev_t self:capability sys_tty_config;
|
||||||
allow udev_t self:capability2 { wake_alarm block_suspend };
|
allow udev_t self:capability2 { wake_alarm block_suspend };
|
||||||
allow udev_t self:process { transition signal_perms ptrace getsched setsched getsession getpgid setpgid getcap setcap share getattr setfscreate noatsecure siginh rlimitinh dyntransition execmem setkeycreate setsockcreate getrlimit };
|
allow udev_t self:process { transition signal_perms ptrace getsched setsched getsession getpgid setpgid getcap setcap share getattr setfscreate noatsecure siginh rlimitinh dyntransition execmem setkeycreate setsockcreate getrlimit };
|
||||||
|
|
Loading…
Reference in New Issue