Merge pull request from gtrentalancia/mix_fixes_pr2

Miscellaneous fixes
This commit is contained in:
Chris PeBenito 2023-09-11 09:38:05 -04:00 committed by GitHub
commit 9967edaebe
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 0 additions and 26 deletions
policy/modules

View File

@ -120,7 +120,6 @@ init_manage_all_units(logrotate_t)
logging_manage_all_logs(logrotate_t)
logging_send_syslog_msg(logrotate_t)
logging_send_audit_msgs(logrotate_t)
logging_exec_all_logs(logrotate_t)
miscfiles_read_generic_certs(logrotate_t)
miscfiles_read_localization(logrotate_t)

View File

@ -1098,28 +1098,6 @@ interface(`logging_watch_all_logs',`
allow $1 logfile:file watch;
')
########################################
## <summary>
## Execute all log files in the caller domain.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
# cjp: not sure why this is needed. This was added
# because of logrotate.
interface(`logging_exec_all_logs',`
gen_require(`
attribute logfile;
')
files_search_var($1)
allow $1 logfile:dir list_dir_perms;
can_exec($1, logfile)
')
########################################
## <summary>
## read/write to all log files.

View File

@ -61,9 +61,6 @@ interface(`mount_exec',`
type mount_exec_t;
')
# cjp: this should be removed:
allow $1 mount_exec_t:dir list_dir_perms;
allow $1 mount_exec_t:lnk_file read_lnk_file_perms;
corecmd_search_bin($1)
can_exec($1, mount_exec_t)