Do not audit the use of portage' filedescriptors from load_policy_t

During build and eventual activation of the base policy, the load_policy_t domain attempts to use a portage file descriptor. However, this serves no purpose (the loading is done correctly and everything is logged appropriately). Hence, we dontaudit this use. Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
2011-08-23 15:39:56 +02:00 · 2011-08-23 15:39:56 +02:00 · 5d77246f5f
commit 5d77246f5f
parent 137f7366ee
1 changed files with 4 additions and 0 deletions
--- a/policy/modules/system/selinuxutil.te
+++ b/policy/modules/system/selinuxutil.te
@ -199,6 +199,10 @@ ifdef(`hide_broken_symptoms',`
 	')
 ')

+optional_policy(`
+	portage_dontaudit_use_fds(load_policy_t)
+')
+
 ########################################
 #
 # Newrole local policy