nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Adding dontaudit for sudo

Browse Source 
Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
This commit is contained in:
Sven Vermeulen 2012-03-22 21:13:34 +01:00 committed by Chris PeBenito
parent fbac862b89
commit fc2f5ea3b4
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
policy/modules/admin/sudo.if
View File

@ -136,6 +136,7 @@ template(`sudo_role_template',`
userdom_use_user_terminals($1_sudo_t) userdom_use_user_terminals($1_sudo_t)
# for some PAM modules and for cwd # for some PAM modules and for cwd
userdom_dontaudit_search_user_home_content($1_sudo_t) userdom_dontaudit_search_user_home_content($1_sudo_t)
userdom_dontaudit_search_user_home_dirs($1_sudo_t)
ifdef(`hide_broken_symptoms', ` ifdef(`hide_broken_symptoms', `
dontaudit $1_sudo_t $3:socket_class_set { read write }; dontaudit $1_sudo_t $3:socket_class_set { read write };