| 1 |
commit: e6119d9b84916327586cd41094684567ff29a69d |
| 2 |
Author: Kenton Groombridge <me <AT> concord <DOT> sh> |
| 3 |
AuthorDate: Tue Jan 18 01:09:47 2022 +0000 |
| 4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sun Jan 30 01:15:06 2022 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=e6119d9b |
| 7 |
|
| 8 |
container: drop old commented rules |
| 9 |
|
| 10 |
Signed-off-by: Kenton Groombridge <me <AT> concord.sh> |
| 11 |
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org> |
| 12 |
|
| 13 |
policy/modules/services/container.te | 5 ----- |
| 14 |
1 file changed, 5 deletions(-) |
| 15 |
|
| 16 |
diff --git a/policy/modules/services/container.te b/policy/modules/services/container.te |
| 17 |
index 82de38ee..1291768c 100644 |
| 18 |
--- a/policy/modules/services/container.te |
| 19 |
+++ b/policy/modules/services/container.te |
| 20 |
@@ -192,7 +192,6 @@ files_dontaudit_getattr_all_pipes(container_domain) |
| 21 |
files_dontaudit_getattr_all_sockets(container_domain) |
| 22 |
files_dontaudit_list_all_mountpoints(container_domain) |
| 23 |
files_dontaudit_write_etc_runtime_files(container_domain) |
| 24 |
-# files_entrypoint_all_files(container_domain) |
| 25 |
files_list_var(container_domain) |
| 26 |
files_list_var_lib(container_domain) |
| 27 |
files_search_all(container_domain) |
| 28 |
@@ -209,10 +208,6 @@ fs_manage_fusefs_symlinks(container_domain) |
| 29 |
fs_exec_fusefs_files(container_domain) |
| 30 |
fs_fusefs_entry_type(container_domain) |
| 31 |
|
| 32 |
-# fs_rw_inherited_tmpfs_files(container_domain) |
| 33 |
-# fs_rw_inherited_cifs_files(container_domain) |
| 34 |
-# fs_rw_inherited_noxattr_fs_files(container_domain) |
| 35 |
- |
| 36 |
auth_dontaudit_read_login_records(container_domain) |
| 37 |
auth_dontaudit_write_login_records(container_domain) |
| 38 |
auth_search_pam_console_data(container_domain) |
Archives