1 |
commit: e6119d9b84916327586cd41094684567ff29a69d |
2 |
Author: Kenton Groombridge <me <AT> concord <DOT> sh> |
3 |
AuthorDate: Tue Jan 18 01:09:47 2022 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Sun Jan 30 01:15:06 2022 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=e6119d9b |
7 |
|
8 |
container: drop old commented rules |
9 |
|
10 |
Signed-off-by: Kenton Groombridge <me <AT> concord.sh> |
11 |
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org> |
12 |
|
13 |
policy/modules/services/container.te | 5 ----- |
14 |
1 file changed, 5 deletions(-) |
15 |
|
16 |
diff --git a/policy/modules/services/container.te b/policy/modules/services/container.te |
17 |
index 82de38ee..1291768c 100644 |
18 |
--- a/policy/modules/services/container.te |
19 |
+++ b/policy/modules/services/container.te |
20 |
@@ -192,7 +192,6 @@ files_dontaudit_getattr_all_pipes(container_domain) |
21 |
files_dontaudit_getattr_all_sockets(container_domain) |
22 |
files_dontaudit_list_all_mountpoints(container_domain) |
23 |
files_dontaudit_write_etc_runtime_files(container_domain) |
24 |
-# files_entrypoint_all_files(container_domain) |
25 |
files_list_var(container_domain) |
26 |
files_list_var_lib(container_domain) |
27 |
files_search_all(container_domain) |
28 |
@@ -209,10 +208,6 @@ fs_manage_fusefs_symlinks(container_domain) |
29 |
fs_exec_fusefs_files(container_domain) |
30 |
fs_fusefs_entry_type(container_domain) |
31 |
|
32 |
-# fs_rw_inherited_tmpfs_files(container_domain) |
33 |
-# fs_rw_inherited_cifs_files(container_domain) |
34 |
-# fs_rw_inherited_noxattr_fs_files(container_domain) |
35 |
- |
36 |
auth_dontaudit_read_login_records(container_domain) |
37 |
auth_dontaudit_write_login_records(container_domain) |
38 |
auth_search_pam_console_data(container_domain) |