git://git.camperquake.de
/
selinux.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
tft: Silence default_t:dir reads
[selinux.git]
/
tf2
/
tf2.te
diff --git
a/tf2/tf2.te
b/tf2/tf2.te
index
c1fe72d
..
d6db454
100644
(file)
--- a/
tf2/tf2.te
+++ b/
tf2/tf2.te
@@
-1,4
+1,8
@@
-policy_module(tf2, 0.1.17)
+policy_module(tf2, 0.1.21)
+
+require {
+ type default_t;
+}
# File context for the executable process
type tf2_t;
# File context for the executable process
type tf2_t;
@@
-50,3
+54,6
@@
kernel_read_system_state(tf2_t)
# TF2 needs to read the network state
kernel_read_network_state(tf2_t)
# TF2 needs to read the network state
kernel_read_network_state(tf2_t)
+
+# There's a lot of noise from these accesses
+dontaudit tf2_t default_t:dir read;