tft: Silence default_t:dir reads

author Ralf Ertzinger <ralf@skytale.net>

Wed, 12 Aug 2015 10:29:30 +0000 (10:29 +0000)

committer Ralf Ertzinger <ralf@skytale.net>

Wed, 12 Aug 2015 10:29:30 +0000 (10:29 +0000)
author Ralf Ertzinger <ralf@skytale.net>
Wed, 12 Aug 2015 10:29:30 +0000 (10:29 +0000)
committer Ralf Ertzinger <ralf@skytale.net>
Wed, 12 Aug 2015 10:29:30 +0000 (10:29 +0000)
diff --git a/tf2/tf2.te b/tf2/tf2.te

index c1fe72d..d6db454 100644 (file)
--- a/tf2/tf2.te
+++ b/tf2/tf2.te
@@ -1,4 +1,8 @@
-policy_module(tf2, 0.1.17)
+policy_module(tf2, 0.1.21)
+
+require {
+    type default_t;
+}
  
  # File context for the executable process
  type tf2_t;
@@ -50,3 +54,6 @@ kernel_read_system_state(tf2_t)
  
  # TF2 needs to read the network state
  kernel_read_network_state(tf2_t)
+
+# There's a lot of noise from these accesses
+dontaudit tf2_t default_t:dir read;
author	Ralf Ertzinger <ralf@skytale.net>
	Wed, 12 Aug 2015 10:29:30 +0000 (10:29 +0000)
committer	Ralf Ertzinger <ralf@skytale.net>
	Wed, 12 Aug 2015 10:29:30 +0000 (10:29 +0000)