commit: 148fa790b9e1d17ccf85658047235034a9c4b415
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Sun Feb 10 06:13:44 2019 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Feb 10 06:13:44 2019 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=148fa790
Remove upstreamed interface kernel_dontaudit_read_kernel_sysctls
Was upstreamed as kernel_dontaudit_read_kernel_sysctl()
Signed-off-by: Jason Zaman <jason <AT> perfinion.com>
policy/modules/contrib/skype.te | 2 +-
policy/modules/kernel/kernel.if | 18 ------------------
2 files changed, 1 insertion(+), 19 deletions(-)
diff --git a/policy/modules/contrib/skype.te b/policy/modules/contrib/skype.te
index 85ce3c10..dc7f73ec 100644
--- a/policy/modules/contrib/skype.te
+++ b/policy/modules/contrib/skype.te
@@ -64,7 +64,7 @@ manage_sock_files_pattern(skype_t, skype_tmp_t, skype_tmp_t)
files_tmp_filetrans(skype_t, skype_tmp_t, { dir file sock_file })
kernel_dontaudit_search_sysctl(skype_t)
-kernel_dontaudit_read_kernel_sysctls(skype_t)
+kernel_dontaudit_read_kernel_sysctl(skype_t)
kernel_read_network_state(skype_t)
kernel_read_system_state(skype_t)
diff --git a/policy/modules/kernel/kernel.if b/policy/modules/kernel/kernel.if
index de5ee946..1ad282aa 100644
--- a/policy/modules/kernel/kernel.if
+++ b/policy/modules/kernel/kernel.if
@@ -2049,24 +2049,6 @@ interface(`kernel_read_crypto_sysctls',`
list_dirs_pattern($1, { proc_t sysctl_t }, sysctl_crypto_t)
')
-#######################################
-## <summary>
-## Do not audit attempted reading of kernel sysctls
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain to not audit accesses from
-## </summary>
-## </param>
-#
-interface(`kernel_dontaudit_read_kernel_sysctls',`
- gen_require(`
- type sysctl_kernel_t;
- ')
-
- dontaudit $1 sysctl_kernel_t:file read_file_perms;
-')
-
########################################
## <summary>
## Read general kernel sysctls.
