add ignore read system state
This commit is contained in:
parent
de2cee6817
commit
67484fced4
@ -418,6 +418,20 @@ class lnk_file { getattr read };
|
|||||||
class file { getattr read };
|
class file { getattr read };
|
||||||
')
|
')
|
||||||
|
|
||||||
|
########################################
|
||||||
|
#
|
||||||
|
# kernel_ignore_read_system_state(domain)
|
||||||
|
#
|
||||||
|
define(`kernel_ignore_read_system_state',`
|
||||||
|
requires_block_template(kernel_ignore_read_system_state_depend)
|
||||||
|
allow $1 proc_t:file read;
|
||||||
|
')
|
||||||
|
|
||||||
|
ifdef(`kernel_ignore_read_system_state_depend',`
|
||||||
|
type proc_t;
|
||||||
|
class file read;
|
||||||
|
')
|
||||||
|
|
||||||
#######################################
|
#######################################
|
||||||
#
|
#
|
||||||
# kernel_read_software_raid_state(domain,[`optional'])
|
# kernel_read_software_raid_state(domain,[`optional'])
|
||||||
|
Loading…
Reference in New Issue
Block a user