From 81198502973c1ec58514f2050647806396a37cfb Mon Sep 17 00:00:00 2001
From: Chris PeBenito <cpebenito@tresys.com>
Date: Wed, 27 Apr 2005 21:54:39 +0000
Subject: [PATCH] add console dontaudit

---
 refpolicy/policy/modules/kernel/terminal.if | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/refpolicy/policy/modules/kernel/terminal.if b/refpolicy/policy/modules/kernel/terminal.if
index 3887e741..e1002e55 100644
--- a/refpolicy/policy/modules/kernel/terminal.if
+++ b/refpolicy/policy/modules/kernel/terminal.if
@@ -41,6 +41,20 @@ class chr_file { read write };
 devices_list_device_nodes_depend
 ')
 
+########################################
+#
+# terminal_ignore_use_console(domain,[`optional'])
+#
+define(`terminal_ignore_use_console',`
+requires_block_template(terminal_ignore_use_console_depend,$2)
+dontaudit $1 console_device_t:chr_file { read write };
+')
+
+define(`terminal_ignore_use_console_depend',`
+type console_device_t;
+class chr_file { read write };
+')
+
 ########################################
 #
 # terminal_use_controlling_terminal(domain,[`optional'])