Enables ioctl_skip_cloexec

Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
author: Dominick Grift <dominick.grift@defensec.nl> 2023-08-22 13:50:56 +0200
committer: Dominick Grift <dominick.grift@defensec.nl> 2023-08-22 13:59:39 +0200
commit: 8ab4c6e0db1dd758830023e91cfcfc989af27ec7 (patch)
tree: f06a3ac30c780c9015a998dfb28bd8b4e89a53c9 /src/misc
parent: f770f9fb8ec74b9686eb462466353868e2b27210 (diff)
download: selinux-policy-8ab4c6e0db1dd758830023e91cfcfc989af27ec7.tar.gz
2 files changed, 1 insertions, 11 deletions
diff --git a/src/misc/conf.cil b/src/misc/conf.cil
index f7c70d4..3f77a6b 100644
--- a/src/misc/conf.cil
+++ b/src/misc/conf.cil
@@ -11,6 +11,4 @@
 (policycap "network_peer_controls")
 (policycap "nnp_nosuid_transition")
 (policycap "open_perms")
-
-;; SELinux 3.4/Linux 5.18
-;; (policycap "ioctl_skip_cloexec")
+(policycap "ioctl_skip_cloexec")
diff --git a/src/misc/xperm.cil b/src/misc/xperm.cil
deleted file mode 100644
index 4aca460..0000000
--- a/src/misc/xperm.cil
+++ /dev/null
@@ -1,8 +0,0 @@
-;; SPDX-FileCopyrightText: © 2023 Dominick Grift <dominick.grift@defensec.nl>
-;; SPDX-License-Identifier: Unlicense
-
-(permissionx FIOCLEX_FIONCLEX_CHRFILE
-	     (ioctl chr_file (0x6601 0x5451 0x6602 0x5450)))
-
-(permissionx FIOCLEX (ioctl chr_file (0x6601 0x5451)))
-(permissionx FIONCLEX (ioctl chr_file (0x6602 0x5450)))
author	Dominick Grift <dominick.grift@defensec.nl>	2023-08-22 13:50:56 +0200
committer	Dominick Grift <dominick.grift@defensec.nl>	2023-08-22 13:59:39 +0200
commit	8ab4c6e0db1dd758830023e91cfcfc989af27ec7 (patch)
tree	f06a3ac30c780c9015a998dfb28bd8b4e89a53c9 /src/misc
parent	f770f9fb8ec74b9686eb462466353868e2b27210 (diff)
download	selinux-policy-8ab4c6e0db1dd758830023e91cfcfc989af27ec7.tar.gz