Skip to content

Commit

Permalink
incus: remove files_watch_all_dirs(incusd_t)
Browse files Browse the repository at this point in the history
This is not reproducable anymore in current incus version

Signed-off-by: Marc Schiffbauer <[email protected]>
  • Loading branch information
mschiff committed Dec 20, 2024
1 parent 43cd552 commit 4eca13b
Showing 1 changed file with 0 additions and 3 deletions.
3 changes: 0 additions & 3 deletions policy/modules/services/incus.te
Original file line number Diff line number Diff line change
Expand Up @@ -118,9 +118,6 @@ kernel_mounton_kernel_sysctl_files(incusd_t)
# read /etc/machine-id
files_read_etc_runtime_files(incusd_t)

# watch /dev/hugepages
files_watch_all_dirs(incusd_t)

# incus apparmor support wants to handle /sys/kernel/tracing
fs_dontaudit_getattr_tracefs(incusd_t)
fs_dontaudit_getattr_tracefs_dirs(incusd_t)
Expand Down

0 comments on commit 4eca13b

Please sign in to comment.