Dontaudit chkpwd_t access to inherited TTYS

diff --git a/policy/modules/system/authlogin.te b/policy/modules/system/authlogin.te
index a53db2b0f5be8037cea36527b9a4b60b4e05f68b..2c39af1956b8d746432c6d3698eb93a9b657e06d 100644 (file)
--- a/policy/modules/system/authlogin.te
+++ b/policy/modules/system/authlogin.te
@@ -136,7 +136,7 @@ miscfiles_read_localization(chkpwd_t)
 seutil_read_config(chkpwd_t)
 seutil_dontaudit_use_newrole_fds(chkpwd_t)
 
-userdom_use_inherited_user_terminals(chkpwd_t)
+userdom_dontaudit_use_user_ttys(chkpwd_t)
 
 ifdef(`distro_ubuntu',`
        optional_policy(`

diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if
index af433574cd1e9f234d8b80b653127305366ab1a3..9b491594295380575b72e6951e46b510c02ee273 100644 (file)
--- a/policy/modules/system/userdomain.if
+++ b/policy/modules/system/userdomain.if
@@ -3309,8 +3309,8 @@ interface(`userdom_dontaudit_use_user_terminals',`
                type user_tty_device_t, user_devpts_t;
        ')
 
-       dontaudit $1 user_tty_device_t:chr_file rw_term_perms;
-       dontaudit $1 user_devpts_t:chr_file rw_term_perms;
+       dontaudit $1 user_tty_device_t:chr_file rw_inherited_term_perms;
+       dontaudit $1 user_devpts_t:chr_file rw_inherited_term_perms;
 ')
 
 
@@ -3736,7 +3736,7 @@ interface(`userdom_dontaudit_use_user_ttys',`
                type user_tty_device_t;
        ')
 
-       dontaudit $1 user_tty_device_t:chr_file rw_file_perms;
+       dontaudit $1 user_tty_device_t:chr_file rw_inherited_file_perms;
 ')
 
 ########################################