From 2c1094058cf071264f43a8609f514be5d2027b2d Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Thu, 14 Jan 2016 21:30:32 -0800
Subject: [PATCH] racoon.te: Remove allow racoon toolbox_exec:file
 rx_file_perms;

auditallow says never used.

Change-Id: I789f32bd7d2bbfc583a12bf8a05662e812f09a38
---
 racoon.te | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/racoon.te b/racoon.te
index 1a2e54659..bf272d1e8 100644
--- a/racoon.te
+++ b/racoon.te
@@ -19,9 +19,6 @@ allow racoon self:capability { net_admin net_bind_service net_raw setuid };
 
 # XXX: should we give ip-up-vpn its own label (currently racoon domain)
 allow racoon system_file:file rx_file_perms;
-# XXX Run toolbox.  Might not be needed.
-allow racoon toolbox_exec:file rx_file_perms;
-auditallow racoon toolbox_exec:file rx_file_perms;
 allow racoon vpn_data_file:file create_file_perms;
 allow racoon vpn_data_file:dir w_dir_perms;
 
-- 
GitLab