[refpolicy] [PATCH 1/1] Allow userdomains to send syslog messages
Sven Vermeulen
sven.vermeulen at siphos.be
Wed Aug 24 14:50:06 CDT 2011
On Wed, Aug 24, 2011 at 09:10:00AM -0400, Christopher J. PeBenito wrote:
> On 08/23/11 06:57, Sven Vermeulen wrote:
> > Some applications that run within the user domain send messages to the syslog
> > daemon (for instance through the syslog() function). This patch allows the
> > userdomain to write to the devlog_t socket and interact properly with the
> > syslog daemon.
>
> Do you have some examples? My initial reaction is definitely not
> merged, as I don't want users to be able to flood the system logs.
>
The one that triggered the creation of the patch was to support bashlogger
(feature of bash that logs all activity to the system logger). Another one
we had a way back (but I just informed the user how to allow it for himself
then) was for a chat client (i think it was weechatter, but the case was
applicable to others as well) configured to log things to the system log.
I don't mind if this is deemed a bit too intrusive for regular purposes.
Wkr,
Sven Vermeulen
More information about the refpolicy
mailing list