[refpolicy] [PATCH 1/1] Allow userdomains to send syslog messages
sven.vermeulen at siphos.be
Wed Aug 24 14:50:06 CDT 2011
On Wed, Aug 24, 2011 at 09:10:00AM -0400, Christopher J. PeBenito wrote:
> On 08/23/11 06:57, Sven Vermeulen wrote:
> > Some applications that run within the user domain send messages to the syslog
> > daemon (for instance through the syslog() function). This patch allows the
> > userdomain to write to the devlog_t socket and interact properly with the
> > syslog daemon.
> Do you have some examples? My initial reaction is definitely not
> merged, as I don't want users to be able to flood the system logs.
The one that triggered the creation of the patch was to support bashlogger
(feature of bash that logs all activity to the system logger). Another one
we had a way back (but I just informed the user how to allow it for himself
then) was for a chat client (i think it was weechatter, but the case was
applicable to others as well) configured to log things to the system log.
I don't mind if this is deemed a bit too intrusive for regular purposes.
More information about the refpolicy