[refpolicy] [PATCH 2/2] Add fcontext for rsyslog pidfile

Christopher J. PeBenito cpebenito at tresys.com
Mon Jan 27 13:24:21 EST 2014


On 01/25/14 05:43, Laurent Bigonville wrote:
> From: Laurent Bigonville <bigon at bigon.be>
> 
> ---
>  policy/modules/system/logging.fc | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/policy/modules/system/logging.fc b/policy/modules/system/logging.fc
> index b50c5fe..740897d 100644
> --- a/policy/modules/system/logging.fc
> +++ b/policy/modules/system/logging.fc
> @@ -65,6 +65,7 @@ ifdef(`distro_redhat',`
>  /var/run/syslogd\.pid	--	gen_context(system_u:object_r:syslogd_var_run_t,mls_systemhigh)
>  /var/run/syslog-ng.ctl	--	gen_context(system_u:object_r:syslogd_var_run_t,s0)
>  /var/run/syslog-ng(/.*)?	gen_context(system_u:object_r:syslogd_var_run_t,s0)
> +/var/run/rsyslogd\.pid	--	gen_context(system_u:object_r:syslogd_var_run_t,mls_systemhigh)
>  
>  /var/spool/audit(/.*)?		gen_context(system_u:object_r:audit_spool_t,mls_systemhigh)
>  /var/spool/bacula/log(/.*)? 	gen_context(system_u:object_r:var_log_t,s0)
 
This should be added between the metalog.pid and syslogd.pid lines.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com


More information about the refpolicy mailing list