Return-Path: <SRS0=Cry5=QZ=vger.kernel.org=selinux-refpolicy-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-9.0 required=3.0 tests=DKIMWL_WL_MED,DKIM_SIGNED,
	DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,
	SIGNED_OFF_BY,SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no
	version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6625DC4360F
	for <selinux-refpolicy@archiver.kernel.org>; Mon, 18 Feb 2019 20:00:33 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.kernel.org (Postfix) with ESMTP id 2A71F217F5
	for <selinux-refpolicy@archiver.kernel.org>; Mon, 18 Feb 2019 20:00:33 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (1024-bit key) header.d=tresys.onmicrosoft.com header.i=@tresys.onmicrosoft.com header.b="uSdlzlIn"
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727561AbfBRUAc (ORCPT
        <rfc822;selinux-refpolicy@archiver.kernel.org>);
        Mon, 18 Feb 2019 15:00:32 -0500
Received: from mail-eopbgr700137.outbound.protection.outlook.com ([40.107.70.137]:5280
        "EHLO NAM04-SN1-obe.outbound.protection.outlook.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1725308AbfBRUAc (ORCPT
        <rfc822;selinux-refpolicy@vger.kernel.org>);
        Mon, 18 Feb 2019 15:00:32 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=tresys.onmicrosoft.com; s=selector1-tresys-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=oPMkH7yZgPdnAXxlh0oFUwDG2H0XBD/gWM47c+zibNY=;
 b=uSdlzlInHvH9/x+ppEJh+TSHteLxhVTurNIZwf6OD1xMOJQugNNuUk/0Bb/uQLixR2bacJ7f6C5HOiALEMEeNWcEVw7Zx72NMtdEkaU/mTv505Ke4kukJ7mI40WYJDTtA28JE9Bu/0e/WfOnAqSQQ65SelNDMgsojf7wB3GmhAw=
Received: from CY4PR15MB1509.namprd15.prod.outlook.com (10.172.160.141) by
 CY4PR15MB1574.namprd15.prod.outlook.com (10.172.161.144) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.1622.16; Mon, 18 Feb 2019 20:00:29 +0000
Received: from CY4PR15MB1509.namprd15.prod.outlook.com
 ([fe80::14f9:b981:d24b:f988]) by CY4PR15MB1509.namprd15.prod.outlook.com
 ([fe80::14f9:b981:d24b:f988%7]) with mapi id 15.20.1622.020; Mon, 18 Feb 2019
 20:00:29 +0000
From:   "Sugar, David" <dsugar@tresys.com>
To:     "selinux-refpolicy@vger.kernel.org" 
        <selinux-refpolicy@vger.kernel.org>
Subject: [PATCH] Add interface to get status of rsyslog service
Thread-Topic: [PATCH] Add interface to get status of rsyslog service
Thread-Index: AQHUx8SYkyy7Efp8ckeUSLesd5stMw==
Date:   Mon, 18 Feb 2019 20:00:29 +0000
Message-ID: <20190218200017.4439-1-dsugar@tresys.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [73.180.141.176]
x-clientproxiedby: BN6PR2001CA0038.namprd20.prod.outlook.com
 (2603:10b6:405:16::24) To CY4PR15MB1509.namprd15.prod.outlook.com
 (2603:10b6:903:fd::13)
authentication-results: spf=none (sender IP is )
 smtp.mailfrom=dsugar@tresys.com; 
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: git-send-email 2.20.1
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 8c590c51-f90d-4a0b-a13e-08d695dbbb25
x-microsoft-antispam: BCL:0;PCL:0;RULEID:(2390118)(7020095)(4652040)(7021145)(8989299)(4534185)(7022145)(4603075)(4627221)(201702281549075)(8990200)(7048125)(7024125)(7027125)(7023125)(5600110)(711020)(4605104)(2017052603328)(7153060)(7193020);SRVR:CY4PR15MB1574;
x-ms-traffictypediagnostic: CY4PR15MB1574:
x-microsoft-exchange-diagnostics: =?iso-8859-1?Q?1;CY4PR15MB1574;23:1o8z3slg7v1KeSY+yVEsxFx6cO9D+fX/zwj4V0y?=
 =?iso-8859-1?Q?msA6xGSz4RoVFkXsJvK0PX0q5f2Ni0xX47i1COP1vuwdMwKx7SKsMzIFDH?=
 =?iso-8859-1?Q?oESeUVtEERkZjbrqAFUYQujmfrRSgSDF3jV0HVLQ8XQH0KjiYNKMMOzrph?=
 =?iso-8859-1?Q?tPe4iPMh6GFzJg+MGmZqR/0tUQO4liJg6U0u6+32tbhdjL9nsTe2W6rlQV?=
 =?iso-8859-1?Q?ucFmNHnkaIsE/SuiAhuEAlcP0QgBNI+EsZqesOFc2jk5IZRRLjQV0xfTQJ?=
 =?iso-8859-1?Q?HEoJ9whwD6SrJprFVewOJE1NdALL0ADlwXUm6jHeQApMd3w9vFs7s4YvQ5?=
 =?iso-8859-1?Q?yQ56JiVU0ixf5xJ5WUfLFJleO08YClipGlDtIya8LMjxNvH0IEdu3fAq32?=
 =?iso-8859-1?Q?qNuJnZINy5cKmKnu+vW37eQGWQ1VyMiL2prdZNT+NB8IlQTyKO9RcRoOM9?=
 =?iso-8859-1?Q?YEMw+oyOdDGt0/zFYu6eItqloloa9JiItXT/rSsXNGQiWvhLhzHntM2Dsx?=
 =?iso-8859-1?Q?or7Ihcv3gTF/IzVAvlNZ1kCwsTfGZyqdGN1kfreioFATd/m/tN3Ze3V3nM?=
 =?iso-8859-1?Q?7y+KwKHUQKYGeWaYifxTcvA8caxMyYZeiVTWZRa9yBKpvGA4W0YMImtFd4?=
 =?iso-8859-1?Q?ChCggDK8qUPhavwk6w7mh2xKf7cOx/+qtJSwxdT4D86UyOjKjJlFAcjT3A?=
 =?iso-8859-1?Q?osqK4AheDjrZiNastvcFDJfTAlA2iBVwBdoRaJYo44bjBi6qB1W3YuAY6z?=
 =?iso-8859-1?Q?WeFnYOR3JNcbZebm2bwdiql3J92tPAw635/AvuSLoqEa8S+CxKTrUJP2CZ?=
 =?iso-8859-1?Q?1uallAaJ5NzgQy/JGliWPfmg/GmRJ8DdLbZW0G/lMZD48TM8irTPt34D+4?=
 =?iso-8859-1?Q?A6XDF8mbbuguSXLzQr7nRBZQA95/GcWJqlmdYGpk5pVmvos2VGNwDmTrAL?=
 =?iso-8859-1?Q?2hrj36ltvRfGZtnVUg+ABstckvWcvgVBa7aMFhb/OkNKzkgjzHk99jElGv?=
 =?iso-8859-1?Q?7ahJJRSmbN7nHP0yqK9ksjnalBlybr7zZkxZJtC6U9CxgecqoGmAuQXNWk?=
 =?iso-8859-1?Q?3OtDgS+lnNmNNjDXCjsurhYXIa9ugkE6MzXZeQN7xhz3vbY+F99vlHTkOJ?=
 =?iso-8859-1?Q?qt1tHKeRjf0ysnYkI7Yf1MI+NucXXxuR8uRMcTjFg8nKaztqePgc1hagHg?=
 =?iso-8859-1?Q?LXQfWoWkWx/5rw1ieTMyz3zSkyEdHQdQmBJHF3ZMDh04hSQPrJ7KIgcwOE?=
 =?iso-8859-1?Q?ZfP18zgM3R/kuKkyR?=
x-microsoft-antispam-prvs: <CY4PR15MB157489D35301027399F6C38AB9630@CY4PR15MB1574.namprd15.prod.outlook.com>
x-forefront-prvs: 09525C61DB
x-forefront-antispam-report: SFV:NSPM;SFS:(10019020)(346002)(376002)(136003)(396003)(366004)(39830400003)(189003)(199004)(1076003)(5660300002)(81166006)(6506007)(8676002)(25786009)(6916009)(386003)(8936002)(81156014)(52116002)(14444005)(256004)(316002)(97736004)(53936002)(102836004)(5640700003)(26005)(68736007)(6436002)(486006)(2351001)(2616005)(2906002)(508600001)(476003)(305945005)(3846002)(6116002)(7736002)(50226002)(106356001)(99286004)(86362001)(6512007)(71190400001)(36756003)(66066001)(4744005)(105586002)(71200400001)(14454004)(6486002)(186003)(2501003);DIR:OUT;SFP:1102;SCL:1;SRVR:CY4PR15MB1574;H:CY4PR15MB1509.namprd15.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1;
received-spf: None (protection.outlook.com: tresys.com does not designate
 permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: Xg8N5/ibre7U7e5oBz/hL/3MJmApcSgQkR+Ax/2QXUFfk/OkDC6kDIAEQtEROwB0vY4vC/YwtYfqeOwM8fPltvrxJtnzGi3DW6D/UH+EPzdYUcIgsmd46FfNKihxpSymAEvnFieQ7QnYTEhMs7RGAtTSMbgpsJbOBfoi2N16ZYC/Q/0v3KLC6vrc9pT/jVFdiDv6GdR2a/AjdQ8yQgoRXc/d9aVsgkKY/A6f/US1kqV7kZTFwV05yjOFHCXUUr7pEX1h/pezasSSRHJFDDzzXiKjmcBm9hWMnJ9VztBqf+swmwY34gB9KZQGPnwjpgvt7JAnpo+MucujipGytW7vj3cLm0PO7THhv0Hw4SgfDbVuxdNxxVGtjuYTXZ3wN0dnaYpFCxG89Dw6kmgWMgBATRno8eZ05eAlXPiw3onV6Dg=
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-OriginatorOrg: tresys.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8c590c51-f90d-4a0b-a13e-08d695dbbb25
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Feb 2019 20:00:28.7634
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-id: a0d45667-6c07-4e88-868f-4ac9af95c7ed
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR15MB1574
Sender: selinux-refpolicy-owner@vger.kernel.org
Precedence: bulk
List-ID: <selinux-refpolicy.vger.kernel.org>
X-Mailing-List: selinux-refpolicy@vger.kernel.org

Signed-off-by: Dave Sugar <dsugar@tresys.com>
---
 policy/modules/system/logging.if | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/policy/modules/system/logging.if b/policy/modules/system/loggi=
ng.if
index 16091eb6..21ec6501 100644
--- a/policy/modules/system/logging.if
+++ b/policy/modules/system/logging.if
@@ -1222,6 +1222,25 @@ interface(`logging_admin_audit',`
 	dontaudit $1 auditd_log_t:file map;
 ')
=20
+########################################
+## <summary>
+##	Allow specified domain to check status of syslog unit
+## </summary>
+## <param name=3D"domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`logging_status_syslog',`
+	gen_require(`
+		type syslogd_unit_t;
+		class service status;
+	')
+
+	allow $1 syslogd_unit_t:service status;
+')
+
 ########################################
 ## <summary>
 ##	All of the rules required to administrate
--=20
2.20.1