Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1178251pxb;
        Thu, 28 Jan 2021 09:44:40 -0800 (PST)
X-Google-Smtp-Source: ABdhPJx8ruox9FNRx0AM5DkqBHW2YoZidgNWpalyeJP+ut+WoiiRavw2AHxu9eR+ZtSNCMKP2FkQ
X-Received: by 2002:a50:fe86:: with SMTP id d6mr816103edt.80.1611855880316;
        Thu, 28 Jan 2021 09:44:40 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1611855880; cv=none;
        d=google.com; s=arc-20160816;
        b=V2n8o6R1+4yl7JXeOaLf2LLD9m55i8Y87lv7wC3yBVLnOorSn9jPxg3ZV/9bKhh4bI
         g2S6BDEGzvXKtNzxD6ThOe5zwYiKLAMdFyYc5CQCc6U5lY7w47SMVSqlIW5J0ajp3Fdy
         NvaG7sPXwRMkcw2t9Fz5vb/uLmtdlY1VzZZpRi3Z3yRemrwpdEzML0WumhnfAO+SM52l
         74HvB2qy2H1fba3TPtX5toCI4NhLB/QYqtRJ2S7L8xfqh2HWqysPXJEYynQzPZTzWnAv
         YuiaU5ppKedSOtCdMnfGRgMqsgAeSuAczrEorIh8ussNLsBusOqMQl18DezpC8uM8CTJ
         /ruw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:mime-version:user-agent:message-id:in-reply-to
         :date:references:subject:cc:to:from:dkim-signature:dkim-filter;
        bh=66pn/QblEJh1dZYqns/UThd8UkbmflThAcWxxrDNckU=;
        b=kUDoQ/1kGRkMldLhsNLJaO8G/Oo1MCAA25Y0W2brNo1BmkMehoEEVdQvOnxDnfpmFy
         Zbrvt3Hxfpk9iEjv3AjLZxx0R9YXHXmjCD2y7vraLT0H0k7fZu4vI1fR+q/pWrZGdjau
         JF/79atUvdg6MqjdFia91tVGvLIeP97L+Agfue0iAtn7e+Mk164mg+mBMHAI57BqTa/I
         PKt2wSt1Rx2/nd+dtq/9wOgECi5g5JxHMWdkHLfO5v9NdBjHyL20aEyhnUcJz1P80WDM
         yPcARhKzvrP1S3L1kttfMMDzzCL+30+/FAubQjLg4hJ2c4gKBYPt7OXRnycvxzg6DXWt
         9zwQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@defensec.nl header.s=default header.b=h8riw+tF;
       spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org
Return-Path: <selinux-refpolicy-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id e6si4014146edz.362.2021.01.28.09.44.36;
        Thu, 28 Jan 2021 09:44:40 -0800 (PST)
Received-SPF: pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@defensec.nl header.s=default header.b=h8riw+tF;
       spf=pass (google.com: domain of selinux-refpolicy-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=selinux-refpolicy-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S233204AbhA1Rmo (ORCPT <rfc822;linux.lists.archive@gmail.com>
        + 16 others); Thu, 28 Jan 2021 12:42:44 -0500
Received: from agnus.defensec.nl ([80.100.19.56]:45332 "EHLO agnus.defensec.nl"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S233191AbhA1Rmg (ORCPT
        <rfc822;selinux-refpolicy@vger.kernel.org>);
        Thu, 28 Jan 2021 12:42:36 -0500
Received: from brutus (brutus.lan [IPv6:2001:985:d55d::438])
        by agnus.defensec.nl (Postfix) with ESMTPSA id D1AFE2A1250;
        Thu, 28 Jan 2021 18:41:52 +0100 (CET)
DKIM-Filter: OpenDKIM Filter v2.11.0 agnus.defensec.nl D1AFE2A1250
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=defensec.nl;
        s=default; t=1611855713;
        bh=66pn/QblEJh1dZYqns/UThd8UkbmflThAcWxxrDNckU=;
        h=From:To:Cc:Subject:References:Date:In-Reply-To:From;
        b=h8riw+tFSPlkv1JXmF8HitfB+GpC7HIASn9gxthmAlU8zRbPBUxss9RD46o72fTva
         z0IcDmJjBRlDLxVN35mG1ZUn1CuQEN58JMALunN/4Y9Q1ao8bwSLR9wj30M7iJUP9V
         kzFwffSf9tCKuicOOmQu33ayuNYeyzeYiLTuTkds=
From:   Dominick Grift <dominick.grift@defensec.nl>
To:     Nicolas Iooss <nicolas.iooss@m4x.org>
Cc:     Russell Coker <russell@coker.com.au>,
        Chris PeBenito <pebenito@ieee.org>,
        refpolicy <selinux-refpolicy@vger.kernel.org>
Subject: Re: [PATCH] misc services patches with changes Dominick and Chris
 wanted
References: <YBDa5ga6QMQtfoVH@xev>
        <80d12d35-93b2-9227-eb4e-de0e2942654c@ieee.org>
        <ypjleei5hu26.fsf@defensec.nl>
        <CAJfZ7===nm6YpDnjH4WQko=O=NS5z3pFb82crq4++JimUsxHYA@mail.gmail.com>
Date:   Thu, 28 Jan 2021 18:41:50 +0100
In-Reply-To: <CAJfZ7===nm6YpDnjH4WQko=O=NS5z3pFb82crq4++JimUsxHYA@mail.gmail.com>
        (Nicolas Iooss's message of "Thu, 28 Jan 2021 18:34:41 +0100")
Message-ID: <ypjla6sthsbl.fsf@defensec.nl>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Precedence: bulk
List-ID: <selinux-refpolicy.vger.kernel.org>
X-Mailing-List: selinux-refpolicy@vger.kernel.org

Nicolas Iooss <nicolas.iooss@m4x.org> writes:

> On Thu, Jan 28, 2021 at 6:07 PM Dominick Grift
> <dominick.grift@defensec.nl> wrote:
>>
>> Chris PeBenito <pebenito@ieee.org> writes:
>>
>> > On 1/26/21 10:15 PM, Russell Coker wrote:
>> >> I think this one is ready to merge.
>> >> Signed-off-by: Russell Coker <russell@coker.com.au>
>> >
>> >
>> >> @@ -170,6 +172,7 @@ ifdef(`distro_suse',`
>> >>   /var/log/roundcubemail(/.*)?
>> >> gen_context(system_u:object_r:httpd_log_t,s0)
>> >>   /var/log/suphp\.log.* --
>> >> gen_context(system_u:object_r:httpd_log_t,s0)
>> >>   /var/log/z-push(/.*)?
>> >> gen_context(system_u:object_r:httpd_sys_rw_content_t,s0)
>> >> +/var/log/php7..-fpm.log --
>> >> gen_context(system_u:object_r:httpd_log_t,s0)
>> >
>> > selint flagged this.  Is ".." intended to be 2 "." metacharacters?
>>
>> I would probably just do: /var/log/php.*-fpm\.log.* and get it over with
>
> Or /var/log/php[0-9.]+-fpm\.log to match "something that looks like a
> version". The problem with "." is that it can match a "/", for
> subdirectories.

BTW One might wonder why i use the .* suffix. That is to support log rotation.

>
> Nicolas
>

-- 
gpg --locate-keys dominick.grift@defensec.nl
Key fingerprint = FCD2 3660 5D6B 9D27 7FC6  E0FF DA7E 521F 10F6 4098
https://sks-keyservers.net/pks/lookup?op=get&search=0xDA7E521F10F64098
Dominick Grift