2018-10-12 22:57:27

by Luis Ressel

[permalink] [raw]
Subject: [PATCH 1/2] Add fc for /var/lib/misc/logrotate.status

Some distros configure logrotate to put its status file somewhere else
than the default /var/lib/logrotate.status. Debian puts it in
/var/lib/logrotate/, and Gentoo uses /var/lib/misc/.
---
policy/modules/admin/logrotate.fc | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/policy/modules/admin/logrotate.fc b/policy/modules/admin/logrotate.fc
index dac1af39..cd43ab28 100644
--- a/policy/modules/admin/logrotate.fc
+++ b/policy/modules/admin/logrotate.fc
@@ -9,4 +9,4 @@
/usr/sbin/logrotate -- gen_context(system_u:object_r:logrotate_exec_t,s0)

/var/lib/logrotate(/.*)? gen_context(system_u:object_r:logrotate_var_lib_t,s0)
-/var/lib/logrotate\.status -- gen_context(system_u:object_r:logrotate_var_lib_t,s0)
+/var/lib/(misc/)?logrotate\.status -- gen_context(system_u:object_r:logrotate_var_lib_t,s0)
--
2.19.1



2018-10-12 22:57:26

by Luis Ressel

[permalink] [raw]
Subject: [PATCH 2/2] Realign logrotate.fc, remove an obvious comment

---
policy/modules/admin/logrotate.fc | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/policy/modules/admin/logrotate.fc b/policy/modules/admin/logrotate.fc
index cd43ab28..fd5497f3 100644
--- a/policy/modules/admin/logrotate.fc
+++ b/policy/modules/admin/logrotate.fc
@@ -1,12 +1,11 @@
/etc/cron\.(daily|weekly)/logrotate -- gen_context(system_u:object_r:logrotate_exec_t,s0)
/etc/cron\.(daily|weekly)/sysklogd -- gen_context(system_u:object_r:logrotate_exec_t,s0)

-/usr/bin/logrotate -- gen_context(system_u:object_r:logrotate_exec_t,s0)
+/usr/bin/logrotate -- gen_context(system_u:object_r:logrotate_exec_t,s0)

-# Systemd unit file
-/usr/lib/systemd/system/[^/]*logrotate.* -- gen_context(system_u:object_r:logrotate_unit_t,s0)
+/usr/lib/systemd/system/[^/]*logrotate.* -- gen_context(system_u:object_r:logrotate_unit_t,s0)

-/usr/sbin/logrotate -- gen_context(system_u:object_r:logrotate_exec_t,s0)
+/usr/sbin/logrotate -- gen_context(system_u:object_r:logrotate_exec_t,s0)

-/var/lib/logrotate(/.*)? gen_context(system_u:object_r:logrotate_var_lib_t,s0)
+/var/lib/logrotate(/.*)? gen_context(system_u:object_r:logrotate_var_lib_t,s0)
/var/lib/(misc/)?logrotate\.status -- gen_context(system_u:object_r:logrotate_var_lib_t,s0)
--
2.19.1


2018-10-13 17:39:55

by Chris PeBenito

[permalink] [raw]
Subject: Re: [PATCH 1/2] Add fc for /var/lib/misc/logrotate.status

On 10/12/2018 06:23 PM, Luis Ressel wrote:
> Some distros configure logrotate to put its status file somewhere else
> than the default /var/lib/logrotate.status. Debian puts it in
> /var/lib/logrotate/, and Gentoo uses /var/lib/misc/.
> ---
> policy/modules/admin/logrotate.fc | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/policy/modules/admin/logrotate.fc b/policy/modules/admin/logrotate.fc
> index dac1af39..cd43ab28 100644
> --- a/policy/modules/admin/logrotate.fc
> +++ b/policy/modules/admin/logrotate.fc
> @@ -9,4 +9,4 @@
> /usr/sbin/logrotate -- gen_context(system_u:object_r:logrotate_exec_t,s0)
>
> /var/lib/logrotate(/.*)? gen_context(system_u:object_r:logrotate_var_lib_t,s0)
> -/var/lib/logrotate\.status -- gen_context(system_u:object_r:logrotate_var_lib_t,s0)
> +/var/lib/(misc/)?logrotate\.status -- gen_context(system_u:object_r:logrotate_var_lib_t,s0)
>

Merged.

--
Chris PeBenito

2018-10-13 17:39:57

by Chris PeBenito

[permalink] [raw]
Subject: Re: [PATCH 2/2] Realign logrotate.fc, remove an obvious comment

On 10/12/2018 06:23 PM, Luis Ressel wrote:
> ---
> policy/modules/admin/logrotate.fc | 9 ++++-----
> 1 file changed, 4 insertions(+), 5 deletions(-)
>
> diff --git a/policy/modules/admin/logrotate.fc b/policy/modules/admin/logrotate.fc
> index cd43ab28..fd5497f3 100644
> --- a/policy/modules/admin/logrotate.fc
> +++ b/policy/modules/admin/logrotate.fc
> @@ -1,12 +1,11 @@
> /etc/cron\.(daily|weekly)/logrotate -- gen_context(system_u:object_r:logrotate_exec_t,s0)
> /etc/cron\.(daily|weekly)/sysklogd -- gen_context(system_u:object_r:logrotate_exec_t,s0)
>
> -/usr/bin/logrotate -- gen_context(system_u:object_r:logrotate_exec_t,s0)
> +/usr/bin/logrotate -- gen_context(system_u:object_r:logrotate_exec_t,s0)
>
> -# Systemd unit file
> -/usr/lib/systemd/system/[^/]*logrotate.* -- gen_context(system_u:object_r:logrotate_unit_t,s0)
> +/usr/lib/systemd/system/[^/]*logrotate.* -- gen_context(system_u:object_r:logrotate_unit_t,s0)
>
> -/usr/sbin/logrotate -- gen_context(system_u:object_r:logrotate_exec_t,s0)
> +/usr/sbin/logrotate -- gen_context(system_u:object_r:logrotate_exec_t,s0)
>
> -/var/lib/logrotate(/.*)? gen_context(system_u:object_r:logrotate_var_lib_t,s0)
> +/var/lib/logrotate(/.*)? gen_context(system_u:object_r:logrotate_var_lib_t,s0)
> /var/lib/(misc/)?logrotate\.status -- gen_context(system_u:object_r:logrotate_var_lib_t,s0)

Merged.

--
Chris PeBenito