From: Elia Pinto <[email protected]>
Add the right labelling support for the
ModSecurity Audit Log Collector(mlogc).
mlogc is started by apache and run with the
same selinux security context.
Signed-off-by: Elia Pinto <[email protected]>
---
This is the second revision. httpd_log_t context was not
sufficient for mlogc
apache.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/apache.fc b/apache.fc
index 4e90b04..ec0c0fb 100644
--- a/apache.fc
+++ b/apache.fc
@@ -125,6 +125,7 @@ ifdef(`distro_suse',`
/var/log/cherokee(/.*)? gen_context(system_u:object_r:httpd_log_t,s0)
/var/log/dirsrv/admin-serv(/.*)? gen_context(system_u:object_r:httpd_log_t,s0)
/var/log/glpi(/.*)? gen_context(system_u:object_r:httpd_log_t,s0)
+/var/log/mlogc(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0)
/var/log/httpd(/.*)? gen_context(system_u:object_r:httpd_log_t,s0)
/var/log/horde2(/.*)? gen_context(system_u:object_r:httpd_log_t,s0)
/var/log/lighttpd(/.*)? gen_context(system_u:object_r:httpd_log_t,s0)
--
1.7.10.4