From: russell@coker.com.au (Russell Coker) Date: Mon, 14 Feb 2011 13:12:03 +1100 Subject: [refpolicy] cron patches and remaining questions In-Reply-To: References: <1296510850.23039.9.camel@tesla.lan> Message-ID: <201102141312.04030.russell@coker.com.au> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Tuesday 01 February 2011 23:11:30 HarryCiao wrote: > So I expect when the crond_t creates cron log files during system booting > up, this newly created file should be auto-labeled as cron_log_t, rather > than the inherited label for its parent directory. > BTW, once we fix the label of /var/log/cron(\.log)? file, we also have to > grant the write permission on it to the syslogd_t domain. On which distribution does crond create /var/log/cron.log? On Debian and Red Hat based systems it's always been created and managed by syslogd (or rsyslogd etc) AFAIK. Why does anything need to change in this regard?