From: sven.vermeulen@siphos.be (Sven Vermeulen) Date: Tue, 23 Aug 2011 12:57:22 +0200 Subject: [refpolicy] [PATCH 1/1] Allow userdomains to send syslog messages Message-ID: <20110823105722.GA2352@siphos.be> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Some applications that run within the user domain send messages to the syslog daemon (for instance through the syslog() function). This patch allows the userdomain to write to the devlog_t socket and interact properly with the syslog daemon. Signed-off-by: Sven Vermeulen --- policy/modules/system/userdomain.if | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/policy/modules/system/userdomain.if b/policy/modules/system/userdomain.if index c6d3cc8..17abfcf 100644 --- a/policy/modules/system/userdomain.if +++ b/policy/modules/system/userdomain.if @@ -965,6 +965,8 @@ template(`userdom_unpriv_user_template', ` # cjp: why? files_read_kernel_symbol_table($1_t) + logging_send_syslog_msg($1_t) + ifndef(`enable_mls',` fs_exec_noxattr($1_t) -- 1.7.3.4