From: cpebenito@tresys.com (Christopher J. PeBenito) Date: Wed, 13 Nov 2013 09:15:18 -0500 Subject: [refpolicy] [PATCH 1/1] Generalize syslog-ng pattern for syslogd_var_run_t In-Reply-To: <20131021183720.GA21511@siphos.be> References: <20131021183720.GA21511@siphos.be> Message-ID: <52838976.4070002@tresys.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Mon Oct 21 14:37:20 2013, Sven Vermeulen wrote: > > On Gentoo, /var/run/syslog-ng.ctl is a socket, and there's also > /var/run/syslog-ng.pid, therefore the current pattern doesn't work. > > Signed-off-by: Luis Ressel > Acked-by: Sven Vermeulen > --- > policy/modules/system/logging.fc | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/policy/modules/system/logging.fc b/policy/modules/system/logging.fc > index b50c5fe..e9a6713 100644 > --- a/policy/modules/system/logging.fc > +++ b/policy/modules/system/logging.fc > @@ -63,8 +63,7 @@ ifdef(`distro_redhat',` > /var/run/log -s gen_context(system_u:object_r:devlog_t,s0) > /var/run/metalog\.pid -- gen_context(system_u:object_r:syslogd_var_run_t,s0) > /var/run/syslogd\.pid -- gen_context(system_u:object_r:syslogd_var_run_t,mls_systemhigh) > -/var/run/syslog-ng.ctl -- gen_context(system_u:object_r:syslogd_var_run_t,s0) > -/var/run/syslog-ng(/.*)? gen_context(system_u:object_r:syslogd_var_run_t,s0) > +/var/run/syslog-ng(.*)? gen_context(system_u:object_r:syslogd_var_run_t,s0) (.*)? is the same as .* -- Chris PeBenito Tresys Technology, LLC www.tresys.com | oss.tresys.com