From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Mon, 27 Jan 2014 13:24:21 -0500
Subject: [refpolicy] [PATCH 2/2] Add fcontext for rsyslog pidfile
In-Reply-To: <1390646637-20687-2-git-send-email-bigon@debian.org>
References: <1390646637-20687-1-git-send-email-bigon@debian.org>
	<1390646637-20687-2-git-send-email-bigon@debian.org>
Message-ID: <52E6A455.5040403@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 01/25/14 05:43, Laurent Bigonville wrote:
> From: Laurent Bigonville <bigon@bigon.be>
> 
> ---
>  policy/modules/system/logging.fc | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/policy/modules/system/logging.fc b/policy/modules/system/logging.fc
> index b50c5fe..740897d 100644
> --- a/policy/modules/system/logging.fc
> +++ b/policy/modules/system/logging.fc
> @@ -65,6 +65,7 @@ ifdef(`distro_redhat',`
>  /var/run/syslogd\.pid	--	gen_context(system_u:object_r:syslogd_var_run_t,mls_systemhigh)
>  /var/run/syslog-ng.ctl	--	gen_context(system_u:object_r:syslogd_var_run_t,s0)
>  /var/run/syslog-ng(/.*)?	gen_context(system_u:object_r:syslogd_var_run_t,s0)
> +/var/run/rsyslogd\.pid	--	gen_context(system_u:object_r:syslogd_var_run_t,mls_systemhigh)
>  
>  /var/spool/audit(/.*)?		gen_context(system_u:object_r:audit_spool_t,mls_systemhigh)
>  /var/spool/bacula/log(/.*)? 	gen_context(system_u:object_r:var_log_t,s0)
 
This should be added between the metalog.pid and syslogd.pid lines.

-- 
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com