From: andronicus.spiros@gmail.com (Elia Pinto) Date: Tue, 10 Jun 2014 08:22:47 -0700 Subject: [refpolicy] [PATCH v2] apache.te: Add labelling support for /var/log/mlogc Message-ID: <1402413767-23181-1-git-send-email-andronicus.spiros@gmail.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com Add the right labelling support for the ModSecurity Audit Log Collector(mlogc). mlogc is started by apache and run with the same selinux security context. Signed-off-by: Elia Pinto --- This is the second revision. httpd_log_t context was not sufficient for mlogc I'm sorry for the noice, eventually, but I'm not sure that the patch has arrived on the mailing list and so i send it back from another account for safety. apache.fc | 1 + 1 file changed, 1 insertion(+) diff --git a/apache.fc b/apache.fc index 4e90b04..ec0c0fb 100644 --- a/apache.fc +++ b/apache.fc @@ -125,6 +125,7 @@ ifdef(`distro_suse',` /var/log/cherokee(/.*)? gen_context(system_u:object_r:httpd_log_t,s0) /var/log/dirsrv/admin-serv(/.*)? gen_context(system_u:object_r:httpd_log_t,s0) /var/log/glpi(/.*)? gen_context(system_u:object_r:httpd_log_t,s0) +/var/log/mlogc(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) /var/log/httpd(/.*)? gen_context(system_u:object_r:httpd_log_t,s0) /var/log/horde2(/.*)? gen_context(system_u:object_r:httpd_log_t,s0) /var/log/lighttpd(/.*)? gen_context(system_u:object_r:httpd_log_t,s0) -- 1.7.10.4