From: aranea@aixah.de (Luis Ressel)
Date: Tue, 12 Sep 2017 00:02:38 +0200
Subject: [refpolicy] [PATCH 2/3] logging: Label /etc/audisp as auditd_etc_t
In-Reply-To: <20170911220239.1953-1-aranea@aixah.de>
References: <20170911220239.1953-1-aranea@aixah.de>
Message-ID: <20170911220239.1953-2-aranea@aixah.de>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

---
 policy/modules/system/logging.fc | 1 +
 policy/modules/system/logging.te | 1 +
 2 files changed, 2 insertions(+)

diff --git a/policy/modules/system/logging.fc b/policy/modules/system/logging.fc
index 0d8a4173..5c166aa9 100644
--- a/policy/modules/system/logging.fc
+++ b/policy/modules/system/logging.fc
@@ -3,6 +3,7 @@
 /etc/rsyslog.conf		gen_context(system_u:object_r:syslog_conf_t,s0)
 /etc/syslog.conf		gen_context(system_u:object_r:syslog_conf_t,s0)
 /etc/audit(/.*)?		gen_context(system_u:object_r:auditd_etc_t,mls_systemhigh)
+/etc/audisp(/.*)?		gen_context(system_u:object_r:auditd_etc_t,mls_systemhigh)
 /etc/rc\.d/init\.d/auditd --	gen_context(system_u:object_r:auditd_initrc_exec_t,s0)
 /etc/rc\.d/init\.d/rsyslog --	gen_context(system_u:object_r:syslogd_initrc_exec_t,s0)
 
diff --git a/policy/modules/system/logging.te b/policy/modules/system/logging.te
index 47280f44..bbb01137 100644
--- a/policy/modules/system/logging.te
+++ b/policy/modules/system/logging.te
@@ -261,6 +261,7 @@ files_read_etc_runtime_files(audisp_t)
 
 mls_file_write_all_levels(audisp_t)
 
+logging_read_audit_config(audisp_t)
 logging_send_syslog_msg(audisp_t)
 
 miscfiles_read_localization(audisp_t)
-- 
2.14.1