selinux-policy/refpolicy/policy/modules/system/logging.if

#######################################
#
# logging_make_log_file(type,[`optional'])
#
define(`logging_make_log_file',`
requires_block_template(logging_make_log_file_depend,$2)
files_make_file($1,optional)
typeattribute $1 logfile;
')

define(`logging_make_log_file_depend',`
attribute logfile;
files_make_file_depend
')

#######################################
#
# logging_append_all_logs(type,[`optional'])
#
define(`logging_append_all_logs',`
requires_block_template(logging_append_all_logs_depend,$2)
allow $1 var_log_t:dir { getattr search read };
allow $1 logfile:file { getattr append };
')

define(`logging_append_all_logs_depend',`
attribute logfile;
type var_log_t;
class dir { getattr search read };
class file { getattr append };
')

#######################################
#
# logging_read_all_logs(type,[`optional'])
#
define(`logging_read_all_logs',`
requires_block_template(logging_read_all_logs_depend,$2)
allow $1 var_log_t:dir { getattr search read };
allow $1 logfile:file { getattr read };
')

define(`logging_read_all_logs_depend',`
attribute logfile;
type var_log_t;
class dir { getattr search read };
class file { getattr read };
')

#######################################
#
# logging_modify_system_logs(type,[`optional'])
#
define(`logging_modify_system_logs',`
requires_block_template(logging_modify_system_logs_depend,$2)
allow $1 var_log_t:dir { getattr search read };
allow $1 var_log_t:file { getattr read write append };
')

define(`logging_modify_system_logs_depend',`
type var_log_t;
class dir { getattr search read };
class file { getattr read write append };
')
initial commit 2005-04-14 20:18:17 +00:00			`#######################################`
			`#`
			# logging_make_log_file(type,[`optional'])
			`#`
			define(`logging_make_log_file',`
			`requires_block_template(logging_make_log_file_depend,$2)`
			`files_make_file($1,optional)`
			`typeattribute $1 logfile;`
			`')`

			define(`logging_make_log_file_depend',`
			`attribute logfile;`
			`files_make_file_depend`
			`')`

			`#######################################`
			`#`
			# logging_append_all_logs(type,[`optional'])
			`#`
			define(`logging_append_all_logs',`
			`requires_block_template(logging_append_all_logs_depend,$2)`
			`allow $1 var_log_t:dir { getattr search read };`
			`allow $1 logfile:file { getattr append };`
			`')`

			define(`logging_append_all_logs_depend',`
			`attribute logfile;`
			`type var_log_t;`
			`class dir { getattr search read };`
			`class file { getattr append };`
			`')`

			`#######################################`
			`#`
			# logging_read_all_logs(type,[`optional'])
			`#`
			define(`logging_read_all_logs',`
			`requires_block_template(logging_read_all_logs_depend,$2)`
			`allow $1 var_log_t:dir { getattr search read };`
			`allow $1 logfile:file { getattr read };`
			`')`

			define(`logging_read_all_logs_depend',`
			`attribute logfile;`
			`type var_log_t;`
			`class dir { getattr search read };`
			`class file { getattr read };`
			`')`

			`#######################################`
			`#`
			# logging_modify_system_logs(type,[`optional'])
			`#`
			define(`logging_modify_system_logs',`
			`requires_block_template(logging_modify_system_logs_depend,$2)`
			`allow $1 var_log_t:dir { getattr search read };`
			`allow $1 var_log_t:file { getattr read write append };`
			`')`

			define(`logging_modify_system_logs_depend',`
			`type var_log_t;`
			`class dir { getattr search read };`
			`class file { getattr read write append };`
			`')`