From 42fa15ba75bd69f0e0bd0ec8949d53c35ae0379a Mon Sep 17 00:00:00 2001
From: Jeremy Solt <jsolt@tresys.com>
Date: Mon, 8 Mar 2010 09:22:23 -0500
Subject: [PATCH] Logwatch looks for content in homedirs, reads samba shares -
 from Dan Walsh

---
 policy/modules/admin/logwatch.te | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/policy/modules/admin/logwatch.te b/policy/modules/admin/logwatch.te
index bf80a29c..9b08c52f 100644
--- a/policy/modules/admin/logwatch.te
+++ b/policy/modules/admin/logwatch.te
@@ -93,6 +93,13 @@ sysnet_dns_name_resolve(logwatch_t)
 sysnet_exec_ifconfig(logwatch_t)
 
 userdom_dontaudit_search_user_home_dirs(logwatch_t)
+tunable_policy(`use_nfs_home_dirs',`
+	fs_list_nfs(logwatch_t)
+')
+
+tunable_policy(`use_samba_home_dirs',`
+	fs_list_cifs(logwatch_t)
+')
 
 mta_send_mail(logwatch_t)
 
@@ -136,4 +143,5 @@ optional_policy(`
 
 optional_policy(`
 	samba_read_log(logwatch_t)
+	samba_read_share_files(logwatch_t)
 ')