Improve the documentation of logging_log_file() and logging_log_filetrans().
This commit is contained in:
Chris PeBenito
parent
3a744d1275
commit
45185c0783
@ -1,15 +1,42 @@
|
|||||||
## <summary>Policy for the kernel message logger and system logging daemon.</summary>
|
## <summary>Policy for the kernel message logger and system logging daemon.</summary>
|
||||||
|
|
||||||
#######################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Make the specified type a file
|
## Make the specified type usable for log files
|
||||||
## used for logs.
|
## in a filesystem.
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="file_type">
|
## <desc>
|
||||||
|
## <p>
|
||||||
|
## Make the specified type usable for log files in a filesystem.
|
||||||
|
## This will also make the type usable for files, making
|
||||||
|
## calls to files_type() redundant. Failure to use this interface
|
||||||
|
## for a log file type may result in problems with log
|
||||||
|
## rotation, log analysis, and log monitoring programs.
|
||||||
|
## </p>
|
||||||
|
## <p>
|
||||||
|
## Related interfaces:
|
||||||
|
## </p>
|
||||||
|
## <ul>
|
||||||
|
## <li>logging_log_filetrans()</li>
|
||||||
|
## </ul>
|
||||||
|
## <p>
|
||||||
|
## Example usage with a domain that can create
|
||||||
|
## and append to a private log file stored in the
|
||||||
|
## general directories (e.g., /var/log):
|
||||||
|
## </p>
|
||||||
|
## <p>
|
||||||
|
## type mylogfile_t;
|
||||||
|
## logging_log_file(mylogfile_t)
|
||||||
|
## allow mydomain_t mylogfile_t:file { create_file_perms append_file_perms };
|
||||||
|
## logging_log_filetrans(mydomain_t, mylogfile_t, file)
|
||||||
|
## </p>
|
||||||
|
## </desc>
|
||||||
|
## <param name="type">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Type of the file to be used as a log.
|
## Type to be used for files.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
|
## <infoflow type="none"/>
|
||||||
#
|
#
|
||||||
interface(`logging_log_file',`
|
interface(`logging_log_file',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
@ -395,9 +422,18 @@ interface(`logging_domtrans_syslog',`
|
|||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Create an object in the log directory, with a private
|
## Create an object in the log directory, with a private type.
|
||||||
## type using a type transition.
|
|
||||||
## </summary>
|
## </summary>
|
||||||
|
## <desc>
|
||||||
|
## <p>
|
||||||
|
## Allow the specified domain to create an object
|
||||||
|
## in the general system log directories (e.g., /var/log)
|
||||||
|
## with a private type. Typically this is used for creating
|
||||||
|
## private log files in /var/log with the private type instead
|
||||||
|
## of the general system log type. To accomplish this goal,
|
||||||
|
## either the program must be SELinux-aware, or use this interface.
|
||||||
|
## </p>
|
||||||
|
## </desc>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed access.
|
## Domain allowed access.
|
||||||
@ -413,6 +449,7 @@ interface(`logging_domtrans_syslog',`
|
|||||||
## The object class of the object being created.
|
## The object class of the object being created.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
|
## <infoflow type="write" weight="10"/>
|
||||||
#
|
#
|
||||||
interface(`logging_log_filetrans',`
|
interface(`logging_log_filetrans',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user