- Add proper contexts for rsyslogd

2007-07-19 20:55:20 +00:00 · 2007-07-19 20:55:20 +00:00 · 908512cccc
commit 908512cccc
parent 297dd1a900
2 changed files with 22 additions and 5 deletions
--- a/policy-20070703.patch
+++ b/policy-20070703.patch
@ -8546,16 +8546,25 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/locall
 # Sulogin local policy
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/logging.fc serefpolicy-3.0.3/policy/modules/system/logging.fc
 --- nsaserefpolicy/policy/modules/system/logging.fc	2007-05-29 14:10:58.000000000 -0400
-+++ serefpolicy-3.0.3/policy/modules/system/logging.fc	2007-07-17 15:46:25.000000000 -0400
+++ serefpolicy-3.0.3/policy/modules/system/logging.fc	2007-07-19 11:20:26.000000000 -0400
-@@ -1,6 +1,6 @@
+@@ -1,12 +1,15 @@
 -
 /dev/log		-s	gen_context(system_u:object_r:devlog_t,s0)
 +/etc/rsyslog.conf		gen_context(system_u:object_r:syslog_conf_t,s0)
 +/etc/syslog.conf		gen_context(system_u:object_r:syslog_conf_t,s0)
 /etc/audit(/.*)?		gen_context(system_u:object_r:auditd_etc_t,mls_systemhigh)
 /sbin/auditctl		--	gen_context(system_u:object_r:auditctl_exec_t,s0)
-@@ -43,3 +43,5 @@
+ /sbin/auditd		--	gen_context(system_u:object_r:auditd_exec_t,s0)
 +/sbin/rklogd		--	gen_context(system_u:object_r:klogd_exec_t,s0)
 /sbin/klogd		--	gen_context(system_u:object_r:klogd_exec_t,s0)
 /sbin/minilogd		--	gen_context(system_u:object_r:syslogd_exec_t,s0)
 +/sbin/rsyslogd		--	gen_context(system_u:object_r:syslogd_exec_t,s0)
 /sbin/syslogd		--	gen_context(system_u:object_r:syslogd_exec_t,s0)
 /sbin/syslog-ng		--	gen_context(system_u:object_r:syslogd_exec_t,s0)
@@ -43,3 +46,5 @@
 /var/spool/postfix/pid	-d	gen_context(system_u:object_r:var_run_t,s0)
 /var/tinydns/log/main(/.*)?	gen_context(system_u:object_r:var_log_t,s0)
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -17,7 +17,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.0.3
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPL
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@ -293,10 +293,12 @@ semodule -r moilscanner 2>/dev/null
 %relabel targeted
 exit 0
-%triggerpostun targeted -- selinux-policy-targeted < 3.0.1
+%triggerpostun targeted -- selinux-policy-targeted < 3.0.3.2
 setsebool -P use_nfs_home_dirs=1
 semanage login -m -s "system_u" __default__ 2> /dev/null
 semanage user -a -P unconfined -R "unconfined_r system_r" unconfined_u 2> /dev/null
 semanage user -a -P guest -R guest_r guest_u
 semanage user -a -P xguest -R xguest_r xguest_u
 restorecon -R /root 2> /dev/null
 exit 0
@ -357,6 +359,12 @@ exit 0
 %endif
 %changelog
 * Thu Jul 19 2007 Dan Walsh <dwalsh@redhat.com> 3.0.3-2
 - Add proper contexts for rsyslogd
 * Thu Jul 19 2007 Dan Walsh <dwalsh@redhat.com> 3.0.3-1
 - Fixes for xguest policy
 * Tue Jul 17 2007 Dan Walsh <dwalsh@redhat.com> 3.0.2-9
 - Allow execution of gconf