## <summary>SUID/SGID program monitoring</summary> ######################################## ## <summary> ## Allow the specified domain to read ## sxid log files. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <rolecap/> # interface(`sxid_read_log',` gen_require(` type sxid_log_t; ') logging_search_logs($1) allow $1 sxid_log_t:file read_file_perms; ')