Allow mcelog_t to create dir and file in /var/run and label it correctly

author Dan Walsh <dwalsh@redhat.com>

Fri, 18 Nov 2011 16:48:51 +0000 (11:48 -0500)

committer Dan Walsh <dwalsh@redhat.com>

Fri, 18 Nov 2011 16:48:51 +0000 (11:48 -0500)
author Dan Walsh <dwalsh@redhat.com>
Fri, 18 Nov 2011 16:48:51 +0000 (11:48 -0500)
committer Dan Walsh <dwalsh@redhat.com>
Fri, 18 Nov 2011 16:48:51 +0000 (11:48 -0500)
diff --git a/policy/modules/admin/mcelog.fc b/policy/modules/admin/mcelog.fc

index 064122650424bf808b3088b3f599e8c18133aa98..409bbfcea4921171ae180ccf5696896e5a724ea2 100644 (file)
--- a/policy/modules/admin/mcelog.fc
+++ b/policy/modules/admin/mcelog.fc
@@ -2,4 +2,4 @@
  
  /var/log/mcelog.*      --      gen_context(system_u:object_r:mcelog_log_t,s0)
  
-/var/run/mcelog-client  -s     gen_context(system_u:object_r:mcelog_var_run_t,s0)
+/var/run/mcelog.*              gen_context(system_u:object_r:mcelog_var_run_t,s0)
diff --git a/policy/modules/admin/mcelog.te b/policy/modules/admin/mcelog.te

index ea06507fa091a5134c62c63d653203742a1e49d8..8ddc0911a9c3c3cdd7ae4321248053bcb0f3974a 100644 (file)
--- a/policy/modules/admin/mcelog.te
+++ b/policy/modules/admin/mcelog.te
@@ -30,7 +30,7 @@ logging_log_filetrans(mcelog_t, mcelog_log_t, { file dir })
  manage_files_pattern(mcelog_t, mcelog_var_run_t, mcelog_var_run_t)
  manage_dirs_pattern(mcelog_t, mcelog_var_run_t, mcelog_var_run_t)
  manage_sock_files_pattern(mcelog_t, mcelog_var_run_t, mcelog_var_run_t)
-files_pid_filetrans(mcelog_t, mcelog_var_run_t, sock_file )
+files_pid_filetrans(mcelog_t, mcelog_var_run_t, { dir file sock_file } )
  
  kernel_read_system_state(mcelog_t)
author	Dan Walsh <dwalsh@redhat.com>
	Fri, 18 Nov 2011 16:48:51 +0000 (11:48 -0500)
committer	Dan Walsh <dwalsh@redhat.com>
	Fri, 18 Nov 2011 16:48:51 +0000 (11:48 -0500)
policy/modules/admin/mcelog.fc		patch \| blob \| blame \| history
policy/modules/admin/mcelog.te		patch \| blob \| blame \| history