Add type for rhev-agent log file

diff --git a/policy/modules/services/rhev.fc b/policy/modules/services/rhev.fc
index 4e7605a93ed15561f5c8dcd7b6dba9d94cd46b0a..9a8524dc32870d9725a03c46b068e28bf63cf038 100644 (file)
--- a/policy/modules/services/rhev.fc
+++ b/policy/modules/services/rhev.fc
@@ -1,3 +1,5 @@
 /usr/share/rhev-agent/rhev-agentd\.py  --      gen_context(system_u:object_r:rhev_agentd_exec_t,s0)
 
 /var/run/rhev-agentd\.pid              --      gen_context(system_u:object_r:rhev_agentd_var_run_t,s0)
+
+/var/log/rhev-agent(/.*)?           gen_context(system_u:object_r:rhev_agentd_log_t,s0)

diff --git a/policy/modules/services/rhev.te b/policy/modules/services/rhev.te
index d3473e674a8923137cb0295cf20c357bc5bda952..b5168a0439f909efd8e992af120651f8a07a61dc 100644 (file)
--- a/policy/modules/services/rhev.te
+++ b/policy/modules/services/rhev.te
@@ -15,6 +15,9 @@ files_pid_file(rhev_agentd_var_run_t)
 type rhev_agentd_tmp_t;
 files_tmp_file(rhev_agentd_tmp_t)
 
+type rhev_agentd_log_t;
+logging_log_file(rhev_agentd_log_t)
+
 ########################################
 #
 # rhev_agentd_t local policy
@@ -31,6 +34,8 @@ manage_files_pattern(rhev_agentd_t, rhev_agentd_var_run_t, rhev_agentd_var_run_t
 manage_sock_files_pattern(rhev_agentd_t, rhev_agentd_var_run_t, rhev_agentd_var_run_t)
 files_pid_filetrans(rhev_agentd_t, rhev_agentd_var_run_t, { dir file sock_file })
 
+manage_files_pattern(rhev_agentd_t, rhev_agentd_log_t, rhev_agentd_log_t)
+
 manage_dirs_pattern(rhev_agentd_t, rhev_agentd_tmp_t, rhev_agentd_tmp_t)
 manage_files_pattern(rhev_agentd_t, rhev_agentd_tmp_t, rhev_agentd_tmp_t)
 files_tmp_filetrans(rhev_agentd_t, rhev_agentd_tmp_t, { file dir })