Home Explore Help
Register Sign In
Apq
/
389-ds-base
mirror of https://github.com/389ds/389-ds-base.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Allow dirsrv_t to log to a fifo in SELinux policy.

This patch changes the SELinux dirsrv policy to allow ns-slapd to
log to a fifo file.
Author: nkinder (Thanks!)
Tested on RHEL5 i386
Nathan Kinder 16 years ago
parent
c177c34eef
commit
b2e2a3f529
2 changed files with 2 additions and 0 deletions
Split View Show Diff Stats
  1. 1 0
      selinux/dirsrv.if
  2. 1 0
      selinux/dirsrv.te

+ 1 - 0
selinux/dirsrv.if
View File 

@@ -77,6 +77,7 @@ interface(`dirsrv_manage_log',`
 
 
 	allow $1 dirsrv_var_log_t:dir manage_dir_perms;
 
 	allow $1 dirsrv_var_log_t:file manage_file_perms;
 
+	allow $1 dirsrv_var_log_t:fifo_file: manage_fifo_file_perms;
 
 ')
 
 
 #######################################

+ 1 - 0
selinux/dirsrv.te
View File 

@@ -105,6 +105,7 @@ files_var_lib_filetrans(dirsrv_t,dirsrv_var_lib_t, { file dir sock_file })
 
 
 # log files
 
 manage_files_pattern(dirsrv_t, dirsrv_var_log_t, dirsrv_var_log_t)
 
+manage_fifo_files_pattern(dirsrv_t, dirsrv_var_log_t, dirsrv_var_log_t)
 
 allow dirsrv_t dirsrv_var_log_t:dir { setattr };
 
 logging_log_filetrans(dirsrv_t,dirsrv_var_log_t,{ sock_file file dir })