1 |
commit: 612782c9a0018a2b6d38c19476f44b7ad92ff070 |
2 |
Author: Jason Zaman <jason <AT> perfinion <DOT> com> |
3 |
AuthorDate: Mon May 25 09:33:55 2015 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed May 27 18:59:50 2015 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=612782c9 |
7 |
|
8 |
logging: use init_startstop_service in _admin interface |
9 |
|
10 |
The logging_admin interfaces had rules for RedHat sysvinit. This |
11 |
replaces them with the interface init_startstop_service which can |
12 |
easily be changed for other init systems. |
13 |
|
14 |
policy/modules/system/logging.if | 10 ++-------- |
15 |
1 file changed, 2 insertions(+), 8 deletions(-) |
16 |
|
17 |
diff --git a/policy/modules/system/logging.if b/policy/modules/system/logging.if |
18 |
index 1c4af7b..9fa0f5d 100644 |
19 |
--- a/policy/modules/system/logging.if |
20 |
+++ b/policy/modules/system/logging.if |
21 |
@@ -1022,10 +1022,7 @@ interface(`logging_admin_audit',` |
22 |
|
23 |
logging_run_auditctl($1, $2) |
24 |
|
25 |
- init_labeled_script_domtrans($1, auditd_initrc_exec_t) |
26 |
- domain_system_change_exemption($1) |
27 |
- role_transition $2 auditd_initrc_exec_t system_r; |
28 |
- allow $2 system_r; |
29 |
+ init_startstop_service($1, $2, auditd_t, auditd_initrc_exec_t) |
30 |
') |
31 |
|
32 |
######################################## |
33 |
@@ -1080,10 +1077,7 @@ interface(`logging_admin_syslog',` |
34 |
|
35 |
logging_manage_all_logs($1) |
36 |
|
37 |
- init_labeled_script_domtrans($1, syslogd_initrc_exec_t) |
38 |
- domain_system_change_exemption($1) |
39 |
- role_transition $2 syslogd_initrc_exec_t system_r; |
40 |
- allow $2 system_r; |
41 |
+ init_startstop_service($1, $2, syslogd_t, syslogd_initrc_exec_t) |
42 |
') |
43 |
|
44 |
######################################## |