| 1 |
commit: 612782c9a0018a2b6d38c19476f44b7ad92ff070 |
| 2 |
Author: Jason Zaman <jason <AT> perfinion <DOT> com> |
| 3 |
AuthorDate: Mon May 25 09:33:55 2015 +0000 |
| 4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Wed May 27 18:59:50 2015 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=612782c9 |
| 7 |
|
| 8 |
logging: use init_startstop_service in _admin interface |
| 9 |
|
| 10 |
The logging_admin interfaces had rules for RedHat sysvinit. This |
| 11 |
replaces them with the interface init_startstop_service which can |
| 12 |
easily be changed for other init systems. |
| 13 |
|
| 14 |
policy/modules/system/logging.if | 10 ++-------- |
| 15 |
1 file changed, 2 insertions(+), 8 deletions(-) |
| 16 |
|
| 17 |
diff --git a/policy/modules/system/logging.if b/policy/modules/system/logging.if |
| 18 |
index 1c4af7b..9fa0f5d 100644 |
| 19 |
--- a/policy/modules/system/logging.if |
| 20 |
+++ b/policy/modules/system/logging.if |
| 21 |
@@ -1022,10 +1022,7 @@ interface(`logging_admin_audit',` |
| 22 |
|
| 23 |
logging_run_auditctl($1, $2) |
| 24 |
|
| 25 |
- init_labeled_script_domtrans($1, auditd_initrc_exec_t) |
| 26 |
- domain_system_change_exemption($1) |
| 27 |
- role_transition $2 auditd_initrc_exec_t system_r; |
| 28 |
- allow $2 system_r; |
| 29 |
+ init_startstop_service($1, $2, auditd_t, auditd_initrc_exec_t) |
| 30 |
') |
| 31 |
|
| 32 |
######################################## |
| 33 |
@@ -1080,10 +1077,7 @@ interface(`logging_admin_syslog',` |
| 34 |
|
| 35 |
logging_manage_all_logs($1) |
| 36 |
|
| 37 |
- init_labeled_script_domtrans($1, syslogd_initrc_exec_t) |
| 38 |
- domain_system_change_exemption($1) |
| 39 |
- role_transition $2 syslogd_initrc_exec_t system_r; |
| 40 |
- allow $2 system_r; |
| 41 |
+ init_startstop_service($1, $2, syslogd_t, syslogd_initrc_exec_t) |
| 42 |
') |
| 43 |
|
| 44 |
######################################## |
Archives