RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add lost+found filesystem labels to support NSA security guidelines 

Add lost+found filesystem label to /var/log and /var/log/audit.

Signed-off-by: Guido Trentalancia <guido@trentalancia.com>
This commit is contained in:
Guido Trentalancia 2012-08-26 00:38:29 +02:00 committed by Chris PeBenito
parent d38855ea95
commit 06e2744b23
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
policy/modules/kernel/files.fc
View File

@ -243,6 +243,12 @@ ifndef(`distro_redhat',`
/var/lock(/.*)? gen_context(system_u:object_r:var_lock_t,s0)
/var/log/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
/var/log/lost\+found/.* <<none>>
/var/log/audit/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
/var/log/audit/lost\+found/.* <<none>>
/var/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
/var/lost\+found/.* <<none>>