add lost+found filesystem labels to support NSA security guidelines

Add lost+found filesystem label to /var/log and /var/log/audit.

Signed-off-by: Guido Trentalancia <guido@trentalancia.com>
This commit is contained in:
Guido Trentalancia 2012-08-26 00:38:29 +02:00 committed by Chris PeBenito
parent d38855ea95
commit 06e2744b23
1 changed files with 6 additions and 0 deletions

View File

@ -243,6 +243,12 @@ ifndef(`distro_redhat',`
/var/lock(/.*)? gen_context(system_u:object_r:var_lock_t,s0) /var/lock(/.*)? gen_context(system_u:object_r:var_lock_t,s0)
/var/log/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
/var/log/lost\+found/.* <<none>>
/var/log/audit/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
/var/log/audit/lost\+found/.* <<none>>
/var/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh) /var/lost\+found -d gen_context(system_u:object_r:lost_found_t,mls_systemhigh)
/var/lost\+found/.* <<none>> /var/lost\+found/.* <<none>>