From 77139d4891c55c6179a3bfee625a720c10a4498f Mon Sep 17 00:00:00 2001 From: Sven Vermeulen Date: Mon, 12 Nov 2012 22:57:37 +0100 Subject: [PATCH] Remove generic log label for cron location The /var/log/cron[^/]* line in the context definition takes higher precedence than the /var/log/cron.* line in the cron.fc file. As a result, when /var/log/cron.log is created it gets relabeled to var_log_t instead of staying with the cron_log_t type it should be. Removing the line so that the definitions in cron.log are used. Signed-off-by: Sven Vermeulen --- policy/modules/system/logging.fc | 1 - 1 file changed, 1 deletion(-) diff --git a/policy/modules/system/logging.fc b/policy/modules/system/logging.fc index bcc960b63..b50c5fe81 100644 --- a/policy/modules/system/logging.fc +++ b/policy/modules/system/logging.fc @@ -41,7 +41,6 @@ ifdef(`distro_suse', ` /var/log/boot\.log -- gen_context(system_u:object_r:var_log_t,mls_systemhigh) /var/log/messages[^/]* gen_context(system_u:object_r:var_log_t,mls_systemhigh) /var/log/secure[^/]* gen_context(system_u:object_r:var_log_t,mls_systemhigh) -/var/log/cron[^/]* gen_context(system_u:object_r:var_log_t,mls_systemhigh) /var/log/maillog[^/]* gen_context(system_u:object_r:var_log_t,mls_systemhigh) /var/log/spooler[^/]* gen_context(system_u:object_r:var_log_t,mls_systemhigh) /var/log/audit(/.*)? gen_context(system_u:object_r:auditd_log_t,mls_systemhigh)