From e34e339b96d8879618c8e841d836ca6282f1188f Mon Sep 17 00:00:00 2001
From: Kenton Groombridge <me@concord.sh>
Date: Tue, 26 Jan 2021 18:05:56 -0500
Subject: [PATCH] stunnel: add log type and rules

Signed-off-by: Kenton Groombridge <me@concord.sh>
---
 policy/modules/services/stunnel.te | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/policy/modules/services/stunnel.te b/policy/modules/services/stunnel.te
index 03807d46d..3109b4603 100644
--- a/policy/modules/services/stunnel.te
+++ b/policy/modules/services/stunnel.te
@@ -15,6 +15,9 @@ files_config_file(stunnel_etc_t)
 type stunnel_runtime_t alias stunnel_var_run_t;
 files_runtime_file(stunnel_runtime_t)
 
+type stunnel_log_t;
+logging_log_file(stunnel_log_t)
+
 type stunnel_tmp_t;
 files_tmp_file(stunnel_tmp_t)
 
@@ -42,6 +45,11 @@ manage_dirs_pattern(stunnel_t, stunnel_runtime_t, stunnel_runtime_t)
 manage_files_pattern(stunnel_t, stunnel_runtime_t, stunnel_runtime_t)
 files_runtime_filetrans(stunnel_t, stunnel_runtime_t, { dir file })
 
+manage_dirs_pattern(stunnel_t, stunnel_log_t, stunnel_log_t)
+create_files_pattern(stunnel_t, stunnel_log_t, stunnel_log_t)
+append_files_pattern(stunnel_t, stunnel_log_t, stunnel_log_t)
+logging_log_filetrans(stunnel_t, stunnel_log_t, { dir file })
+
 kernel_read_kernel_sysctls(stunnel_t)
 kernel_read_system_state(stunnel_t)
 kernel_read_network_state(stunnel_t)