From 3fcdc3976436a89f6f5e8eb965407c11ef372ab8 Mon Sep 17 00:00:00 2001
From: Jeremy Solt <jsolt@tresys.com>
Date: Fri, 5 Mar 2010 15:15:05 -0500
Subject: [PATCH] shorewall log file from Dan Walsh

---
 policy/modules/admin/shorewall.fc | 2 ++
 policy/modules/admin/shorewall.te | 7 +++++++
 2 files changed, 9 insertions(+)

diff --git a/policy/modules/admin/shorewall.fc b/policy/modules/admin/shorewall.fc
index 6286e2b3f..029cb7e9b 100644
--- a/policy/modules/admin/shorewall.fc
+++ b/policy/modules/admin/shorewall.fc
@@ -10,3 +10,5 @@
 /var/lib/shorewall(/.*)?			gen_context(system_u:object_r:shorewall_var_lib_t,s0)
 /var/lib/shorewall6(/.*)?			gen_context(system_u:object_r:shorewall_var_lib_t,s0)
 /var/lib/shorewall-lite(/.*)?			gen_context(system_u:object_r:shorewall_var_lib_t,s0)
+
+/var/log/shorewall.*				gen_context(system_u:object_r:shorewall_log_t,s0)
diff --git a/policy/modules/admin/shorewall.te b/policy/modules/admin/shorewall.te
index 625341e25..371f6a66b 100644
--- a/policy/modules/admin/shorewall.te
+++ b/policy/modules/admin/shorewall.te
@@ -29,6 +29,9 @@ files_tmp_file(shorewall_tmp_t)
 type shorewall_var_lib_t;
 files_type(shorewall_var_lib_t)
 
+type shorewall_log_t;
+logging_log_file(shorewall_log_t)
+
 ########################################
 #
 # shorewall local policy
@@ -49,6 +52,10 @@ manage_dirs_pattern(shorewall_t, shorewall_var_lib_t, shorewall_var_lib_t)
 manage_files_pattern(shorewall_t, shorewall_var_lib_t, shorewall_var_lib_t)
 files_var_lib_filetrans(shorewall_t, shorewall_var_lib_t, { dir file })
 
+manage_files_pattern(shorewall_t, shorewall_log_t, shorewall_log_t)
+manage_dirs_pattern(shorewall_t, shorewall_log_t, shorewall_log_t)
+logging_log_filetrans(shorewall_t, shorewall_log_t, { file dir })
+
 manage_dirs_pattern(shorewall_t, shorewall_tmp_t, shorewall_tmp_t)
 manage_files_pattern(shorewall_t, shorewall_tmp_t, shorewall_tmp_t)
 files_tmp_filetrans(shorewall_t, shorewall_tmp_t, { file dir })