Add syslog capability.
This commit is contained in:
Chris PeBenito
parent
8d46bd3017
commit
640df09275
|
|
@ -1,3 +1,4 @@
|
|||
- Add syslog capability.
|
||||
- Support for logging in to /dev/console, from Harry Ciao.
|
||||
- Database object class updates and associated SEPostgreSQL changes from
|
||||
KaiGai Kohei.
|
||||
|
|
|
|||
|
|
@ -428,6 +428,7 @@ class capability2
|
|||
{
|
||||
mac_override # unused by SELinux
|
||||
mac_admin # unused by SELinux
|
||||
syslog
|
||||
}
|
||||
|
||||
#
|
||||
|
|
|
|||
|
|
@ -442,6 +442,7 @@ interface(`kernel_read_ring_buffer',`
|
|||
type kernel_t;
|
||||
')
|
||||
|
||||
allow $1 self:capability2 syslog;
|
||||
allow $1 kernel_t:system syslog_read;
|
||||
')
|
||||
|
||||
|
|
@ -479,7 +480,16 @@ interface(`kernel_change_ring_buffer_level',`
|
|||
type kernel_t;
|
||||
')
|
||||
|
||||
allow $1 self:capability2 syslog;
|
||||
allow $1 kernel_t:system syslog_console;
|
||||
|
||||
ifdef(`distro_rhel4',`
|
||||
allow $1 self:capability2 sys_admin;
|
||||
')
|
||||
|
||||
ifdef(`distro_rhel5',`
|
||||
allow $1 self:capability2 sys_admin;
|
||||
')
|
||||
')
|
||||
|
||||
########################################
|
||||
|
|
@ -498,7 +508,16 @@ interface(`kernel_clear_ring_buffer',`
|
|||
type kernel_t;
|
||||
')
|
||||
|
||||
allow $1 self:capability2 syslog;
|
||||
allow $1 kernel_t:system syslog_mod;
|
||||
|
||||
ifdef(`distro_rhel4',`
|
||||
allow $1 self:capability2 sys_admin;
|
||||
')
|
||||
|
||||
ifdef(`distro_rhel5',`
|
||||
allow $1 self:capability2 sys_admin;
|
||||
')
|
||||
')
|
||||
|
||||
########################################
|
||||
|
|
|
|||
Loading…
Reference in New Issue