commit: 1ec76423aa4ac2c17b12e6a69a2887c47bffac1c Author: Petr Vorel <pvorel <AT> suse <DOT> cz> AuthorDate: Mon Nov 12 08:47:30 2018 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Sun Nov 18 10:56:47 2018 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=1ec76423
dnsmasq: Require log files to have .log suffix + allow log rotate as well. Signed-off-by: Petr Vorel <pvorel <AT> suse.cz> Signed-off-by: Jason Zaman <jason <AT> perfinion.com> policy/modules/services/dnsmasq.fc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/policy/modules/services/dnsmasq.fc b/policy/modules/services/dnsmasq.fc index 278b880f..bfa87f4c 100644 --- a/policy/modules/services/dnsmasq.fc +++ b/policy/modules/services/dnsmasq.fc @@ -16,7 +16,7 @@ /var/lib/misc/dnsmasq\.leases -- gen_context(system_u:object_r:dnsmasq_lease_t,s0) /var/lib/dnsmasq(/.*)? gen_context(system_u:object_r:dnsmasq_lease_t,s0) -/var/log/dnsmasq.* -- gen_context(system_u:object_r:dnsmasq_var_log_t,s0) +/var/log/dnsmasq(.*)?\.log(\..+) -- gen_context(system_u:object_r:dnsmasq_var_log_t,s0) ifdef(`distro_gentoo',` # Fix bug 531836 - Needed to support dnssec in dnsmasq
