MISP/INSTALL/misplogrotate.te

module misplogrotate 1.1;
require {
	type httpd_t;
	type logrotate_t;
	type httpd_log_t;
	type httpd_sys_content_t;
	type httpd_sys_rw_content_t;
	class dir { ioctl read getattr lock search open remove_name };
	class file { unlink write };
}
#============= logrotate_t ==============
allow logrotate_t httpd_sys_content_t:dir { ioctl read getattr lock search open };
allow logrotate_t httpd_sys_rw_content_t:dir { ioctl read getattr lock search open };
allow httpd_t httpd_log_t:dir remove_name;
allow httpd_t httpd_log_t:file { unlink write };
Fix logrotate module for RHEL 7/CentOS 7 2019-10-11 11:21:05 +02:00			`module misplogrotate 1.1;`
Add logrotation for MISP workers output 2017-02-06 17:26:17 +01:00			`require {`
Fix logrotate module for RHEL 7/CentOS 7 2019-10-11 11:21:05 +02:00			`type httpd_t;`
Add logrotation for MISP workers output 2017-02-06 17:26:17 +01:00			`type logrotate_t;`
Fix logrotate module for RHEL 7/CentOS 7 2019-10-11 11:21:05 +02:00			`type httpd_log_t;`
Add logrotation for MISP workers output 2017-02-06 17:26:17 +01:00			`type httpd_sys_content_t;`
Fix logrotate module for RHEL 7/CentOS 7 2019-10-11 11:21:05 +02:00			`type httpd_sys_rw_content_t;`
			`class dir { ioctl read getattr lock search open remove_name };`
			`class file { unlink write };`
Add logrotation for MISP workers output 2017-02-06 17:26:17 +01:00			`}`
			`#============= logrotate_t ==============`
			`allow logrotate_t httpd_sys_content_t:dir { ioctl read getattr lock search open };`
Fix logrotate module for RHEL 7/CentOS 7 2019-10-11 11:21:05 +02:00			`allow logrotate_t httpd_sys_rw_content_t:dir { ioctl read getattr lock search open };`
			`allow httpd_t httpd_log_t:dir remove_name;`
			`allow httpd_t httpd_log_t:file { unlink write };`