MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

fix: [selinux] allow log files rename

pull/7237/head
Richard van den Berg 2021-03-24 10:29:02 +01:00
parent a0ead60b4d
commit f767ffeec5
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
INSTALL/misplogrotate.te
View File

@ -7,10 +7,10 @@ require {
type httpd_sys_content_t;
type httpd_sys_rw_content_t;
class dir { ioctl read getattr lock search open remove_name };
class file { unlink write };
class file { unlink write rename };
}
#============= logrotate_t ==============
allow logrotate_t httpd_sys_content_t:dir { ioctl read getattr lock search open };
allow logrotate_t httpd_sys_rw_content_t:dir { ioctl read getattr lock search open };
allow httpd_t httpd_log_t:dir remove_name;
allow { httpd_t httpd_sys_script_t } httpd_log_t:file { unlink write };
allow { httpd_t httpd_sys_script_t } httpd_log_t:file { unlink write rename };