From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-619752-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 2B4A11381F3
	for <garchives@archives.gentoo.org>; Fri, 16 Aug 2013 14:00:28 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 358D2E0EC5;
	Fri, 16 Aug 2013 13:59:50 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 83C8CE0EC5
	for <gentoo-commits@lists.gentoo.org>; Fri, 16 Aug 2013 13:59:44 +0000 (UTC)
Received: from hornbill.gentoo.org (hornbill.gentoo.org [94.100.119.163])
	(using TLSv1 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 8482F33EC2D
	for <gentoo-commits@lists.gentoo.org>; Fri, 16 Aug 2013 13:59:43 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by hornbill.gentoo.org (Postfix) with ESMTP id 18045E545D
	for <gentoo-commits@lists.gentoo.org>; Fri, 16 Aug 2013 13:59:42 +0000 (UTC)
From: "Sven Vermeulen" <sven.vermeulen@siphos.be>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sven Vermeulen" <sven.vermeulen@siphos.be>
Message-ID: <1376661264.7f630247624bdbf3ca4dd3995d3d8f4eb9c90594.SwifT@gentoo>
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/contrib/
X-VCS-Repository: proj/hardened-refpolicy
X-VCS-Files: policy/modules/contrib/squid.te
X-VCS-Directories: policy/modules/contrib/
X-VCS-Committer: SwifT
X-VCS-Committer-Name: Sven Vermeulen
X-VCS-Revision: 7f630247624bdbf3ca4dd3995d3d8f4eb9c90594
X-VCS-Branch: master
Date: Fri, 16 Aug 2013 13:59:42 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: d02edbb6-de4f-44e6-87b7-aa561b9db38f
X-Archives-Hash: a88549aee99d6edab3e36adc256dbaa7

commit:     7f630247624bdbf3ca4dd3995d3d8f4eb9c90594
Author:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
AuthorDate: Fri Aug 16 06:21:45 2013 +0000
Commit:     Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be>
CommitDate: Fri Aug 16 13:54:24 2013 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=7f630247

Grant write privileges to squid on its log files

The squid daemon currently seems to require write privileges on the files
(squid_log_t) - append no longer cuts it. This is confirmed for both the
cache.log file as well as the netdb.state file.

Switching append_files_pattern to write_files_pattern.

Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be>

---
 policy/modules/contrib/squid.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/policy/modules/contrib/squid.te b/policy/modules/contrib/squid.te
index a68b5c4..eadd503 100644
--- a/policy/modules/contrib/squid.te
+++ b/policy/modules/contrib/squid.te
@@ -74,7 +74,7 @@ allow squid_t squid_conf_t:file read_file_perms;
 allow squid_t squid_conf_t:lnk_file read_lnk_file_perms;
 
 manage_dirs_pattern(squid_t, squid_log_t, squid_log_t)
-append_files_pattern(squid_t, squid_log_t, squid_log_t)
+write_files_pattern(squid_t, squid_log_t, squid_log_t)
 create_files_pattern(squid_t, squid_log_t, squid_log_t)
 setattr_files_pattern(squid_t, squid_log_t, squid_log_t)
 manage_lnk_files_pattern(squid_t, squid_log_t, squid_log_t)