Bug 748545 - rsyslog cannot search var_spool_t
Summary: rsyslog cannot search var_spool_t
Keywords:
Status: CLOSED DUPLICATE of bug 705277
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: selinux-policy
Version: 6.1
Hardware: All
OS: Linux
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Miroslav Grepl
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-10-24 18:51 UTC by Josh
Modified: 2011-10-25 07:46 UTC (History)
2 users (show)

Fixed In Version: selinux-policy-3.7.19-118.el6
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-10-25 07:46:14 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Josh 2011-10-24 18:51:55 UTC 
Description of problem:
When rsyslog is configured to spool files to /var/spool/rsyslog it cannot search /var/spool because it cannot search var_spool_t

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. semanage fcontext -l | grep rsyslog # shows that /var/spool/rsyslog(/.*)? is labeled var_log_t
2. sesearch --allow -t var_spool_t -c dir -p search -s syslogd_t

Actual results:
no output

Expected results:
allow syslogd_t var_spool_t : dir { search }

Additional info:
Comment 2 Daniel Walsh 2011-10-24 18:59:22 UTC 
Fixed in selinux-policy-3.7.19-118.el6

Preview of 6.2 selinux-policy available in 

http://people.redhat.com/dwalsh/SELinux/RHEL6
Comment 3 Josh 2011-10-24 20:08:38 UTC 
I forgot to mention the version was 3.7.19-93
Comment 4 Daniel Walsh 2011-10-24 20:12:26 UTC 
Right so if you can download the newer version and confirm the fix, that would be great.
Comment 5 Miroslav Grepl 2011-10-25 07:46:14 UTC 

*** This bug has been marked as a duplicate of bug 705277 ***
Note You need to log in before you can comment on or make changes to this bug.