46 lines
1.0 KiB
Plaintext
46 lines
1.0 KiB
Plaintext
|
# ------------------------------------------------------------------
|
||
|
#
|
||
|
# Copyright (C) 2014 Novell/SUSE
|
||
|
#
|
||
|
# This program is free software; you can redistribute it and/or
|
||
|
# modify it under the terms of version 2 of the GNU General Public
|
||
|
# License published by the Free Software Foundation.
|
||
|
#
|
||
|
# ------------------------------------------------------------------
|
||
|
|
||
|
#include <tunables/global>
|
||
|
|
||
|
/usr/sbin/rsyslogd {
|
||
|
#include <abstractions/base>
|
||
|
#include <abstractions/consoles>
|
||
|
# general networking is allowed here
|
||
|
#include <abstractions/nameservice>
|
||
|
|
||
|
capability block_suspend,
|
||
|
capability dac_override,
|
||
|
capability sys_nice,
|
||
|
capability sys_tty_config,
|
||
|
capability syslog,
|
||
|
|
||
|
/dev/tty* w,
|
||
|
/dev/xconsole rw,
|
||
|
|
||
|
/etc/rsyslog.conf r,
|
||
|
/etc/rsyslog.d/ r,
|
||
|
/etc/rsyslog.d/* r,
|
||
|
|
||
|
/usr/lib{,32,64}/rsyslog/* mr,
|
||
|
/usr/sbin/rsyslogd mr,
|
||
|
|
||
|
/var/log/** rw,
|
||
|
|
||
|
/proc/kmsg r,
|
||
|
|
||
|
/{var/,}run/rsyslog/* r,
|
||
|
/{var/,}run/rsyslogd.pid rwk,
|
||
|
/{var/,}run/systemd/journal/syslog w,
|
||
|
|
||
|
# include rules for rsyslog-module-* packages
|
||
|
#include <rsyslog.d>
|
||
|
}
|