On Thu, Jan 06, 2005 at 10:43:06PM +1100, Russell Coker wrote: > > Debian creates the logrotate state file as "/var/lib/logrotate/status", > > rather than "/var/lib/logrotate.status". The updated pattern will match > > both cases. > > I've attached a slightly different version that will work on other distros > too. I don't mind tagging that change as Debian-specific. But wouldn't it be better to match the "/var/lib/logrotate" directory, instead of the individual file therein? Just in case additional files are added in the future. Would this version be acceptable?
--- logrotate.fc.orig 2005-01-01 15:17:35.000000000 -0600 +++ logrotate.fc 2005-01-07 17:12:06.000000000 -0600 @@ -3,9 +3,11 @@ /usr/sbin/logcheck -- system_u:object_r:logrotate_exec_t ifdef(`distro_debian', ` /usr/bin/savelog -- system_u:object_r:logrotate_exec_t +/var/lib/logrotate(/.*)? system_u:object_r:logrotate_var_lib_t +', ` +/var/lib/logrotate\.status -- system_u:object_r:logrotate_var_lib_t ') /etc/cron\.(daily|weekly)/sysklogd -- system_u:object_r:logrotate_exec_t -/var/lib/logrotate\.status -- system_u:object_r:logrotate_var_lib_t /var/lib/logcheck(/.*)? system_u:object_r:logrotate_var_lib_t # using a hard-coded name under /var/tmp is a bug - new version fixes it /var/tmp/logcheck -d system_u:object_r:logrotate_tmp_t
Attachment:
signature.asc
Description: Digital signature