jmolinasoler/fail2ban-syslog.te

## fail2ban-syslog.te
# Steps:
# 1. Create file fail2ban.te
# 2. checkmodule -M -m -o fail2ban-syslog.mod fail2ban-syslog.te
# 3. semodule_package -o fail2ban-syslog.pp -m fail2ban-syslog.mod
# 4. semodule -i fail2ban-syslog.pp
# 5. sudo service fail2ban restart

module fail2ban-syslog 1.0;
require {
	type syslogd_var_run_t;
	type fail2ban_t;
	class dir read;
	class file read;
	class file open;
	class file getattr;
}

#============= fail2ban_t ==============
allow fail2ban_t syslogd_var_run_t:dir read;
allow fail2ban_t syslogd_var_run_t:file read;
allow fail2ban_t syslogd_var_run_t:file open;
allow fail2ban_t syslogd_var_run_t:file getattr;
	# Steps:
	# 1. Create file fail2ban.te
	# 2. checkmodule -M -m -o fail2ban-syslog.mod fail2ban-syslog.te
	# 3. semodule_package -o fail2ban-syslog.pp -m fail2ban-syslog.mod
	# 4. semodule -i fail2ban-syslog.pp
	# 5. sudo service fail2ban restart

	module fail2ban-syslog 1.0;
	require {
	type syslogd_var_run_t;
	type fail2ban_t;
	class dir read;
	class file read;
	class file open;
	class file getattr;
	}

	#============= fail2ban_t ==============
	allow fail2ban_t syslogd_var_run_t:dir read;
	allow fail2ban_t syslogd_var_run_t:file read;
	allow fail2ban_t syslogd_var_run_t:file open;
	allow fail2ban_t syslogd_var_run_t:file getattr;