On Tuesday, 15 March 2022 00:53:14 AEDT Chris PeBenito wrote: > > -logging_search_logs(certbot_t) > > +logging_log_filetrans(certbot_t, certbot_log_t, dir, "letsencrypt") > > I don't see any conflicting type_transitions here or above. If there are > none, then the letsencrypt should be removed. Do we want to allow it to create whatever directories it likes under /var/log? What if it decides to create something else inappropriately? There aren't any conflicts, just an issue of whether we want to allow it unrestricted write access to an important directory. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/
