allow unconfined_t logrotate_t:process transition; allow logrotate_t { shell_exec_t bin_t }:file entrypoint; allow logrotate_t unconfined_t:fd use; allow logrotate_t unconfined_t:process sigchld;
I recently had a problem with SE Linux policy related to logrotate. To test it out I decided to run a shell in the domain logrotate_t to interactively perform some of the operations that logrotate performs […]