Update ee-logrotate.te

Author: dinhngocdung

logrotate/selinux-policy/ee-logrotate.te

@@ -4,16 +4,12 @@ require {
     type logrotate_t;
     type container_runtime_exec_t;
     type usr_t;
-    class file { read open getattr append execute execute_no_trans };
+    class file { read open getattr append execute execute_no_trans map };
 }
 
 #============= logrotate_t ==============
 
-# 1. Quyền đọc docker inspect
 allow logrotate_t container_runtime_exec_t:file { read open getattr };
-
-# 2. Quyền thực thi docker compose  
 allow logrotate_t container_runtime_exec_t:file { execute execute_no_trans };
-
-# 3. Quyền ghi append vào log file (giữ nguyên usr_t)
+allow logrotate_t container_runtime_exec_t:file map;
 allow logrotate_t usr_t:file append;