[CentOS] Rsyslog5 and CentOS

Daniel J Walsh dwalsh at redhat.com
Wed Jul 6 19:12:49 UTC 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/06/2011 02:49 PM, aly.khimji at gmail.com wrote:
> Not sure exactly what you need but I came across this when setting up rsyslog to work with mysql and was having SELinux protecting services. This is what I used you can see if it helps resolve your issue. Again I don't know if this will work for you but u can try it in a test environment and see if it helps
> 
> # setenforce 0
> # service rsyslog restart
> # cat /var/log/audit/audit.log | grep rsyslogd | audit2allow -M myselinuxmod; semodule -i myselinuxmod.pp
> # setenforce 1
> # service rsyslog restart
> 
> That should get all audit related errors, audit allow a policy file and load up the file.
> 
> Tweak it as u see fit, 
> HTH
> 
> Aly
> Sent from my BlackBerry device on the Rogers Wireless Network
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos

You want to look at the rules you generate to make sure they make sense.
 Most likely getting Rsyslog5 to work with SELInux would be to label it
with syslogd_exec_t and then looking at the avc's generated.
If it has special /var/run or /var/log directories you might have to
label these also.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk4Us7AACgkQrlYvE4MpobOPNgCgy9MppK7C4xBoWY/ngAGUSEoM
AI8AnRzt8wWZgFLUEcn3rTE1wlgUhfnl
=SEnO
-----END PGP SIGNATURE-----



More information about the CentOS mailing list