bloody links!
Paul Howarth
paul at city-fan.org
Fri Jul 2 16:12:34 UTC 2010
On 02/07/10 15:58, Mr Dash Four wrote:
>
>>> What am I doing wrong?!
>>
>> Using bind mounts instead of symlinks will help.
> It did!
>
> I added "/apps/var/log /var/log none bind 0 0" to my fstab file and 2 of
> the three alerts are now gone. I am still getting this though:
>
> kernel: type=1400 audit(1278074918.050:4): avc: denied { write } for
> pid=1557 comm="login" name="log" dev=sdc ino=16386
> scontext=system_u:system_r:local_login_t:s0-s0:c0.c1023
> tcontext=system_u:object_r:var_log_t:s0 tclass=dir
>
> This happens when I try to log in to the console. Any ideas?
It's probably trying to create a new file in your log directory. Try
logging in with the system in permissive mode so you can see which file
it's trying to create, then create an empty file with the right
ownership and permissions (regular and SELinux) in your log directory
and try again in enforcing mode.
Paul.
More information about the selinux
mailing list