On Monday 19 October 2009 09:55:50 pm Luke Macken wrote:
On Mon, Oct 19, 2009 at 08:06:08PM -0500, Dennis Gilmore wrote:
> We notcied that there was no apache logging on cvs1. this is because the
> selinux policy was preventing apache from writing log files. For now i
> have set selinux to permissive mode until we can fix the policy
> correctly.
What were the specific SELinux denials?
I don't see any AVCs on cvs1, nor have I seen any since we flipped it to
enforcing mode.
How did you come to this conclusion?
the bunch of httpd messages i got while tailing /var/log/audit/audit.log
however looking at it now it doesnt seem related to logging. doing a graceful
of httpd after setting enforcing to permissive enabled logs to work again.
Dennis