On Monday 09 March 2009, Paul Howarth wrote:
Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Gene Heskett wrote:
Greetings;
Its been several days, but I haven't seen any policy updates yet, and setroubleshooter is still hacking away at the lower right corner of the screen.
Call this a ping? :)
Gene need more info. OS? Problem? AVCs?
Lots of email, lots of bugzillas, 5 different OSs.
RHEL4, RHEL5, F9, F10, Rawhide.
I think Gene was referring to this:
https://www.redhat.com/archives/fedora-selinux-list/2009-March/msg00025.html
Paul.
Yes, Paul. And to requote from the last of that thread:
"Fetchmail policy does not allow for the creation of a logfile right now. I guess the default is to write to syslog. We need to add a mechansim for fetchmail to create a fetchmail_log_t and allow procmail_t to append to it."
Which would address this particular problem nicely WITH the exception that my procmail keeps its own logs.
Here is my 'mail' script in /etc/logrotate.d: =============================================== # Logrotate file for fetchmail.log and procmail.log
/var/log/fetchmail.log { missingok compress notifempty weekly size=1000k rotate 5 copytruncate create 0600 gene gene prerotate /usr/bin/killall fetchmail sleep 1 endscript postrotate chown gene:gene /var/log/fetchmail.log restorecon -v /var/log/fetchmail.log echo "log rotated on "date -u >>var/log/fetchmail.log su gene -c "/usr/bin/fetchmail -d 90 --fetchmailrc /home/gene/.fetchmailrc" endscript } /var/log/procmail.log { missingok compress notifempty weekly size=1000k rotate 5 copytruncate create 0600 gene gene postrotate restorecon -v /var/log/procmail.log echo "log rotated on "date -u >>/var/log/procmail.log endscript } =========================================== And I should note that doing a head on the two files shows the echo's above, except I need to backtick the date -u :) I'll fix that right now.
FWIW, neither file is up to the trigger size, but close, and this is only noonish Monday: -rw------- 1 gene gene 472824 2009-03-09 12:23 /var/log/fetchmail.log -rw------- 1 gene gene 854970 2009-03-09 12:21 /var/log/procmail.log
From the dates on the rest of the procmail.log-*.gz's it is in fact being
rotated daily, so I should add another 0 to the size, or just remove it & let it use the Sunday morning schedule. Or I should remove the VERBOSE=yes in the ~/.procmailrc :) fetchmail.log is being rotated at 4 day intervals.
At one point someone else whose name is not (I don't think) on the CC: list, said he would do it. So I was expecting to see a new targeted policy show up in yumex in a day or so, but it is still missing.
Thanks everybody.