Is selinux breaking up syslogd
Daniel J Walsh
dwalsh at redhat.com
Mon Jul 25 14:27:28 UTC 2005
Tomas Larsson wrote:
>As mentioned before, I cant get syslogd to run properly.
>
>It seems that selinux is blocking syslogd.
>
>type=AVC msg=audit(1122120398.858:801833): avc: denied { read } for
>pid=4595 comm="syslogd" name="syslog.conf" dev=dm-0 ino=653814
>scontext=root:system_r:syslogd_t tcontext=system_u:object_r:etc_runtime_t
>tclass=file
>type=SYSCALL msg=audit(1122120398.858:801833): arch=40000003 syscall=5
>success=no exit=-13 a0=d448c6 a1=0 a2=1b6 a3=9cd1298 items=1 pid=4595
>auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
>comm="syslogd" exe="/sbin/syslogd"
>
>If I understand this correctly selinux is stopping syslogd to read
>syslog.conf.
>
>How do I do to get it to work, there is no reference in the selinux
>man-pages to syslogd.
>With best regards
>
>
>
You can just restorecon /etc/syslog.conf. Is there some startup script
that is rewriting this file?
Context of syslog.conf is supposed to be etc_t, if a startup script was
creating the file it would be
etc_runtime_t. I can add the permissision if this is a normal occurrance.
>Tomas Larsson
>Sweden
>
>Verus Amicus Est Tamquam Alter Idem
>
>
>------------------------------------------------------------------------
>
>--
>fedora-selinux-list mailing list
>fedora-selinux-list at redhat.com
>http://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
--
More information about the selinux
mailing list