custom logwatch crontab issues
Dmitry Makovey
dmitry at athabascau.ca
Tue Oct 21 15:41:08 UTC 2014
Hi,
While playing with logwatch setup I've stepped on a small issue: when I
try to use logwatch to output to file via:
logwatch > /var/lib/logwatch/all_reports.txt
I've got deny whether I tag above file with var_lib_t or cron_var_lib_t
. I took a look at sesearch:
$ sesearch -A -s logwatch_exec_t
Found 7 semantic av rules:
allow file_type tmp_t : filesystem associate ;
allow file_type noxattrfs : filesystem associate ;
allow file_type fs_t : filesystem associate ;
allow file_type ramfs_t : filesystem associate ;
allow file_type tmpfs_t : filesystem associate ;
allow file_type hugetlbfs_t : filesystem associate ;
allow logwatch_exec_t logwatch_exec_t : filesystem associate ;
Nothing indicates any way of making my setup work other than crafting a
module, is that the answer?
--
Dmitry Makovey
Web Systems Administrator
Athabasca University
(780) 675-6245
---
Confidence is what you have before you understand the problem
Woody Allen
When in trouble when in doubt run in circles scream and shout
http://www.wordwizard.com/phpbb3/viewtopic.php?f=16&t=19330
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 173 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20141021/05d2abf8/attachment.sig>
More information about the selinux
mailing list