-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/06/2011 02:49 PM, aly.khimji@xxxxxxxxx wrote:
> Not sure exactly what you need but I came across this when setting up rsyslog to work with mysql and was having SELinux protecting services. This is what I used you can see if it helps resolve your issue. Again I don't know if this will work for you but u can try it in a test environment and see if it helps
>
> # setenforce 0
> # service rsyslog restart
> # cat /var/log/audit/audit.log | grep rsyslogd | audit2allow -M myselinuxmod; semodule -i myselinuxmod.pp
> # setenforce 1
> # service rsyslog restart
>
> That should get all audit related errors, audit allow a policy file and load up the file.
>
> Tweak it as u see fit,
> HTH
>
> Aly
> Sent from my BlackBerry device on the Rogers Wireless Network
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
You want to look at the rules you generate to make sure they make sense.
Most likely getting Rsyslog5 to work with SELInux would be to label it
with syslogd_exec_t and then looking at the avc's generated.
If it has special /var/run or /var/log directories you might have to
label these also.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAk4Us7AACgkQrlYvE4MpobOPNgCgy9MppK7C4xBoWY/ngAGUSEoM
AI8AnRzt8wWZgFLUEcn3rTE1wlgUhfnl
=SEnO
-----END PGP SIGNATURE-----
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
