Re: New selinux-policy breaks logwatch emails?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Fri, Jan 8, 2010 at 8:28 AM, James Rankin <rankin.james@xxxxxxxxx> wrote:

> Frankly, this error message means little to mean... in the course of
> troubleshooting, I tried this:
> # setenforce Permissive
> # /etc/cron.daily/0logwatch
>
> And it worked! The logwatch email sends without error. If I turn SELinux
> back to Enforcing, then the email error is consistently repeated.
>
> What confuses me is that, when SElinux enforcing causes this error to occur,
> no SELinux or AVC messages appear in /var/log/messages or /vaar/log/secure
> or /var/log/audit/audit.log.
>
> Has anyone else seen this? Any suggestions would be appreciated.
> Thanks!

That's interesting... Have you tried increasing the loglevel? It's a
kernel option, unfortunately, and enabled with an audit=xx on the grub
boot. It might give you more than you're seeing in the audit log. You
may also want to try a relabel and manually check the context of all
associated binaries.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux