-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/30/2011 04:52 AM, Kurt Seifried wrote: > I'm experimenting with a package that needs to have rsyslog write to a > named fifo pipe (so log data can be handed off from rsyslog to an > external program). As I see it the options are: > > 1) apologize to the user and tell them to disable SELinux (no thanks) > 2) get Fedora SELinux policy to add an exception (best case scenario I think) > 3) tell the user how to manually modify policy and update it (which > might then break the next SELinux policy gets updated/etc.). > > Is there any official process/advice for this? Thanks in advance. > > -Kurt I would just request the policy to be updated to allow this. Which policy version/OS are you dealing with? It should be a mere matter of labeling the fifo_file with the appropriate label to allow syslog to write. The real question is who is on the other end of the fifo file listing for syslog messages? We probably would need to write policy for this app. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk3lAAoACgkQrlYvE4MpobOPeACgwpcmM8ITastd4pUFq0K0dcHi x2AAmgKjHX7smj2U0ZbIaB7PWiTsxcam =EiNE -----END PGP SIGNATURE----- -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
