Sigh..... Still more.... appears this is a problem with
sysklogd-1.4.1-17 (see:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125650).
The problem with run_init is probably a tangent.....
tom
Tom London wrote:
After digging a bit, I determined that the problem is that syslog is
not running.
I tried to start it manually with 'run_init /etc/rc.d/init.d/syslog
start' but got:
Could not open file: /etc/security/initrc_context
Indeed, this file no longer exists (now
/etc/selinux/strict/contexts/initrc_context)
Creating a symbolic link 'ln -sf
/etc/selinux/strict/contexts/initrc_context
/etc/security/initrc_context' did not seem to work, nor did copying
the file (and copying context) to /etc/security (get same message).
I'm running policycoreutils-1.13.3. Is there a newer one?
Bugzilla'ed: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=125809
tom
[I'm guessing that updating to selinux-policy-strict-1.13.4-2 may have
removed /etc/security/initrc_context. That possible?]
Tom London wrote:
I just noticed that I am no longer getting avc messages in
/var/log/messages for my 'run out of the development tree' system.
It is running kernel-2.6.6-1.427, selinux-policy-strict-1.13.4-2 and
libselinux-1.13.2-4.
I only get 'blank lines' in /var/log/messages and 'last line repeated
47 times' type messages.
Seems to have started 2 days ago. The same kernel running with the
old policy files (policy-1.11.3-3 and libselinux-1.11.4-1) produce
avc messages in the log.
The config file for the kernel appears to have AUDIT set to 'y'.....
Anyone seeing this?
tom
