--- Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: > Well you can either add custom policy using > audit2allow, or you could > have syslog write to /var/log/named.log and then > mount -o bind into > /var/named/chroot like they do with the other stuff. > > > If I understand correctly what you are trying to do. > Well in the past, what I did was create a chroot for bind using the bind-chroot rpm. Since bind was not able to able to write to /var/log/named/named.log outside of the chroot, I would create a socket "/dev/log" inside of the chroot by modifying /etc/sysconfig/syslog with the line OPTIONS_SYSLOGD="-m 0 -a /var/named/chroot/named/dev/log". That would create the socket and bind would write to /var/log/named/named.log. For some reason, now the selinux policy for named will not allow this to happen. What I am trying to find out is was this changed by design? If so, why? I am not trying to be a nuisance, rather I am trying to learn. Thanks. ____________________________________________________________________________________ Yahoo! Music Unlimited Access over 1 million songs. http://music.yahoo.com/unlimited -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
