[syslog-ng] Subsys Dead, syslog-ng and SELinux
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Fri May 13 05:08:22 CEST 2005
On Thu, 12 May 2005 20:37:21 CDT, Zeb Fletcher said:
> > -rw------- root root root:object_r:var_lock_t syslog-ng
> >
> > The root:object_r:var_lock_t should have been
> > user_u:object_r:var_lock_t, and that is what is causing syslog-ng
> > daemon to die. Also, the file permissions generally are 666.
> Check the context of the file the error is telling you that the file is
> in the root context and should be user_u. look at the command chcon to
> fix this.
If you're using the 'strict' policy from FC4, then it should be
system_u:object_r:var_lock_t for /var/lock/subsys/*
The 'targeted' policy from RHEL4 doesn't seem to care if it's root: or user_u:
but the file_contexts file wants to relabel it as system_u: anyhow -
/var/lock(/.*)? system_u:object_r:var_lock_t
(Same for both FC4 'strict' and RHEL4 'targeted' (which is almost the same as
the FC3 'targeted').
(And if you're crazy enough to be using the MLS policy, it is:
/var/lock(/.*)? system_u:object_r:var_lock_t:s0
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.test.balabit.hu/pipermail/syslog-ng/attachments/20050512/e7bc0794/attachment.pgp
More information about the syslog-ng
mailing list