Hi,

 

I am trying to configure syslog-ng to run with selinux in enforcing mode.

I have tried to configure ports for syslog-ng in linux using semanage command using following link:-

https://www.syslog-ng.com/community/b/blog/posts/using-syslog-ng-with-selinux-in-enforcing-mode

 

under section -> Using a different port

 

a=After that I rebooted the server, I can see syslog-ng is listening in all ports configured in /etc/syslog-ng/conf.d/*.conf ( using netstat -nap|grep ports).

I can see all ports in output of 'semanage port --list|grep syslog' also.

but it’s not processing any data.

It start processing data the moment I disable selinux in /etc/selinux/config file.

 

what might be the problem please, how do I go about troubleshooting this.

 

syslog-ng --version

syslog-ng 3.5.6

Installer-Version: 3.5.6

Revision:

Compile-Date: Dec 30 2015 19:57:24

Available-Modules: affile,afprog,afsocket-notls,afsocket-tls,afsocket,afstomp,afuser,basicfuncs,confgen,cryptofuncs,csvparser,dbparser,linux-kmsg-format,syslogformat,system-source

Enable-Debug: off

Enable-GProf: off

Enable-Memtrace: off

Enable-IPv6: on

Enable-Spoof-Source: on

Enable-TCP-Wrapper: on

Enable-Linux-Caps: on

Enable-Pcre: on

 

cat /etc/redhat-release

Red Hat Enterprise Linux Server release 7.4 (Maipo)

 

Regards

Mohan