Mike Pepe wrote:
I'm wondering if anyone knows the magic incantation you need in order to make FC3 with selinux turned on to like syslog-ng.
it won't let syslog-ng access /proc/kmesg and therefore prevents it from working.
If I turn off selinux, of course, it works fine.
This selinux stuff is nice, but hard to figure out!
_______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
A little off topic but you might want to look at audt2allow a nice tool that reads error messages sent by the kernel to help in building the proper ruleset. You will find more places than not where SELinux will deny you on things that your use to getting done. Also check out "chcon" as your files will need to be in the proper context as well to allow access. Zeb