On Sun, 2005-12-25 at 12:31 +0100, Ronny Vaningh wrote:
I just installed syslog-ng 1.6.9 on a centos 4.2 machine and syslog-ng doesnt start even after setting setsebool -P use_syslogng=1
I still get the error
Starting system logger: Error opening file /proc/kmsg for reading (Permission denied)
However it seems that syslog-ng tries to write to /prc/kmsg instead of reading it
type=AVC msg=audit(1135510199.139:26): avc: denied { write } for pid=11942 comm="syslog-ng" name="kmsg" dev=proc ino=-268435446 scontext=root:system_r:syslogd_t tcontext=system_u:object_r:proc_kmsg_t tclass=file
I'm a little bit puzzled why syslog-ng tries to write to /proc/kmsg instead of just reading messages of it.
I can off course change the policy to allow writing but I feel that I must be doing something wrong here
you are probably using pipe("/proc/kmsg") and not file("/proc/kmsg"). Albeit pipe is more or less equivalent to file(), one difference is that pipes are opened in read-write mode (so that it always has a writer even if noone opened the pipe for writing). -- Bazsi