[syslog-ng] syslog-ng + rhel5 + selinux
Jan-Frode Myklebust
janfrode at tanso.net
Tue Apr 10 11:40:34 CEST 2007
(Reposting now that I'm subscribed)
I've created an RPM package of syslog-ng that installs the
necessary selinux module to work on RHEL5. This is not creating
a whole new selinux domain for syslog-ng (like I expect the
reference policy to do), but rather a small extention of the
RHEL5 provided syslogd domain to allow syslogd_t opening /dev/kmsg,
514/tcp and creating some files under /var.
http://tanso.net/yum/repodata/repoview/syslog-ng-0-2.0.3-1.el5.html
http://tanso.net/selinux/
The selinux rules installed by this RPM is
http://tanso.net/selinux/syslog_ng.te
and can be installed separately by saving that file to /root/syslog_ng.te
and running:
checkmodule -M -m -o syslog_ng.mod syslog_ng.te
semodule_package -o syslog_ng.pp -m syslog_ng.mod
restorecon ./syslog_ng.pp
semodule -i ./syslog_ng.pp
It can later be removed by "semodule --remove=syslog_ng".
-jf
More information about the syslog-ng
mailing list