[syslog-ng] Redirect syslog-ng to ttyS0

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Thu Nov 29 21:09:25 CET 2007

On Thu, 29 Nov 2007 11:14:12 +0100, Balazs Scheidler said:

> I think this is not a permission problem. syslog-ng opens the device
> once, and then it is kept opened. Permissions checking is usually
> applied at open time and not any later.

Note that on a Linux box that uses SELinux, it *is* possible for a file to
be opened sucessfully, but later on a security context change on the file
causes subsequent read/write activity to fail.

Before login:

% ls -lZ /dev/tty1
crw-------  root root system_u:object_r:tty_device_t:s0 /dev/tty1

After login:

% ls -lZ /dev/tty1
crw-------  valdis tty staff_u:object_r:staff_tty_device_t:s0 /dev/tty1

(This is with SELinux and the MLS stuff in place).

My best guess as to what's nuking things - flush_unauthorized_files() in
security/hooks.c in the kernel.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.balabit.hu/pipermail/syslog-ng/attachments/20071129/5a3f67f2/attachment.pgp 

More information about the syslog-ng mailing list