[rsyslog] rsyslog v3 and selinux

Jan-Frode Myklebust janfrode at tanso.net
Wed Mar 12 12:39:04 CET 2008

On 2008-03-11, Johnny Tan <linuxweb at gmail.com> wrote:
> However, when I rebuilt the RPM for v3.12.1, and used the 
> same init script to run it, I get many SELinux errors. 
> Eventually, I worked out all the things I had to allow for 
> rsyslog v3.12.1 to run properly. It's enclosed below as a 
> semanage module.

These seems very strange:

> allow syslogd_t boot_t:dir search;
> allow syslogd_t system_map_t:file { read getattr };

Why does it want to read /boot/System.map* ?

> allow syslogd_t auditd_log_t:dir search;
> allow syslogd_t auditd_log_t:file { getattr read };

And why read /var/log/audit/* ?


More information about the rsyslog mailing list