[rsyslog-notify] Forum Thread: Re: Configuration advice, rolling my own syslog server. - (Mode 'reply')
noreply at adiscon.com
noreply at adiscon.com
Wed Feb 12 03:53:04 CET 2014
User: dlang
Forumlink: http://kb.monitorware.com/viewtopic.php?p=24222#p24222
Message:
----------
the openvz project offers an optional kernel to replace the system kernel,
using openvz does not require replacing your main kernel.
_because_ apparmor is implemented in the kernel, if it's active, it will be
in effect for everything running on the system, including things running
inside containers. SELinux has the same property, if it's active on the
main system, it's going to be active for everything running in every
container. You should not be able to control (i.e. enable/disable)
AppArmor/SELinux from inside the container, but any restrictions that are
put there by the host system will remain.
looking at openvz.org, they have different kernels for different versionf
of RHEL, and the Debian and Ubuntu kernels are different versions than the
redhat ones. So even if you are using the openvz kernels, don't assume that
everything is exactly the same. I would expect them to be different (if for
no other reason than the SELinux vs AppArmor issue)
By the way, have you checked the rsyslog.conf file for CentOS? the reason
it doesn't require commenting out this line could be that it's not there by
default?
Are you running the same version of rsyslog in your different containers?
is the distro inside the container the same as the distro on the host
systems? (when you get to things dealing with the kernel, this can matter)
More information about the rsyslog-notify
mailing list