[CentOS] Rsyslog5 and CentOS
Hi folks, I am in the process of getting rsyslog 5.8.2 to work on CentOS 5.6 (both 64 and 32 bit). All that is left is getting SELinux to work with it. Has anybody out there gone through the process of working this out and can provide a policy file? If not, is anyone interested in the work I will do then (is there some place to publish those files?)? Best regards, Dirk ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Rsyslog5 and CentOS
Not sure exactly what you need but I came across this when setting up rsyslog to work with mysql and was having SELinux protecting services. This is what I used you can see if it helps resolve your issue. Again I don't know if this will work for you but u can try it in a test environment and see if it helps # setenforce 0 # service rsyslog restart # cat /var/log/audit/audit.log | grep rsyslogd | audit2allow -M myselinuxmod; semodule -i myselinuxmod.pp # setenforce 1 # service rsyslog restart That should get all audit related errors, audit allow a policy file and load up the file. Tweak it as u see fit, HTH Aly Sent from my BlackBerry device on the Rogers Wireless Network ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Rsyslog5 and CentOS
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/06/2011 02:49 PM, aly.khi...@gmail.com wrote: Not sure exactly what you need but I came across this when setting up rsyslog to work with mysql and was having SELinux protecting services. This is what I used you can see if it helps resolve your issue. Again I don't know if this will work for you but u can try it in a test environment and see if it helps # setenforce 0 # service rsyslog restart # cat /var/log/audit/audit.log | grep rsyslogd | audit2allow -M myselinuxmod; semodule -i myselinuxmod.pp # setenforce 1 # service rsyslog restart That should get all audit related errors, audit allow a policy file and load up the file. Tweak it as u see fit, HTH Aly Sent from my BlackBerry device on the Rogers Wireless Network ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos You want to look at the rules you generate to make sure they make sense. Most likely getting Rsyslog5 to work with SELInux would be to label it with syslogd_exec_t and then looking at the avc's generated. If it has special /var/run or /var/log directories you might have to label these also. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAk4Us7AACgkQrlYvE4MpobOPNgCgy9MppK7C4xBoWY/ngAGUSEoM AI8AnRzt8wWZgFLUEcn3rTE1wlgUhfnl =SEnO -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Rsyslog5 and CentOS
Agreed, I was doing this in a test environment, and did review the rules created. Hopefully that part was assumed ;) but if not I agree it is wise to review the policy file it creates before they get snapped it. Aly Sent from my BlackBerry device on the Rogers Wireless Network ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Rsyslog5 and CentOS
On 07/06/11 11:33 AM, Dirk wrote: I am in the process of getting rsyslog 5.8.2 to work on CentOS 5.6 (both 64 and 32 bit). All that is left is getting SELinux to work with it. Has anybody out there gone through the process of working this out and can provide a policy file? If not, is anyone interested in the work I will do then (is there some place to publish those files?)? I can't answer to the first part, but the best place to publish the selinux policy would be in the RPM, and if your RPM plays well with others, see about getting it into one of the RPM repositories. -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
