1 |
I have the following problem with a new installation (2.6.7-r7): When |
2 |
booting in enforcing mode, syslog-ng fails to start, giving the message- |
3 |
Error opening file /proc/kmsg for reading (Operation not permitted). |
4 |
|
5 |
The denial log looks like this: |
6 |
avc: denied { sys_admin } for pid=3937 exe=/usr/sbin/syslog-ng capability=21 |
7 |
scontext=system_u:system_r:syslogd_t |
8 |
tcontext=system_u:system_r:syslogd_t tclass=capability |
9 |
|
10 |
Strangely, when booting in permissive mode, no denial is logged. |
11 |
|
12 |
Any ideas? |
13 |
|
14 |
Thanks, |
15 |
Richard Simpson |
16 |
|
17 |
|
18 |
-- |
19 |
gentoo-hardened@g.o mailing list |