| 1 |
On Sun, 13 Nov 2016 16:29:00 -0600 |
| 2 |
R0b0t1 <r030t1@×××××.com> wrote: |
| 3 |
|
| 4 |
> If there is no policy package installed and there is not one in the |
| 5 |
> tree, you are on your own until one is written. I would double check |
| 6 |
> to ensure one exists because: 1) To the best of my knowledge, there |
| 7 |
> are logging policies available, and 2) policy packages tend to be |
| 8 |
> missing from DEPENDS/RDEPENDS for things in the tree on SELinux |
| 9 |
> profiles. |
| 10 |
|
| 11 |
There are several rsyslog-specific statements in the system/logging |
| 12 |
policy module, which is included in our default policy ebuild |
| 13 |
(sec-policy/selinux-base-policy). Thus, rsyslog should be supported by |
| 14 |
default. |
| 15 |
|
| 16 |
/dev/log being labeled sysadm_t is definitly a bug, though. I agree |
| 17 |
with Jason that your rsyslog binary is probably mislabeled. Please |
| 18 |
check the output of 'ps axZ|grep rsyslog', 'ls -lZ /usr/sbin/rsyslogd' |
| 19 |
and 'restorecon -Fv /usr/sbin/rsyslogd'. |
| 20 |
|
| 21 |
Regards, |
| 22 |
Luis |
Archives