1 |
On Sun, 13 Nov 2016 16:29:00 -0600 |
2 |
R0b0t1 <r030t1@×××××.com> wrote: |
3 |
|
4 |
> If there is no policy package installed and there is not one in the |
5 |
> tree, you are on your own until one is written. I would double check |
6 |
> to ensure one exists because: 1) To the best of my knowledge, there |
7 |
> are logging policies available, and 2) policy packages tend to be |
8 |
> missing from DEPENDS/RDEPENDS for things in the tree on SELinux |
9 |
> profiles. |
10 |
|
11 |
There are several rsyslog-specific statements in the system/logging |
12 |
policy module, which is included in our default policy ebuild |
13 |
(sec-policy/selinux-base-policy). Thus, rsyslog should be supported by |
14 |
default. |
15 |
|
16 |
/dev/log being labeled sysadm_t is definitly a bug, though. I agree |
17 |
with Jason that your rsyslog binary is probably mislabeled. Please |
18 |
check the output of 'ps axZ|grep rsyslog', 'ls -lZ /usr/sbin/rsyslogd' |
19 |
and 'restorecon -Fv /usr/sbin/rsyslogd'. |
20 |
|
21 |
Regards, |
22 |
Luis |