Hi folks, I am in the process of getting rsyslog 5.8.2 to work on CentOS 5.6 (both 64 and 32 bit). All that is left is getting SELinux to work with it. Has anybody out there gone through the process of working this out and can provide a policy file? If not, is anyone interested in the work I will do then (is there some place to publish those files?)? Best regards, Dirk
Not sure exactly what you need but I came across this when setting up rsyslog to work with mysql and was having SELinux protecting services. This is what I used you can see if it helps resolve your issue. Again I don't know if this will work for you but u can try it in a test environment and see if it helps # setenforce 0 # service rsyslog restart # cat /var/log/audit/audit.log | grep rsyslogd | audit2allow -M myselinuxmod; semodule -i myselinuxmod.pp # setenforce 1 # service rsyslog restart That should get all audit related errors, audit allow a policy file and load up the file. Tweak it as u see fit, HTH Aly Sent from my BlackBerry device on the Rogers Wireless Network
Agreed, I was doing this in a test environment, and did review the rules created. Hopefully that part was assumed ;) but if not I agree it is wise to review the policy file it creates before they get snapped it. Aly Sent from my BlackBerry device on the Rogers Wireless Network
On 07/06/11 11:33 AM, Dirk wrote:> I am in the process of getting rsyslog 5.8.2 to work on CentOS 5.6 (both > 64 and 32 bit). All that is left is getting SELinux to work with it. > > Has anybody out there gone through the process of working this out and > can provide a policy file? > > If not, is anyone interested in the work I will do then (is there some > place to publish those files?)? >I can't answer to the first part, but the best place to publish the selinux policy would be in the RPM, and if your RPM plays well with others, see about getting it into one of the RPM repositories. -- john r pierce N 37, W 122 santa cruz ca mid-left coast