search for: logrotate_t

On Tue, 2015-03-10 at 14:43 +0100, Andrea Dell'Amico wrote: > > #============= logrotate_t ============== > allow logrotate_t fail2ban_client_exec_t:file { ioctl read execute > execute_no_trans open }; > Looks like this was already fixed in 'selinux-policy'. See https://bugzilla.redhat.com/show_bug.cgi?id=1114821 John. -- John Horne Tel: +44 (0)175...

...this SElinux problem? type=USER_AVC msg=audit(1513478641.700:1920): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied { reload } for auid=0 uid=0 gid=0 cmdline="/usr/bin/systemctl reload named-chroot.service" scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=system_u:system_r:init_t:s0 tclass=service exe="/usr/lib/systemd/systemd" sauid=0 hostname=? addr=? terminal=?' type=USER_AVC msg=audit(1513478641.702:1921): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg='avc: denied...

On Mon, March 9, 2015 13:11, John Plemons wrote: > Been working on fail2ban, and trying to make it work with plain Jane > install of Centos 7 > > Machine is a HP running 2 Quad core Xeons, 16 gig or ram and 1 plus TB > of disk space. Very generic and vanilla. > > Current available epel repo version is fail2ban-0.9.1 > > Looking at the log file, fail2ban starts and stops

...t; maxretry = 5 > I?m using fail2ban with the -firewalld and -systemd modules, and I had to setup some SELinux rules to make it working right. This is the policy I add to the CentOS 7 machines: module fail2ban-journal-sepol-new 1.0; require { type fail2ban_client_exec_t; type logrotate_t; type fail2ban_t; type syslogd_var_run_t; class dir read; class file { ioctl read execute execute_no_trans open getattr }; } #============= fail2ban_t ============== #!!!! This avc is allowed in the current policy allow fail2ban_t syslogd_var_run_t:dir read; #!!!!...

...9;s state files (which had bad dates). But now Logrotate is raising the error: error: error creating unique temp file: Permission denied and audit.log contains these messages: type=AVC msg=audit(1541925899.209:28416): avc: denied { create } for pid=5281 comm="logrotate" name="logrotate_temp.bPbOYF" scontext=system_u:system_r:logrotate_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:var_lib_t:s0 tclass=file type=SYSCALL msg=audit(1541925899.209:28416): arch=c000003e syscall=2 success=no exit=-13 a0=7ffdd2d613d0 a1=c2 a2=180 a3=0 items=0 ppid=5279 pid=5281 auid=0 uid=0 gid=0 eui...