Displaying 1 result from an estimated 1 matches for "logwatch_exec_t".
2014 Aug 14
2
SELinux vs. logwatch and virsh
...permissive and that allows virsh to run. Therefore I know it is
something to do with SELinux.
The logwatch script is:
#Lots of comments
/usr/bin/virsh list --all
I see the selinux security context of virsh is
system_u:object_r:virsh_exec_t:s0
while logwatch.pl runs as
system_u:object_r:logwatch_exec_t:s0
As I understand it, selinux does not permit having multiple type settings for a file. Any
file can have exactly one type setting.
I ran this command hoping it would add another type to the virsh program.
semanage fcontext -a -t logwatch_exec_t /usr/bin/virsh
semanage fcontext --list /u...