Displaying 6 results from an estimated 6 matches for "syslog_conf_t".
2018 Sep 09
2
Type enforcement / mechanism not clear
Any SElinux expert here - briefly:
# getenforce
Enforcing
# sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t
<no output>
# sesearch -ACR -s httpd_t -c file -p read |grep syslog_conf_t
<no output>
# ls -laZ /etc/sysctl.conf /etc/rsyslog.conf
-rw-r--r--. root root system_u:object_r:syslog_conf_t:s0 /etc/rsyslog.conf
-rw-r--r--. root root system_u:object_r:system_conf_t:s0 /etc/sysctl.conf
# ausearch -m avc --start recent
type=SYSCALL msg=audit(1536457230.922:85): arch=c00...
2018 Sep 09
3
Type enforcement / mechanism not clear
...Fauster via CentOS wrote:
>> Any SElinux expert here - briefly:
>>
>> # getenforce
>> Enforcing
>>
>> # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t
>> <no output>
>>
>> # sesearch -ACR -s httpd_t -c file -p read |grep syslog_conf_t
>> <no output>
>>
>> # ls -laZ /etc/sysctl.conf /etc/rsyslog.conf
>> -rw-r--r--. root root system_u:object_r:syslog_conf_t:s0 /etc/rsyslog.conf
>> -rw-r--r--. root root system_u:object_r:system_conf_t:s0 /etc/sysctl.conf
>>
>> # ausearch -m avc --st...
2018 Sep 10
1
Type enforcement / mechanism not clear
...efly:
>>>>
>>>> # getenforce
>>>> Enforcing
>>>>
>>>> # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t
>>>> <no output>
>>>>
>>>> # sesearch -ACR -s httpd_t -c file -p read |grep syslog_conf_t
>>>> <no output>
>>>>
>>>> # ls -laZ /etc/sysctl.conf /etc/rsyslog.conf
>>>> -rw-r--r--. root root system_u:object_r:syslog_conf_t:s0 /etc/rsyslog.conf
>>>> -rw-r--r--. root root system_u:object_r:system_conf_t:s0 /etc/sysctl.conf
&...
2018 Sep 09
0
Type enforcement / mechanism not clear
On 09/08/2018 09:50 PM, Leon Fauster via CentOS wrote:
> Any SElinux expert here - briefly:
>
>
> # getenforce
> Enforcing
>
> # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t
> <no output>
>
> # sesearch -ACR -s httpd_t -c file -p read |grep syslog_conf_t
> <no output>
>
> # ls -laZ /etc/sysctl.conf /etc/rsyslog.conf
> -rw-r--r--. root root system_u:object_r:syslog_conf_t:s0 /etc/rsyslog.conf
> -rw-r--r--. root root system_u:object_r:system_conf_t:s0 /etc/sysctl.conf
>
> # ausearch -m avc --start recent
> type=SYSCALL m...
2018 Sep 09
0
Type enforcement / mechanism not clear
...;> Any SElinux expert here - briefly:
>>>
>>> # getenforce
>>> Enforcing
>>>
>>> # sesearch -ACR -s httpd_t -c file -p read |grep system_conf_t
>>> <no output>
>>>
>>> # sesearch -ACR -s httpd_t -c file -p read |grep syslog_conf_t
>>> <no output>
>>>
>>> # ls -laZ /etc/sysctl.conf /etc/rsyslog.conf
>>> -rw-r--r--. root root system_u:object_r:syslog_conf_t:s0 /etc/rsyslog.conf
>>> -rw-r--r--. root root system_u:object_r:system_conf_t:s0 /etc/sysctl.conf
>>>
>>&...
2018 Feb 13
1
selinux policy with rsyslog and tls/certs
I've setup my rsyslog server to forward traffic to another rsyslog
server on my network. It's using gTLS to encrypt the messages in transit.
selinux is not allowing rsyslogd to read the certificates. They are
world readable, so I don't think that is the problem. When I turn
selinux mode to permissive, it works fine.
What context should the ssl certificates be in for rsyslog to be