Hi.
I've got a server which is running CentOS5 and Selinux is activated on it. I've got one problem though. Selinux is blocking append access to named.log file in /var/log/.
Bind-chroot is being used.
What should I do in order to get append access to named.log file?
ls -laZ show:
-rw-r--r-- named named system_u
bject_r:named_log_t /var/log/named.log
Extract from sealert message:
host=server.test.tld type=AVC msg=audit(1216019110.434:17676): avc: denied { append } for pid=2866 comm="named" name="named.log" dev=md1 ino=6508403 scontext=system_u:system_r:named_t:s0 tcontext=system_u
bject_r:named_conf_t:s0 tclass=file
host=server.test.tld type=SYSCALL msg=audit(1216019110.434:17676): arch=40000003 syscall=5 success=no exit=-13 a0=b3237418 a1=441 a2=1b6 a3=b3314ce8 items=0 ppid=1 pid=2866 auid=4294967295 uid=25 gid=25 euid=25 suid=25 fsuid=25 egid=25 sgid=25 fsgid=25 tty=(none) ses=4294967295 comm="named" exe="/usr/sbin/named" subj=system_u:system_r:named_t:s0 key=(null)
I've tried running restorecon -v 'named.log', but that did not help either.
Regards,
/mysteron