Why does rsyslogd fails to write into named pipes on systems with SELinux enabled ?

Solution Verified - Updated -

Issue

  • Why does rsyslogd fails to write into named pipes on systems with SELinux enabled?

  • How to output messages to the named pipes created according to the following steps?

    1. Create named pipe

      # cd /tmp
# mkfifo fifo
# ls -lZ fifo
prw-r--r--. root root unconfined_u:object_r:user_tmp_t:s0 fifo

    2. Add following to /etc/rsyslog.conf so that logs are redirected to named pipe

      *.*  |/tmp/fifo

    3. Restart rsyslog and generate a log message

      # logger test message

    4. The messages are not written to fifo (can check with cat /tmp/fifo) and an SELinux denial error is logged in /var/log/audit/audit.log, e.g.:

      avc:  denied  { read write } for  pid=8688 comm="rsyslogd" name="fifo" dev=dm-0 ino=25016 scontext=unconfined_u:system_r:syslogd_t:s0 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=fifo_file
avc:  denied  { open } for  pid=8688 comm="rsyslogd" name="fifo" dev=dm-0 ino=25016 scontext=unconfined_u:system_r:syslogd_t:s0 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=fifo_file

Environment

  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 5
  • rsyslog

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content