Why does rsyslogd fails to write into named pipes on systems with SELinux enabled ?

Solution Verified - Updated -

Issue

  • Why does rsyslogd fails to write into named pipes on systems with SELinux enabled?
  • How to output messages to the named pipes created according to the following steps?

    1. Create named pipe

      # cd /tmp
      # mkfifo fifo
      # ls -lZ fifo
      prw-r--r--. root root unconfined_u:object_r:user_tmp_t:s0 fifo
      
    2. Add following to /etc/rsyslog.conf so that logs are redirected to named pipe

      *.*  |/tmp/fifo
      
    3. Restart rsyslog and generate a log message

      # logger test message
      
    4. The messages are not written to fifo (can check with cat /tmp/fifo) and an SELinux denial error is logged in /var/log/audit/audit.log, e.g.:

      avc:  denied  { read write } for  pid=8688 comm="rsyslogd" name="fifo" dev=dm-0 ino=25016 scontext=unconfined_u:system_r:syslogd_t:s0 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=fifo_file
      avc:  denied  { open } for  pid=8688 comm="rsyslogd" name="fifo" dev=dm-0 ino=25016 scontext=unconfined_u:system_r:syslogd_t:s0 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=fifo_file
      

Environment

  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 5
  • rsyslog

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.