Why does rsyslogd fails to write into named pipes on systems with SELinux enabled ?
Issue
- Why does rsyslogd fails to write into named pipes on systems with SELinux enabled?
-
How to output messages to the named pipes created according to the following steps?
-
Create named pipe
# cd /tmp # mkfifo fifo # ls -lZ fifo prw-r--r--. root root unconfined_u:object_r:user_tmp_t:s0 fifo -
Add following to /etc/rsyslog.conf so that logs are redirected to named pipe
*.* |/tmp/fifo -
Restart rsyslog and generate a log message
# logger test message -
The messages are not written to fifo (can check with
cat /tmp/fifo) and an SELinux denial error is logged in /var/log/audit/audit.log, e.g.:avc: denied { read write } for pid=8688 comm="rsyslogd" name="fifo" dev=dm-0 ino=25016 scontext=unconfined_u:system_r:syslogd_t:s0 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=fifo_file avc: denied { open } for pid=8688 comm="rsyslogd" name="fifo" dev=dm-0 ino=25016 scontext=unconfined_u:system_r:syslogd_t:s0 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=fifo_file
-
Environment
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 5
- rsyslog
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
