How to retain default selinux context for apache log files ?

Solution Verified - Updated -

Issue

  • How to retain default selinux context as httpd_log_t for apache log files without writing a new file context ?
  • Will selinux policy be overwritten after adding allow httpd_t httpd_log_t:file { read } to the httpd_log_t type ?
  • HTTPD does not start after OS patch with (13)Permission denied: AH00091: httpd: could not open error log file /path/to/log/file.
    AH00015: Unable to open logs
    for custom log directory

Environment

  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 7
  • Apache HTTPD 2.4
  • Selinux

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In