Trouble with syslogd and named
Harley Race
flyingboxcutter at yahoo.com
Tue Jan 16 03:47:36 UTC 2007
--- Daniel J Walsh <dwalsh at redhat.com> wrote:
> Well you can either add custom policy using
> audit2allow, or you could
> have syslog write to /var/log/named.log and then
> mount -o bind into
> /var/named/chroot like they do with the other stuff.
>
>
> If I understand correctly what you are trying to do.
>
Well in the past, what I did was create a chroot for
bind using the bind-chroot rpm. Since bind was not
able to able to write to /var/log/named/named.log
outside of the chroot, I would create a socket
"/dev/log" inside of the chroot by modifying
/etc/sysconfig/syslog with the line
OPTIONS_SYSLOGD="-m 0 -a
/var/named/chroot/named/dev/log". That would create
the socket and bind would write to
/var/log/named/named.log. For some reason, now the
selinux policy for named will not allow this to
happen. What I am trying to find out is was this
changed by design? If so, why? I am not trying to be
a nuisance, rather I am trying to learn. Thanks.
____________________________________________________________________________________
Yahoo! Music Unlimited
Access over 1 million songs.
http://music.yahoo.com/unlimited
More information about the fedora-selinux-list
mailing list