rsyncd can't open log file, but there are no avc messages

[Johnny Tan]

Johnny Tan wrote:
> I'm stumped.
> 
> I run a Java app called Solr, which does search indexing. My solr server 
> creates the index, then I have a bunch of solr clients that rsync that 
> index over.
> 
> The rsync itself is fine, that works. The problem is it won't write to 
> the appropriate logfile, which is:
> /opt/solr/logs/rsyncd.log
> 
> /opt/solr/logs is a symlink to /var/log/store.

A little bit more information that might help solve this...

If I remove the symlink, and /opt/solr/bin/rsyncd-start runs 
(which basically starts rsyncd), then rsyncd can write to 
/opt/solr/logs/rsyncd.log with no problems.

If I put the symlink back in (to /var/log/store), then it 
fails (again, with no AVC messages).

The only difference I can see between /opt/solr/logs (as a 
directory) and /var/log/store is the default contexts, for 
/opt/solr/logs, it's root:object_r:usr_t, for /var/log/store 
it's root:object_r:var_log_t

When I put the symlink back, I tried changing the context of 
/var/log/store to root:object_r:usr_t to match 
/opt/solr/logs, but that doesn't seem to make a difference.

Max, a list member, suggested offline that it might have to 
do with type_transition, which does seem to make sense.

I tried both:
type_transition rsync_t var_log_t : file rsync_log_t;
and
type_transition rsync_t var_log_t : file usr_t;

But neither worked (I have all the appropriate allows for 
those contexts).


Am I going down the right path here (type_transition)? Or 
does anyone else have a suggestion in terms of how the 
symlink can be used?

johnn