Bug 178183
| Summary: | syslog can not log to external host unless selinux disabled | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Per Steinar Iversen <persteinar.iversen> |
| Component: | selinux-policy-targeted | Assignee: | Daniel Walsh <dwalsh> |
| Status: | CLOSED RAWHIDE | QA Contact: | |
| Severity: | low | Docs Contact: | |
| Priority: | medium | ||
| Version: | 5 | ||
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2006-01-27 06:00:07 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Yes, I've reproduced this problem now - only doing a 'setenforce 0' allows syslogd to send messages on UDP port 514 to a remote host. There are no AVC messages generated in /var/log/audit/audit.log when this occurs - syslogd's 'sendto' call simply returns EBADF - 'bad file descriptor' - when it tries to write the message to its UDP socket. The weird thing is, when run outside of the syslog initscript, ie. by root from the command line, eg. with: # syslogd -m0 -d syslogd is then able to write to its UDP socket OK with SELinux in Enforcing mode. Fixed in selinux-policy-targeted-2.2.5-1 |
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.8) Gecko/20051111 Firefox/1.5 Description of problem: If syslog is set to send log entries to an external host then this does not work unless selinux is disabled for syslog. Every few minutes from syslogd: syslogd: sendto: Bad file descriptor This probably means that the syslogd selinux policy does not allow logging to external loghosts. Perhaps this should be classified as an selinux problem? Version-Release number of selected component (if applicable): sysklogd-1.4.1-34 How reproducible: Always Steps to Reproduce: 1. Make syslogd log to external host ("*.* @loghost" in /etc/syslog.conf) 2. Restart syslog Actual Results: Nothing, syslog does not send logs to external host Expected Results: One would expect the log to appear on the external host Additional info: Turning off selinux for syslogd helps.