Bug 178183
Summary: | syslog can not log to external host unless selinux disabled | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Per Steinar Iversen <persteinar.iversen> |
Component: | selinux-policy-targeted | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED RAWHIDE | QA Contact: | |
Severity: | low | Docs Contact: | |
Priority: | medium | ||
Version: | 5 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-01-27 06:00:07 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Per Steinar Iversen
2006-01-18 13:03:52 UTC
Yes, I've reproduced this problem now - only doing a 'setenforce 0' allows syslogd to send messages on UDP port 514 to a remote host. There are no AVC messages generated in /var/log/audit/audit.log when this occurs - syslogd's 'sendto' call simply returns EBADF - 'bad file descriptor' - when it tries to write the message to its UDP socket. The weird thing is, when run outside of the syslog initscript, ie. by root from the command line, eg. with: # syslogd -m0 -d syslogd is then able to write to its UDP socket OK with SELinux in Enforcing mode. Fixed in selinux-policy-targeted-2.2.5-1 |