rsyslog with SELinux enforcing

This support forum board is for support questions relating to Nagios Log Server, our solution for managing and monitoring critical log data.
Locked
nagioscarnovale
Posts: 20
Joined: Tue Feb 05, 2019 9:53 am

rsyslog with SELinux enforcing

Post by nagioscarnovale »

Hey everyone,

My security manager wants to implement SELINUX=enforcing

But when I launch the ./setup-linux.sh I see the following WARNING.


[root@client]# ./setup-linux.sh -s nagioslogserver -p 5544
Detected rsyslog 8.24.0
Detected rsyslog work directory /var/lib/rsyslog
Destination Log Server: nagioslogserver:5544
Creating /etc/rsyslog.d/99-nagioslogserver.conf...
==============================! WARNING !====================================
SELinux is enforcing. This may prevent rsyslog from forwarding messages.
If log messages do not reach Log Server from this host, ensure SELInux is
configured to allow rsyslog forwarding.
=============================================================================
rsyslog configuration check passed.
Restarting rsyslog service with 'service'...
Redirecting to /bin/systemctl restart rsyslog.service
Okay.
rsyslog is running with the new configuration.
Visit your Nagios Log Server dashboard to verify that logs are being received.
[root@client]#

Is there an official procedure to solve this problem?

I thank everyone in advance

Nicola
User avatar
cdienger
Support Tech
Posts: 5045
Joined: Tue Feb 07, 2017 11:26 am

Re: rsyslog with SELinux enforcing

Post by cdienger »

There isn't an official procedure, but this may be helpful in determining what(if anything) needs to be altered on system with it enabled:

https://access.redhat.com/documentation ... udit2allow
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Locked