Error with logging channel audit_log
Adam Tkac
atkac at redhat.com
Wed Aug 13 07:53:01 UTC 2008
On Tue, Aug 12, 2008 at 08:53:42PM -0400, Robert Spangler wrote:
> On Tuesday 12 August 2008 20:09, Mark A. Moore wrote:
>
> > Yes. We are running SELinux. What is the command to stop the service and
> > if we plan on using SELinux, can you tell us what changes need to be made?
>
> setenforce 0 = stops SELinux
> setenforce 0 = re-enables SELinux
>
> As to reconfiguring SELinux you are going to have to search the web and read
> it. I never looked into this as there are reason why they have it setup like
> this.
>
I recommend not stop SELinux. I recommend put your logs somewhere into
/var/named/chroot/data/ subdirectory. If you want customize SELinux
policy then named can write into directories with
'system_u:object_r:named_cache_t' SELinux context. But such
customization will be lost during filesystem relabel so it is
generally not recomended.
You can also look into /var/log/audit/audit.log file which contains
messages from SELinux.
Adam
--
Adam Tkac, Red Hat, Inc.
More information about the bind-users
mailing list