Print Friendly

If you don’t know what SELinux is, start here.

I just spent the last hour or two trying to figure out why syslog would not log anything on one of my machines. It turns out I must’ve copied an updated /etc/services file from /tmp to /etc. This would normally be fine, but the file did not contain the correct context. Instead, copying it gave it the context of the /tmp directory.

Hence, syslog would not start. Because syslog is where SELinux logs its errors, I couldn’t see any errors to lead me to figure out what the problem was.

Once I changed SELinux from enforcing to permissive with:

/usr/sbin/setenforcing Permissive

I could see that syslog started fine and was telling me that the context on /etc/services was out of wack.

Ergh…

I wonder if there is some way I can make sure this doesn’t happen again?

I guess I could use the setfiles command frequently to ensure that all of the file contexts are set correctly.

Sheesh.

How was your day? :-)