Actions
Bug #9412
closedRails logrotation is not allowed
Description
After some days in production with decent load Rails tries to rotate logs, which is not allowed.
I will create a boolean to allow this behavior (by default we turn this on).
type=1400 audit(1423669117.613:9): avc: denied { write } for pid=14159 comm="ruby" name="foreman" dev=dm-0 ino=1314516 scontext=system_u:system_r:passenger_t:s0 tcontext=system_u:object_r:foreman_log_t:s0 tclass=dir type=1400 audit(1423669117.613:10): avc: denied { add_name } for pid=14159 comm="ruby" name="production.log._copy_" scontext=system_u:system_r:passenger_t:s0 tcontext=system_u:object_r:foreman_log_t:s0 tclass=dir type=1400 audit(1423669117.613:11): avc: denied { create } for pid=14159 comm="ruby" name="production.log._copy_" scontext=system_u:system_r:passenger_t:s0 tcontext=system_u:object_r:foreman_log_t:s0 tclass=file type=1400 audit(1423669117.614:12): avc: denied { remove_name } for pid=14159 comm="ruby" name="production.log._copy_" dev=dm-0 ino=1315169 scontext=system_u:system_r:passenger_t:s0 tcontext=system_u:object_r:foreman_log_t:s0 tclass=dir type=1400 audit(1423669117.614:13): avc: denied { rename } for pid=14159 comm="ruby" name="production.log._copy_" dev=dm-0 ino=1315169 scontext=system_u:system_r:passenger_t:s0 tcontext=system_u:object_r:foreman_log_t:s0 tclass=file type=1400 audit(1423669117.614:14): avc: denied { read } for pid=14159 comm="ruby" name="foreman" dev=dm-0 ino=1314516 scontext=system_u:system_r:passenger_t:s0 tcontext=system_u:object_r:foreman_log_t:s0 tclass=dir
Updated by Lukas Zapletal about 9 years ago
- Status changed from New to Rejected
Disregard, this was already fixed. We had a downstream packaging issue when policy was not reloading after upgrade.
Actions