Mordac The Preventer of Informations Services Strikes after a yum update

Written by James McDonald

September 14, 2015

SeLinux … Ah the serenity

If you haven’t rebooted a box in many days and then do yum update you may find that your seLinux policy now denies access to some of your processes. This is especially true if you have made changes to the default configuration files meaning they now point to a place that a default seLinux policy won’t allow.

So here is the process to fix it

Firstly have a look at the problems with audit2allow and then turn off selinux at the command line to check if the problem is seLinux

# to show errors
# -w is make it human readable
# -a is read from audit.log
audit2allow -w -a 

# to check if its selinux
setenforce 0
service syslog-ng restart 
... [OK]

setenforce 1
service syslog-ng restart

Then create the policies you need make it work

# filter so you don't get things
# unrelated to the service you are trying to fix
grep syslog-ng /var/log/audit/audit.log | audit2allow -M syslog-ng

# install the module
semodule -i syslog-ng.pp





  1. nginx suddenly can’t proxy to non-standard ports – Boolean SeLinux | The Southern IT Observer - […] If you need to create an seLinux policy to allow nginx to do what it does to non-standard ports……

Submit a Comment

Your email address will not be published.

You May Also Like…


Zebra Printer Language The above website has a page where you can enter ZPL and it...

PHP Iterators

Just came across a Youtube talk "Iterators in PHP" by Jake Smith published in 2014 that steps through the many...