I‘ve configured my Apache in chrooted jail at /jail/apache directory. However, my syslogd is not working and nothing gets logged using /dev/log and /jail/apache/dev/log. How do I fix this problem under CentOS 5.x AMD64 with SELinux?

By default syslogd daemon is listening to the socket /dev/log. You can verify this using lsof command:
lsof -c syslogd
lsof -c syslogd | grep '/dev/'

Sample outputs:

syslogd 38944 root    0u  unix 0xffff8103215b08c0           28951978 /dev/log

However, you need to set additional sockets from that syslogd has to listen for all chrooted environment. By default you can use up to 19 additional sockets. If your environment needs even more, you have to increase the symbol MAXFUNIX within the syslogd.c source file. Edit /etc/sysconfig/syslog, enter:
# vi /etc/sysconfig/syslog
Now, set /jail/apache/dev/log along with default /dev/null syslogd daemon socket path:

SYSLOGD_OPTIONS="-m 0 -a /jail/apache/dev/log"

Save and close the file. Now, restart the syslogd:
# service syslog restart
Make sure your syslogd daemon is listening to the socket /dev/log and /jail/apache/dev/log, enter:
# lsof -c syslogd | grep '/dev/'
Sample outputs:

syslogd 38944 root    0u  unix 0xffff8103215b08c0           28951978 /dev/log
syslogd 38944 root    7u  unix 0xffff8103215b1100           28951980 /jail/apache/dev/log

SELinux Problem

When you restart syslogd and nothing is working as it should be, than SELinux may causing the problem. You will notice that the above command doesn’t indicate that /dev/log and /jail/apache/dev/log sockets used by syslogd. To fix this problem type the following commands:
# setenforce 0
# service syslog restart
# setenforce 1
# lsof -c syslogd | grep '/dev/'

setenforce command with the 1 option to put SELinux in enforcing mode. Use 0 option to put SELinux in permissive mode. This is used for troubleshooting SELinux problems. You may need to patch /etc/init.d/syslog to fix this problem permanently.

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 1 comment so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersncdu pydf
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
1 comment… add one
  • Jodie Cunningham May 14, 2014 @ 15:22

    On the SELinux issue, If you set the SELinux context for the file then you should be good to go.

    semanage fcontext -a -t devlog_t /path/to/logsocket
    restorecon -Fv /path/to/log/socket

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum