In /etc/selinux/targeted/contexts/files/file_contexts is a new mask introduced for the selinux context for files in /var/named/chroot/var/log/<br />
The mask is set for files starting with named or ending with log ( /var/named/chroot/var/log/(named.*|.*\.log) -- system_u:object_r:named_log_t:s0 )<br />
<br />
When rotating logs the new logfiles are named *log.<number> (security.log.0) and these are not in the right context.<br />
Which breaks named when rotating the log files because it can't rename the old files.
↧
