25.5.2. Creating a New Directory for rsyslog Log Files

Rsyslog runs as the syslogd daemon and is managed by SELinux. Therefore all files to which rsyslog is required to write to, must have the appropriate SELinux file context.

Procedure 25.4. Creating a New Working Directory

If required to use a different directory to store working files, create a directory as follows:
```
~]# mkdir /rsyslog
```
Install utilities to manage SELinux policy:
```
~]# yum install policycoreutils-python
```
Set the SELinux directory context type to be the same as the /var/lib/rsyslog/ directory:
```
~]# semanage fcontext -a -t syslogd_var_lib_t /rsyslog
```

Apply the SELinux context:

~]# restorecon -R -v /rsyslog
restorecon reset /rsyslog context unconfined_u:object_r:default_t:s0->unconfined_u:object_r:syslogd_var_lib_t:s0

If required, check the SELinux context as follows:

~]# ls -Zd /rsyslog
drwxr-xr-x. root root system_u:object_r:syslogd_var_lib_t:s0   /rsyslog

Create subdirectories as required. For example:
```
~]# mkdir /rsyslog/work
```
The subdirectories will be created with the same SELinux context as the parent directory.
Add the following line in /etc/rsyslog.conf immediately before it is required to take effect:
```
$WorkDirectory /rsyslog/work
```
This setting will remain in effect until the next WorkDirectory directive is encountered while parsing the configuration files.

25.5.2. Creating a New Directory for rsyslog Log Files

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

Making open source more inclusive

About Red Hat

Red Hat legal and privacy links

Red Hat legal and privacy links