25.5.2. Creating a New Directory for rsyslog Log Files
Rsyslog runs as the
syslogd
daemon and is managed by SELinux. Therefore all files to which rsyslog is required to write to, must have the appropriate SELinux file context.
Procedure 25.4. Creating a New Working Directory
- If required to use a different directory to store working files, create a directory as follows:
~]#
mkdir
/rsyslog
- Install utilities to manage SELinux policy:
~]#
yum install policycoreutils-python
- Set the SELinux directory context type to be the same as the
/var/lib/rsyslog/
directory:~]#
semanage fcontext -a -t syslogd_var_lib_t /rsyslog
- Apply the SELinux context:
~]#
restorecon -R -v /rsyslog
restorecon reset /rsyslog context unconfined_u:object_r:default_t:s0->unconfined_u:object_r:syslogd_var_lib_t:s0 - If required, check the SELinux context as follows:
~]#
ls -Zd /rsyslog
drwxr-xr-x. root root system_u:object_r:syslogd_var_lib_t:s0 /rsyslog - Create subdirectories as required. For example:
~]#
The subdirectories will be created with the same SELinux context as the parent directory.mkdir
/rsyslog/work
- Add the following line in
/etc/rsyslog.conf
immediately before it is required to take effect:$WorkDirectory /rsyslog/work
This setting will remain in effect until the nextWorkDirectory
directive is encountered while parsing the configuration files.