On Sun, 13 Nov 2016 16:29:00 -0600 R0b0t1 <r03...@gmail.com> wrote: > If there is no policy package installed and there is not one in the > tree, you are on your own until one is written. I would double check > to ensure one exists because: 1) To the best of my knowledge, there > are logging policies available, and 2) policy packages tend to be > missing from DEPENDS/RDEPENDS for things in the tree on SELinux > profiles.
There are several rsyslog-specific statements in the system/logging policy module, which is included in our default policy ebuild (sec-policy/selinux-base-policy). Thus, rsyslog should be supported by default. /dev/log being labeled sysadm_t is definitly a bug, though. I agree with Jason that your rsyslog binary is probably mislabeled. Please check the output of 'ps axZ|grep rsyslog', 'ls -lZ /usr/sbin/rsyslogd' and 'restorecon -Fv /usr/sbin/rsyslogd'. Regards, Luis
