Friday 22 July 2016

Rsyslog and SELinux issue - CentOS 7

So you've configured rsyslog (server) to put logs in a certain directory but nothing is getting logged. Well looking at the logs there's permissions issues with error messages such as: 
Jul 18 14:21:31 pmoney dbus-daemon: dbus[1149]: avc:  received policyload notice (seqno=4)
Jul 18 14:21:31 pmoney dbus[1149]: avc:  received policyload notice (seqno=4)
Jul 18 14:21:31 pmoney dbus[1149]: [system] Reloaded configuration
Jul 18 14:21:31 pmoney dbus-daemon: dbus[1149]: [system] Reloaded configuration
Jul 18 14:21:56 pmoney rsyslogd-3000: Could not open dynamic file '/var/log/remote/idrac155/stockwood.pink.priv/common.log' [state -3000] - discarding message
Jul 18 14:22:00 pmoney rsyslogd-3000: Could not open dynamic file '/var/log/remote/idrac155/woodstock.pink.priv/common.log' [state -3000] - discarding message
And even with the SELinux commands, there are still errors: 
# semanage fcontext -a -t syslogd_var_lib_t "/var/log/remote(/.*)?"
# restorecon -R -v /var/log/remote

[root@pmoney remote]# tail /var/log/messages
Jul 18 14:21:31 pmoney dbus-daemon: dbus[1149]: avc:  received policyload notice (seqno=4)
Jul 18 14:21:31 pmoney dbus[1149]: avc:  received policyload notice (seqno=4)
Jul 18 14:21:31 pmoney dbus[1149]: [system] Reloaded configuration
Jul 18 14:21:31 pmoney dbus-daemon: dbus[1149]: [system] Reloaded configuration
Jul 18 14:21:56 pmoney rsyslogd-3000: Could not open dynamic file '/var/log/remote/idrac155/stockwood.pink.priv/common.log' [state -3000] - discarding message
Jul 18 14:22:00 pmoney rsyslogd-3000: Could not open dynamic file '/var/log/remote/idrac155/woodstock.pink.priv/common.log' [state -3000] - discarding message
Jul 18 14:22:28 pmoney dbus-daemon: dbus[1149]: avc:  received policyload notice (seqno=5)
Jul 18 14:22:28 pmoney dbus[1149]: avc:  received policyload notice (seqno=5)

Jul 18 14:40:54 pmoney rsyslogd-3000: Could not open dynamic file '/var/log/remote/idrac151/helo.pink.priv/common.log' [state -3000] - discarding message
Jul 18 14:41:07 pmoney rsyslogd-3000: Could not open dynamic file '/var/log/remote/idrac151/helo.pink.priv/common.log' [state -3000] - discarding message
Jul 18 14:41:18 pmoney rsyslogd-3000: Could not open dynamic file '/var/log/remote/idrac151/helo.pink.priv/common.log' [state -3000] - discarding message
Then perform the following on the individual directories themselves: 
# restorecon -v /var/log/remote/idrac155
# semanage fcontext -a -t var_log_t "/var/log/remote/idrac155"
# restorecon -v /var/log/remote/idrac155
restorecon reset /var/log/remote/idrac155 context system_u:object_r:syslogd_var_lib_t:s0->system_u:object_r:var_log_t:s0

# semanage fcontext -a -t var_log_t "/var/log/remote/idrac151"
# restorecon -v /var/log/remote/idrac151
restorecon reset /var/log/remote/idrac151 context system_u:object_r:syslogd_var_lib_t:s0->system_u:object_r:var_log_t:s0
Posted by at 1 comment:

Wednesday 13 July 2016

W: There is no public key available for the following key IDs error - Debian 7

When using apt-get update, you get this error: 
# apt-get update
Ign cdrom://[Debian GNU/Linux 7.6.0 _Wheezy_ - Official i386 DVD Binary-1 20140712-13:02] wheezy Release.gpg
Ign cdrom://[Debian GNU/Linux 7.6.0 _Wheezy_ - Official i386 DVD Binary-1 20140712-13:02] wheezy Release
Ign cdrom://[Debian GNU/Linux 7.6.0 _Wheezy_ - Official i386 DVD Binary-1 20140712-13:02] wheezy/contrib i386 Packages/DiffIndex
Ign cdrom://[Debian GNU/Linux 7.6.0 _Wheezy_ - Official i386 DVD Binary-1 20140712-13:02] wheezy/main i386 Packages/DiffIndex
Ign cdrom://[Debian GNU/Linux 7.6.0 _Wheezy_ - Official i386 DVD Binary-1 20140712-13:02] wheezy/contrib Translation-en_GB
Ign cdrom://[Debian GNU/Linux 7.6.0 _Wheezy_ - Official i386 DVD Binary-1 20140712-13:02] wheezy/main Translation-en_GB
Hit http://security.debian.org wheezy/updates Release.gpg
Hit http://security.debian.org wheezy/updates Release
Hit http://security.debian.org wheezy/updates/main Sources
Hit http://security.debian.org wheezy/updates/contrib Sources
Hit http://security.debian.org wheezy/updates/main i386 Packages
Hit http://security.debian.org wheezy/updates/contrib i386 Packages
Hit http://security.debian.org wheezy/updates/contrib Translation-en
Hit http://security.debian.org wheezy/updates/main Translation-en
Reading package lists... Done 
W: There is no public key available for the following key IDs:
9D6D8F6BC857C906
Pull down the missing key, using: 
# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 9D6D8F6BC857C906
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /tmp/tmp.bzDMKZFH54 --trustdb-name /etc/apt//trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d//debian-archive-squeeze-automatic.gpg --keyring /etc/apt/trusted.gpg.d//debian-archive-squeeze-stable.gpg --keyring /etc/apt/trusted.gpg.d//debian-archive-wheezy-automatic.gpg --keyring /etc/apt/trusted.gpg.d//debian-archive-wheezy-stable.gpg --keyserver keyserver.ubuntu.com --recv-keys 9D6D8F6BC857C906
gpg: requesting key C857C906 from hkp server keyserver.ubuntu.com
gpg: key C857C906: public key "Debian Security Archive Automatic Signing Key (8/jessie) " imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
root@sonts-Mac-mini:~# apt-get update
Ign cdrom://[Debian GNU/Linux 7.6.0 _Wheezy_ - Official i386 DVD Binary-1 20140712-13:02] wheezy Release.gpg
Ign cdrom://[Debian GNU/Linux 7.6.0 _Wheezy_ - Official i386 DVD Binary-1 20140712-13:02] wheezy Release
Ign cdrom://[Debian GNU/Linux 7.6.0 _Wheezy_ - Official i386 DVD Binary-1 20140712-13:02] wheezy/contrib i386 Packages/DiffIndex
Ign cdrom://[Debian GNU/Linux 7.6.0 _Wheezy_ - Official i386 DVD Binary-1 20140712-13:02] wheezy/main i386 Packages/DiffIndex
Ign cdrom://[Debian GNU/Linux 7.6.0 _Wheezy_ - Official i386 DVD Binary-1 20140712-13:02] wheezy/contrib Translation-en_GB
Ign cdrom://[Debian GNU/Linux 7.6.0 _Wheezy_ - Official i386 DVD Binary-1 20140712-13:02] wheezy/main Translation-en_GB
Hit http://security.debian.org wheezy/updates Release.gpg
Hit http://security.debian.org wheezy/updates Release   
Hit http://security.debian.org wheezy/updates/main Sources
Hit http://security.debian.org wheezy/updates/contrib Sources
Hit http://security.debian.org wheezy/updates/main i386 Packages
Hit http://security.debian.org wheezy/updates/contrib i386 Packages
Hit http://security.debian.org wheezy/updates/contrib Translation-en
Hit http://security.debian.org wheezy/updates/main Translation-en
Reading package lists... Done
Posted by at No comments:
Subscribe to: Posts (Atom)