FYI - I have been getting continual selinux errors relating to ZCS and logging ... then I found this info (have not been running ZCS for long0
On a NEW Centos/RH 7.3 build the file '/etc/selinux/targeted/contexts/files/file_contexts.local' is not created. The file_contexts.local file stores contexts to newly created files and directories not found in file_contexts.
On a good Server running ZCS 8.7.4 MTA and Store (not LDAP) the contents of file_contexts.local is:
On a ZCS Serer with selinux errors this file exists but was empty.
I recreated these using semanage/restorecon script below:
semanage fcontext -a -t var_log_t "/opt/zimbra/zmstat/zmstat.out"
semanage fcontext -a -t var_log_t "/opt/zimbra/zmstat(/.*)?"
semanage fcontext -a -t var_log_t "/opt/zimbra/logger/db/data/rrds(/.*)?"
restorecon -R -v /opt/zimbra/zmstat/zmstat.out
restorecon -R -v /opt/zimbra/zmstat
restorecon -R -v /opt/zimbra/logger/db/data/rrds
I have not restored "<directory>(/.*)? system_u:object_r:var_log_t:s0" yet.. this seems very generic and broad reaching.
I am sure that more tweaking will be required but it is a start. I am running multiserver so I need to check a good LDAP server next .
But at least I know the cause now.
- Zimbra Collaboration 8.7.11 - Chat and Drive in early state - ephemeral data in beta. ZCO is now included again, and new ZCO Release. Fixed XSS vulnerability as well. Read the announcement.
- Are you using Zimbra Open Source and you need Backup, Mobile sync and more? We have a solution for you - https://www.zimbra.com/zimbra-suite-plus/
- Are you a Zimbra Developer? You can find some interesting Community Projects on GitHub: https://github.com/Zimbra-Community/ and in our Official GitHub as well: https://github.com/Zimbra
Ask questions about your setup or get help installing ZCS server (ZD section below).
1 post • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 21 guests