FYI - I have been getting continual selinux errors relating to ZCS and logging ... then I found this info (have not been running ZCS for long0
On a NEW Centos/RH 7.3 build the file '/etc/selinux/targeted/contexts/files/file_contexts.local' is not created. The file_contexts.local file stores contexts to newly created files and directories not found in file_contexts.
On a good Server running ZCS 8.7.4 MTA and Store (not LDAP) the contents of file_contexts.local is:
On a ZCS Serer with selinux errors this file exists but was empty.
I recreated these using semanage/restorecon script below:
semanage fcontext -a -t var_log_t "/opt/zimbra/zmstat/zmstat.out"
semanage fcontext -a -t var_log_t "/opt/zimbra/zmstat(/.*)?"
semanage fcontext -a -t var_log_t "/opt/zimbra/logger/db/data/rrds(/.*)?"
restorecon -R -v /opt/zimbra/zmstat/zmstat.out
restorecon -R -v /opt/zimbra/zmstat
restorecon -R -v /opt/zimbra/logger/db/data/rrds
I have not restored "<directory>(/.*)? system_u:object_r:var_log_t:s0" yet.. this seems very generic and broad reaching.
I am sure that more tweaking will be required but it is a start. I am running multiserver so I need to check a good LDAP server next .
But at least I know the cause now.
- Zimbra Collaboration 8.6 Patch 9 now available (includes fix for CVE-2017-8802). Read the announcement.
- Zimbra Collaboration 8.8.7 + Zimbra Connector for Outlook 8.8.7 are available.. Read the announcement.
- Are you a Zimbra Developer? You can find some interesting stuff in our Official GitHub: https://github.com/Zimbra and check the Community Projects too: https://github.com/Zimbra-Community/
Ask questions about your setup or get help installing ZCS server (ZD section below).
1 post • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 4 guests