Cadet
Cadet
  • 182 Views

manage oracle os user owned logfiles using logrotate in selinux enabled environment

I am trying to set up manage "oracle os user owned" logfiles using logrotate. Selinux is enabled in our environment.  I did configure properly, under /etc/logrotate.d/hourly and /etc/logrotate.conf. Cron runs successfully, it does rotate other files owned by root under /var/log but it doesnt rotate the files owned by "oracle os user owned" in a different directory.

I saw some blogs and rhel documentation that we need to add selinux filecontexts to the files that we intent do manage. semange command doesn not work on my server, may be it is not installed.

Is there any way i can make this work? 

0 Kudos
3 Replies
Flight Engineer
Flight Engineer
  • 176 Views

Re: manage oracle os user owned logfiles using logrotate in selinux enabled environment

To get the "semanage" command, install the "policycoreutils-python" package (on RHEL6 and RHEL7) or the "policycoreutils-python-utils" package on RHEL8. 

0 Kudos
Reply
Loading...
Cadet
Cadet
  • 162 Views

Re: manage oracle os user owned logfiles using logrotate in selinux enabled environment

Thank you @Jeff_Schaller  , Do you know if i can manage file contexts without having semanage, something like changing the /etc/selinux/~/contexts files manually.

0 Kudos
Reply
Loading...
Flight Engineer
Flight Engineer
  • 160 Views

Re: manage oracle os user owned logfiles using logrotate in selinux enabled environment

Given the man-page text of "semanage is used to configure certain elements of SELinux policy without requiring modification to or recompilation from policy sources." ... I'm going to say that you could do those steps by hand. I haven't done it.

0 Kudos
Reply
Loading...
Join the discussion
You must log in to join this conversation.