axosyslog icon indicating copy to clipboard operation
axosyslog copied to clipboard
verified publisher icon axoflow

inotify permission denied with default config

Open adrianrobotka opened this issue 9 months ago • 3 comments

Description of the problem

The default axosyslog config on almalinux9 logs the following:

Error start file monitor, can not register inotify watch; errno='Permission denied (13)'

SELINUX is in enforcing mode by default on AlmaLinux. It is a possible cause of the problem.

I installed the axosyslog RPM package from pkg.axoflow.io/rpm/nightly with version axosyslog-4.10.1.90.g46dd622-2+20250312T230904.x86_64

Proposed solution

Assuming that SELINUX causes the trouble, I suggest providing SELINUX/AppArmor profiles to cover the default config's needs. Optionally adding a comment to the config file to look after these.

adrianrobotka avatar Mar 13 '25 10:03 adrianrobotka

I originally did this for syslog-ng: https://github.com/syslog-ng/syslog-ng/tree/develop/contrib/selinux

jszigetvari avatar Mar 13 '25 11:03 jszigetvari

Thank you, @jszigetvari

We should revisit that and if everything is up-to-date and production-ready, we should move those out from the contrib folder (things in that folder are external contributions that didn't receive extensive review or testing), and install them as part of the packaging.

MrAnno avatar Mar 13 '25 12:03 MrAnno

You should know however that that code was primarily written for syslog-ng PE. On the other hand, it was supported by BalaBit and later OI. Either way, I am here to carry on that work moving forward.

jszigetvari avatar Mar 13 '25 12:03 jszigetvari