cancel
Showing results for 
Search instead for 
Did you mean: 

SELinux and CRON Logs

SELinux and CRON Logs

If we follow the guidance in the Magento 2.1 documentation for permissions, when we get to the SELinux part http://devdocs.magento.com/guides/v2.1/install-gde/prereq/security.html it correctly advises having the magento installation directories security context set to httpd_sys_rw_content_t so that the web server can read and write to the file system.

However if we then move on to configuring Cron http://devdocs.magento.com/guides/v2.1/comp-mgr/prereq/prereq_cron.html the example recommends that the Cron log output is sent to /var/www/magento2/var/log/ magento.cron.log, update.cron.log and setup.cron.log however the security context is httpd_sys_rw_content_t so the syslogd (rsyslog) is denied access.

Either the documentation should be changed to put the log files in the system log directory such as /var/log that has the correct security context or further guidance on configuring SELinux so the magento log directory is accessible to syslogd.

How have people addressed this, or have you just not noticed the audit log filling up with AVC denied messages?

Tags (2)