Browse Source

Allow logrotate to access container_file_t files

Since we write logs directly from within containers, logrotate must be
able to access them.

Change-Id: I2a06cdcda92b2839d74373d6978ef65e7b4dedbd
Closes-Bug: #1836000
(cherry picked from commit b81bec56f2)
(cherry picked from commit c8ad086ba1)
(cherry picked from commit 0d991c9e1c)
tags/8.4.1
Cédric Jeanneret 2 months ago
parent
commit
0f51fab0c2
1 changed files with 6 additions and 0 deletions
  1. 6
    0
      docker/services/logrotate-crond.yaml

+ 6
- 0
docker/services/logrotate-crond.yaml View File

@@ -71,6 +71,12 @@ outputs:
71 71
         tripleo::profile::base::logging::logrotate::rotate: {get_param: LogrotateRotate}
72 72
         tripleo::profile::base::logging::logrotate::purge_after_days: {get_param: LogrotatePurgeAfterDays}
73 73
       host_prep_tasks:
74
+        - name: allow logrotate to read inside containers
75
+          seboolean:
76
+            name: logrotate_read_inside_containers
77
+            persistent: yes
78
+            state: yes
79
+
74 80
         - name: configure tmpwatch on the host
75 81
           copy:
76 82
             dest: /etc/cron.daily/containers-tmpwatch

Loading…
Cancel
Save