>
> This happens when I try to log in to the console. Any ideas?
It's probably trying to create a new file in your log directory. Try
logging in with the system in permissive mode so you can see which
file it's trying to create, then create an empty file with the right
ownership and permissions (regular and SELinux) in your log directory
and try again in enforcing mode.
It worked - /var/log/lastlog was the culprit! This
has now been fixed.
A common problem I found is that if a particular file does not exist in
/var/log (standard log directory), and as this directory has the
(standard) var_log_t type, almost any process wishing to write to this
directory fails miserably (notable exceptions to this is mysqld and
shorewall - they have no problems creating the appropriate files if they
do not exist!).
I had the exact same problem with the audit daemon as well (auditd) -
unless I create a directory (say, /var/log/audit) with the proper
permissions (auditd_log_t in this case) it fails to start if audit.log
does not exist. I guess if I want to keep one log directory and limit
the number of subdirectories I have to remember to keep a copy of the
appropriate log files ("touch /var/log/XXX" and then set the permissions
with semanage).