inotify permission denied with default config

[adrianrobotka]

Description of the problem

The default axosyslog config on almalinux9 logs the following:

Error start file monitor, can not register inotify watch; errno='Permission denied (13)'

SELINUX is in enforcing mode by default on AlmaLinux. It is a possible cause of the problem.

I installed the axosyslog RPM package from pkg.axoflow.io/rpm/nightly with version axosyslog-4.10.1.90.g46dd622-2+20250312T230904.x86_64

Proposed solution

Assuming that SELINUX causes the trouble, I suggest providing SELINUX/AppArmor profiles to cover the default config's needs.
Optionally adding a comment to the config file to look after these.

[jszigetvari]

I originally did this for syslog-ng: https://github.com/syslog-ng/syslog-ng/tree/develop/contrib/selinux

[MrAnno]

Thank you, @jszigetvari

We should revisit that and if everything is up-to-date and production-ready, we should move those out from the contrib folder (things in that folder are external contributions that didn't receive extensive review or testing), and install them as part of the packaging.

[jszigetvari]

You should know however that that code was primarily written for syslog-ng PE.
On the other hand, it was supported by BalaBit and later OI.
Either way, I am here to carry on that work moving forward.