Centos server no longer logging to /var/log/secure after using Nano.

centos

I used Nano to access the secure log since I had found Fail2ban is no longer working. I didn't make any changes but simply exited the file. Now logging to that file has stopped at the exact time I accessed the file.

I've rebooted the server twice since then but still the logging has stopped on 16:30 yesterday.

Why has this happened?


This happens when you re-create or mess with /var/log/secure file. This will break file permissions, especially if SELinux is enabled.

Do the following:

Make sure /var/log/secure is owned by root:root

$ sudo chown root:root /var/log/secure

Make sure the permission is set to 600

$ sudo chmod 600 /var/log/secure

If SELinux is enabled, you can temporarily disable while troubleshooting your issue

$ sudo setenforce 0

If you decide to keep SELinux enabled, make sure the file has the following context:

$ ls -lZh /var/log/secure
system_u:object_r:var_log_t:s0

To manipulate SELinux on the fly (copy context from an existing known working):

$ sudo chcon --reference /var/log/dmesg /var/log/secure

To manipulate SELinux context permanently, use the semanage command instead.

Related

Can you explain this to me #ln -s :"target is not a directory"?
How to know what nsurlsessiond is downloading
Reducing Lion OS Footprint by removing unnecessary files/folders
Sharing a Bluetooth Keyboard and Mouse sequentially between two Macs
How do I delete or fix my Keychain after changing my password?
Why would I disable swap file in Mac OS X?
What steps are needed to create a new user from the command line?
Can I use Back To My Mac's mDNS address and for ssh and other routing of traffic?
Is it possible to launch a program in a specific language?
How can I open a .pkg file manually?
What is standard for OS X filesystem? e.g. /opt/ vs. /usr/
ZSH: .zprofile, .zshrc, .zlogin - What goes where?