On 06/16/2015 05:24 PM, Tahir Hafiz wrote:
On Tue, Jun 16, 2015 at 10:27 PM, Martin Cigorraga
<martincigorraga@xxxxxxxxx <mailto:martincigorraga@xxxxxxxxx>>wrote:
Check with SELinux Troubleshooter.
On Tue, Jun 16, 2015 at 6:24 PM jd1008 <jd1008@xxxxxxxxx
<mailto:jd1008@xxxxxxxxx>> wrote:
On 06/16/2015 03:22 PM, jd1008 wrote:
> Selinux comlained the a program "attempted write on this
directory"
>
> but it does not say which directory.
> I looked in /var/log but even there it does not say which
directory.
>
> So how can I find out which directory the program attempted
the write?
The program in question is python2.7.
--
>If you do a
>sealert -a /var/log/audit/audit.log
>
>That should output what SELinux policy was infringed.
>
>SELinux logs to /var/log/audit/audit.log
>
>grep AVC /var/log/audit/audit.log
>s another way to parse the log file for SELinux comments.
>
>
>Cheers,
>Tahir
Thank you Tahir. Only "sealert -a /var/log/audit/audit.log"
shows me the path of the file that selinux prevented a process from
accessing.
So, I guess I have one of 2 options:
touch /.autorelabel followed by reboot
or
run
grep python /var/log/audit/audit.log | audit2allow -M mypol
semodule -i mypol.pp
Will try autorelabel first.
Kind regards,
JD
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
