On Fri, June 22, 2012 16:38, m.roth@xxxxxxxxx wrote:
>
> Not true. It will issue an AVC every time something tries to happen.
> Big things to know:
> a) ll -Z shows you the selinux context
> b) chcon [-R] -[urt] <whatever> <file or directory>
> c) getsebool and setsebool
>
> mark
If you are working with SELinux issues then the following are most
helpful to have installed:
setools-libs.x86_64 3.3.7-4.el6
setools-libs-python.x86_64 3.3.7-4.el6
setroubleshoot-plugins.noarch 3.0.16-1.el6
setroubleshoot-server.x86_64 3.0.38-2.1.el6
The files you need be aware of are:
/var/log/messages
/var/log/audit/audit.log
There are several utilities to be aware (and refer to the man pages) of:
# audit2allow
# audit2why
# ausearch
# chcon
# getenforce
# getsebool
# restorecon
# sealert
# semanage
# semodule
# setenforce
# setsebool
# system-config-securitylevel
You will also find large measures of patience and forbearance to be of
value.
For issues about missing policies and contexts and developing same you
should monitor the SELinix policy mailing list at
refpolicy@xxxxxxxxxxxxxxx.
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrne mailto:ByrneJB@xxxxxxxxxxxxx
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
