In-Reply-To: : <44457936.4090207@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> On Tue, 18 Apr 2006 19:41:42 -0400, William Warren <hescominsoon@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote: > I installed SeLinux in warn mode. HOw do i check to see what it > is wanring about? This wil help me in make a decision to turn it > to active mode..:) Try this: $ audit2allow --help audit2allow [-d] [-v] [-l] [-i <inputfile> ] [-o <outputfile>] -d read input from output of /bin/dmesg -v verbose output -l read input only after last "load_policy" -i read input from <inputfile> -o append output to <outputfile> $ audit2allow -v -1 /var/log/messages This will not only tell you what SELinux is complaining about, it will give you the basic information needed to configure your local policy file in: /etc/selinux/targeted/src/policy/domains/misc/local.te To implement policy changes, edit the local.te file as indicated by audit2allow and rebuild your SELinux policy files with: $ /etc/selinux/targeted/src/policy/make reload Be advised however that audit2allow may suggest policy alterations that are broader than strictly necessary. It is probably worth your while to post your contemplated policy changes here and get some informed opinions about whether they actually should be more restrictive. To do any of this you need to first install the selinux-policy-targeted rpm. Regards, Jim -- *** e-mail is NOT a secure channel *** James B. Byrne mailto:ByrneJB.<token>@Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3CE delivery <token> = hal