On Thu, 2010-07-15 at 09:52 +0100, Richard W.M. Jones wrote: > On Tue, Jul 13, 2010 at 04:47:40PM +0200, Tomasz Torcz wrote: > > There are sometimes such obvious errors and missing labels that I > > cannot imagine not catching an audit message when program fails to > > even start! > > A lot of my Fedora machines are virtualized and I only ever interact > with them by ssh. While I would see a program if it failed to start, > I don't generally see any SELinux audit messages ever. (The bloated > python SELinux audit daemon whatever it's called is usually the first > thing I kill when I install Fedora on my desktop too ...) You don't need setroubleshoot to see SELinux denials. /sbin/ausearch -m AVC -ts today -i (if running auditd) or grep avc /var/log/messages (if not). -- Stephen Smalley National Security Agency -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
