Are we talking sysadmins only, or are we talking users too ?! On Tue, Jul 22, 2008 at 12:34 AM, max bianco <maximilianbianco@xxxxxxxxx> wrote: > On Thu, Jul 17, 2008 at 7:26 PM, Ahmed Kamal > <email.ahmedkamal@xxxxxxxxxxxxxx> wrote: >> I'd say I am a pretty knowledgeable Linux user. However, when I see an >> AVC denial, and the recommended chcon doesn't fix it, I'm pretty much >> lost! I need to launch that server or that application NOW, and >> selinux is stopping that ... and the policy won't be fixed for days, >> it won't even be fixed at all if that's a 3rd party app! I need >> something to help me launch my apps if I so choose! a 95% selinux >> protected system, is so much better than one with it disabled, which >> what I always seem to end up doing to get my work done! >> > The tools to fix this already exist. > > man audit2allow > man ausearch > > The man pages explain things pretty well. If I can read them and fix > my own problems so can any competent sysadmin. > ausearch can be used with audit2allow to generate the needed rules. > The rules shouldn't be blindly accepted but they can get you buy for > the moment. > Its all documented in the man pages, every step. SysAdmins need to get > used to SELinux and use the available troubleshooting tools. The Z > option is available on a few commands. > > > Max > -- > If opinions were really like assholes we'd each have just one > > -- > fedora-devel-list mailing list > fedora-devel-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-devel-list > -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
