Hi, im having problems with the audit of denail messages with the targeted policy Im using runcon with a shell script to simulate what would happen if a hacker was successfull hacking the web server, so i execute the next command: runcon -u system_u -r system_r -t httpd_t /bin/bash I can only get this to work in permissive mode because if i execute it in enforcing mode i get an error (execvp: Permission denied) When i execute the command in permissive mode and im running in the new "httpd-shell", i execute 'id -Z' and get this: "system_u:system_r:httpd_t", so i think i running in the correct web server security context. The problem is that i dont recieve any error message in the /var/log/messages when i try to do not-alloweds operations (like to delete a file under /etc) (I have enabled all-auditing with make enableaudit;makeload under policy src) thanks in advance -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
