On Tue, 2008-01-01 at 20:59 -0600, Lance Spitzner wrote: > > > >> PS: Is there anyway to configure SELinux/auditd to use regular dates, > >> as sylogd does? > > > > Stop looking at audit logs directly. (I'll leave the policy questions > > to the policy people, sorry) > > > > ausearch -m AVC -i > > Very cool, thanks! One other outstanding suggestion I received was > the RPM pkg 'setroubleshoot'. It does a mind blowing / amazing job of > taking AVC error messages and explaining to you exactly what they mean > and suggested actions. Not only does it help troubleshooting, but it > helps to better understand SElinux in general. Now only if there was > such a utlity for the rest of Linux logging (dmesg anyone? :). > > Thanks! > > lance > > Summary > SELinux is preventing /usr/sbin/named (named_t) "getattr" access to > /dev/random (tmpfs_t). ummm, how did it get mislabled? hmmm, anyway, if you followed the restorecon suggestion i assume it started working.... -Eric -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
