hmmm, are you getting any audit messages? Maybe a long time back your ran out of disk space and auditd stopped logging? If you service auditd restart and it can't log for some reason it should tell you in /var/log/messages... maybe auditd is turned off? what do you get from auditctl -s ?? is it enabled? maybe you ran auditctl -e 0 at some time? assuming audit isn't running the message in dmesg looks like: type=1404 audit(1200447974.622:247): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 and the corresponding /var/log/messages: Jan 15 20:46:14 dhcp231-146 kernel: type=1404 audit(1200447974.622:247): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 start telling me about all of your versions, are they all stock or did you build some of these parts yourself. Because I can't find a way to reproduce the problem to fix it.... -Eric On Mon, 2008-01-14 at 12:35 -0500, Chuck Anderson wrote: > On Sat, Jan 12, 2008 at 08:37:04AM -0500, Eric Paris wrote: > > Do you have auditd running? If not look in dmesg or /var/log/messages > > instead of ausearch because it seems to be working fine for me.... > > Yes, I do have auditd running. > > #service auditd status > auditd (pid 2523) is running... > #service rsyslog status > rsyslogd (pid 19658) is running... > rklogd (pid 19664) is running... > #ausearch -m MAC_STATUS > <no matches> > #setenforce 0 > #ausearch -m MAC_STATUS > <no matches> > #setenforce 1 > #ausearch -m MAC_STATUS > <no matches> > #setenforce 0 > #ausearch -m MAC_STATUS > <no matches> > #grep setenforce /var/log/messages > #grep setenforce /var/log/syslog > #grep setenforce /var/log/secure > #dmesg|grep setenforce > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
