I think so.
cat /var/log/messages | grep denied
cat /var/log/messages | grep avc
any command show no output and
ausearch -m AVC
show this:
----that messages was when a restart the NetworkManager as root on a shell.
time->Tue Jun 3 23:39:03 2008
type=SYSCALL msg=audit(1212557943.344:16): arch=40000003 syscall=11 success=yes exit=0 a0=9872498 a1=9870c50 a2=9870af0 a3=0 items=0 ppid=2878 pid=2879 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts2 ses=1 comm="NetworkManager" exe="/usr/sbin/NetworkManager" subj=unconfined_u:system_r:NetworkManager_t:s0 key=(null)
type=AVC msg=audit(1212557943.344:16): avc: denied { read write } for pid=2879 comm="NetworkManager" path="/var/tmp/kdecache-cchavez/kpc/kde-icon-cache.data" dev=dm-0 ino=8356254 scontext=unconfined_u:system_r:NetworkManager_t:s0 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file
type=AVC msg=audit(1212557943.344:16): avc: denied { read write } for pid=2879 comm="NetworkManager" path="/var/tmp/kdecache-cchavez/kpc/kde-icon-cache.index" dev=dm-0 ino=8356253 scontext=unconfined_u:system_r:NetworkManager_t:s0 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file
Cheers.
Carlos Chávez.
2008/6/3 Eric Paris <eparis@xxxxxxxxxx>:
On Tue, 2008-06-03 at 05:46 -0600, Carlos Chavez wrote:Are you sure you are looking in the right place for those selinux denial
> Hi Paul.
>
> No, there is no avc denials error messages or other selinux related
> error messages in the logs.
> The error messages that i post is showed only in the start up process
> but no other messages is send to any log file.
>
> What i did in order to associated the error to selinux was stoped
> selinux, when i stop selinux and restart the PC the httpd start with
> no problems at boot time.
>
> I'm not sure about the NetworkManager in the logs it seems that load
> correctly at boot time and set the network parameter as soon as the
> process start, no delay for that.
>
> I have configure the ntpd to synchronize the date/time and this works
> fine, this need the network device setup, so i think the
> NetworkManager works too.
messages? look for 'denied' in /var/log/messages and look at the output
of ausearch -m AVC
-Eric
--
Carlos Chávez
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list