Frank Murphy wrote:
On Mon, 2008-07-07 at 11:27 +0200, drago01 wrote:
The logs are either in /var/log/audit.log (if audit is running)
otherwise in syslog (in this case passing -D to audit2allow will use
them)
audit2allow /var/log/audit/audit.log?
yes just use this file instead of /tmp/avcs
audit2allow -M local < /your/log/file
How long mush one give to the command?
I cleared the log, waited for two avc alerts.
ran: [root@frank-03 ~]# audit2allow -M local /var/log/audit/audit.log
It's been an hour so far.
What you typed isn't what was suggested. You missed the "<".
It's waiting for the end of file on stdin, which is your terminal.
Paul.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
