On 10/20/2009 07:52 PM, Anamitra Dutta Majumdar (anmajumd) wrote: > > We are trying to run an at job which echoes something on the terminal as > below > > at 14:53 > at> echo "hello" > /dev/pts/1 > at> ^D > > When we run the above in the permissive mode we get hello on our term. > However when we run in enforcing mode nothing seems to happen. We do not > get any sealerts either. > > Can someone let us know what is going on in the enforcing mode and what > would be a way to check the status of the job? > > Thanks > Anamitra & Radha > > -- > fedora-selinux-list mailing list > fedora-selinux-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/fedora-selinux-list > > Might be something dontaudited. You need to turn off audit rules temporarily semodule -DB Run your test look for avc messages in /var/log/audit/audit.log pertaining to cron and terminals You need to add those rules using audit2allow. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
