On 11/29/2009 05:11 AM, Sandro Janke wrote:
Actually, you don't need to have any of the setroubleshoot packages
installed to get AVC messages logged. What you need is auditd running
and it will log AVC messages to /var/log/audit/audit.log
With setroubleshoot-server installed you can watch the logged messages
using:
# sealert -a /var/log/audit/audit.log
The output will be long and in the style of setroubleshoot browser, so
take your measures.
Another tool - from the audit package - that can prove very useful is
ausearch. It will search the audit logs for messages matching the
given criteria.
But I'm not getting any messages there. And changing enforcing mode
fixes the problem, so it seems like it has to be SELinux, but with no
log, I can't figure out what rule needs to be changed.
--
PGP Key ID: 66 BC 3B CD
Roland B. Roberts, PhD RL Enterprises
roland@xxxxxxxxxxx 6818 Madeline Court
roland@xxxxxxxxxxxxx Brooklyn, NY 11220
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
