Hey Temlakos, > Where do I find the logs to tell me what permissions a certain new > application will need to operate? You find these messages in /var/log/audit/audit.log. Open this file with a pager of your choice (e.g. less or more). Then look for messages with type AVC. As an alternativ you can use ausearch to find SELinux AVC (Access Vector Cache) denials/messages. this command: ausearch -m avc -ts today # shows you all auditd messages of type AVC which are generated today. Consult manpage of ausearch for details. How to read AVC denials is described here: http://docs.fedoraproject.org/selinux-user-guide/f12/en-US/ (Read topic "7.3. Fixing Problems") > I'm using Fedora 12 on an HP Pavilion machine with a dual-core > processor. Several times I have tried to install an application called > TweetDeck. And each time I do, I am told that TweetDeck is having > trouble accessing some secure passwords that are stored on the > machine. Redo your workflow and paste your AVC denials to this list. > I am convinced that SELinux is doing it. Probably yes. > But I don't know how to get > SELinux to play nice, because I can't see where the problem is. You can use audit2allow to get SELinux to play nice. But be careful when using this command. audit2allow simply generates SELinux rules (aka Access Vector Rules) based on /var/log/audit/audit.log . It is not uncommon that audit2allow allows more than you want. But for a beginner this tool is a good choice. -- Sebastian Pfaff -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
