Disable the dontaudits and see (semodule -DB). 2010/12/12 Jorge Fábregas <jorge.fabregas@xxxxxxxxx>: > Hi, > > On my Fedora 12 system I changed - on purpose - the label for the sshd binary. > I gave it httpd_exec_t and tried to start it with the service command to see > what happens. I got: > > Starting sshd: Could not load host key: /etc/ssh/ssh_host_rsa_key > Could not load host key: /etc/ssh/ssh_host_dsa_key > > ..which is expected as "httpd_t" doesn't have access to these files. > > My question is: Why don't I get any AVC errors for this? I was expecting > something like "httpd_t is ttrying to read files labeled as sshd_key_t..." > There's nothing in /var/log/audit/audit.log (I'm using auditd). > > Are there any "dontaudit" rules for these types of access that causes SELinux > not to log these? > > Regards, > Jorge > -- > selinux mailing list > selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux > -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
