-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 06/07/2013 11:28 AM, m.roth@xxxxxxxxx wrote: > m.roth@xxxxxxxxx wrote: >> Two issues: first, I've noticed a number of times that selinux is there, >> which we usually have in permissive, but setroubleshoot is *not* >> installed. Is there be some kind of dependency or group that it should >> be part of that's missing? I don't see why I need to manually install >> it.... >> >> Second - and I thought I knew the answer to this, but guess I don't - I >> see AVC's in the log file, but no sealerts - how do I start it up to >> give me them in messages? I see auditd is running.... >> > Point of information: CentOS 6.4, up to date. > > Dan, you say that setroubleshoot should run; I did install > setroubleshoot-server and setroubleshoot-plugins, and then restarted > auditd, yet I've seen some avc's since then, I think (wish audit.log had > timestamps). > > mark > > -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux > > audit log does have time stamps, but you need to translate using ausearch ausearch -m avc -i Should translate everything. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlGyAFcACgkQrlYvE4MpobMmBQCgpMez2BwDSlK7+CreOc8dWyfb mqEAoNItNRJ+S1/Vt0VWlMqwgRCSmqfI =8IE1 -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
