Greetz,
So I have cobbled together a basic policy for
Splunk residing
in /opt/
splunkdashboards/.
I followed Dan's blog to do the basics.
So I've added all the
AVC messages to the
splunkdashboards.
te and restarted
with run_
init...
Now, no more
AVC messages but after a few seconds
Splunk crashes.
Nothing in the debug log.
There is a crash log, seems to be a different thread each time crashing.
If I use the browser
UI to work with
Splunk, it does a few tasks then something about
"Helper process is in an unknown state due to previous failure"
and then bang!
Seems to be thread permissions?
I'm lost, nothing in the log and no more
AVC messages, where to from here?
I have tried so hard so far, I don't want to be a coward now and hit "
setenforce 0".
I must learn how to do this.
I'm unsure as to mailing list etiquette, do I post all the policy files, Splunk log etc.?
Please advise.
Any help appreciated, thank you.
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
