|
Did you have any errors recorded in your splunkd.log file? Keith Schincke CAP, LPIC-1, RHCA, RHCSS Team Lead IT Security System Administration, ITAMS
Building 46, Room 110A
email to: keith.d.schincke@xxxxxxxx 281-244-0183 Office 832-205-1534 Mobile 281-244-5708 Fax
ITAMS - Information Technology And Multimedia Services Contract
"One Team, One Vision >> Partnered For Innovative Solutions" From: selinux-bounces@xxxxxxxxxxxxxxxxxxxxxxx [mailto:selinux-bounces@xxxxxxxxxxxxxxxxxxxxxxx]
On Behalf Of Robert Gabriel Greetz, So I have cobbled together a basic policy for Splunk residing in /opt/splunkdashboards/. I followed Dan's blog to do the basics. So I've added all the AVC messages to the splunkdashboards.te and restarted Splunk with run_init... Now, no more AVC messages but after a few seconds Splunk crashes. Nothing in the debug log. There is a crash log, seems to be a different thread each time crashing. If I use the browser UI to work with Splunk, it does a few tasks then something about
Seems to be thread permissions? I'm lost, nothing in the log and no more AVC messages, where to from here? I have tried so hard so far, I don't want to be a coward now and hit "setenforce 0". I must learn how to do this. I'm unsure as to mailing list etiquette, do I post all the policy files, Splunk log etc.? Please advise. Any help appreciated, thank you. |
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
