-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/21/2013 04:28 PM, Daniel J Walsh wrote: > On 10/21/2013 04:24 PM, m.roth@xxxxxxxxx wrote: >> The sealert tells me that a file named index.cgi is running avc on >> sysfs_t. Is there any tool that would get me the *full* path of >> index.cgi, as there are several of them, for several websites (including >> bugzilla)? > >> CentOS 6.4. > >> mark > >> -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx >> https://admin.fedoraproject.org/mailman/listinfo/selinux > > You can turn on full auditing which should generate the path. > > I add > > -w /etc/shadow > > to > > /etc/audit/audit.rules > > Or you can turn it on temporarily (Until next reboot) > > auditctl -w /etc/shadow > > -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux > > Here is a blog I wrote on this a few years back. http://danwalsh.livejournal.com/34903.html?thread=220247 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.15 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlJljtkACgkQrlYvE4MpobP5lACgoZcncssFT069dkmUp79yU2MG v8UAoJhVUx7KMo62PDbig+QNjaCGuyVz =qmwR -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
