Two possible things. 1) in permissive you only get the same denial one time. So if you launch a program and it causes some denials, the second time you launch it there will be no denials. 2) If they are early in boot, before syslog starts, they might be lost, or in old machines there was a /var/log/dmesg... Do you see the denials when you run the dmesg command? On Tue, May 6, 2014 at 10:04 AM, Kim Lawson-Jenkins <kim.lawson-jenkins@xxxxxxxxxxxx> wrote: > Hi, > > > > I’m working on an embedded system using SELinux. The audit daemon is not > running so AVC errors should be written to /var/log/messages. SELinux is > running in permissive mode and during a system reboot I see a few AVC errors > written to a console. However when I look in /var/log/messages there are no > AVC errors. I haven’t seen a similar problem reported in the past. Does > anyone have any ideas why AVC errors would not be written to > /var/log/messages if the audit daemon is not running? I’ve checked > syslog.conf and all messages with a priority of warning and above should be > written to /var/log/messages. > > > > Kim > > > > > > > _______________________________________________ > Selinux mailing list > Selinux@xxxxxxxxxxxxx > To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. > To get help, send an email containing "help" to > Selinux-request@xxxxxxxxxxxxx. _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
