SeLinux

This is my selinux aide-memoir page. I maintain it mainly to help me remember an have these recipes handy; but if you find it useful all the better.

Logging

selinux logs to /var/log/audit/audit.log.

audit2why

audit2why will often explain the reason for the error and may offer a simple fix:

# grep 1561301145.470:205197 /var/log/audit/audit.log | audit2why

audit2allow 

When audit2why does not provide any help audit2allow may provide a solution.

# grep 1561296359.838:200837 /var/log/audit/audit.log | audit2allow

Will create and display a module to allow the banned behavior.

# grep 1561296359.838:200837 /var/log/audit/audit.log | audit2allow -a -M name
# semodule -i name.pp

Will create and install the module.

No comments:

Post a Comment