FC4 - a couple of slowness issues.
Stephen Smalley
sds at tycho.nsa.gov
Thu Aug 17 13:06:06 UTC 2006
On Thu, 2006-08-17 at 08:45 -0400, William W. Austin wrote:
> I am running auditd, and there are (at the moment) about 700 such
> messages there. But I am (have been) unsure what to do about them.
> Here is a frequency count on the denied avc's
> epiphany 1
> firefox-bin 1
> fuser 5
> galeon 1
> ifconfig 90
> ld-linux.so.2 6
> prelink 1
> procmail 156
> smbd 421
>
> (Obviously this machine is also the samba server for a local network.)
>
> Any suggestions would be appreciated - I am at the point of removing or
> disabling selinux from the system, but I had wanted to get more
> understanding of it as I would like to use it on 2 other machines in
> the office which do *not* have an industrial-strength in front of them.
Take a few representative examples as a starting point and post them to
fedora-selinux-list if you want help interpreting them. Don't post
repeats, naturally. Or file a bugzilla against policy and attach your
audit.log.
The Fedora SELinux FAQ has helpful information, as does the wiki,
http://fedora.redhat.com/docs/selinux-faq-fc5/
http://fedoraproject.org/wiki/SELinux/
audit2allow can help you with generating policy from those avc messages,
but you don't want to do so blindly, and if they are legitimate, then
they need to be reported via the list or bugzilla so that the policy can
include them going forward, even if you temporarily generate a local
policy module to work around them in the interim.
--
Stephen Smalley
National Security Agency
More information about the fedora-list
mailing list