audit2allow -M local < /tmp/avcs ?
Frank Murphy
frankly3d at gmail.com
Tue Jul 8 06:42:36 UTC 2008
On Mon, 2008-07-07 at 11:27 +0200, drago01 wrote:
> >> The logs are either in /var/log/audit.log (if audit is running)
> >> otherwise in syslog (in this case passing -D to audit2allow will use
> >> them)
> >
> > audit2allow /var/log/audit/audit.log?
>
> yes just use this file instead of /tmp/avcs
> audit2allow -M local < /your/log/file
How long mush one give to the command?
I cleared the log, waited for two avc alerts.
ran: [root at frank-03 ~]# audit2allow -M local /var/log/audit/audit.log
It's been an hour so far.
Frank
More information about the fedora-selinux-list
mailing list