rsyncd can't open log file, but there are no avc messages
John Dennis
jdennis at redhat.com
Tue Jun 24 16:21:36 UTC 2008
Johnny Tan wrote:
> Paul Howarth wrote:
>> Turn off the dontaudit rules:
>> # semodule -DB
>>
>> You should then see the AVCs and be able to generate the policy
>> module you need.
>>
>> You can then turn back on the dontaduit rules:
>> # semodule -B
>
> I don't have dontaudit turned on to begin with. As I mentioned, I *do*
> see AVCs for other selinux problems.
I think you're misunderstanding what dontaudit does. There are specific
policy rules which have a dontaudit flag associated with them which says
even if you are auditing don't log this particular denial. What has been
suggested is you disable those donaudit flags so you see ALL the
denials, not just those which do not currently have the dontaudit flag
set on them, which is your current situation.
--
John Dennis <jdennis at redhat.com>
More information about the fedora-selinux-list
mailing list