does SELinux can log all the files access?

Dominick Grift domg472 at
Thu Aug 13 11:27:25 UTC 2009

On Thu, Aug 13, 2009 at 07:18:17PM +0800, Bai Shuwei wrote:
> Hi, ALL:
>      I cannot find any log tools to log all the files access, including
> delete/remove/read/write operations. So i want to know whether SELinux
> upport the functions. Thanks for your responce!
> Best Regards!

the audit suite can do logging: see man auditctl.
You can get selinux to log grants by adding auditallow rules.
By default selinux logs denied access unless the denial is hidden using dontaudit.

> Bai Shuwei
> -- 
> Love other people, as same as love yourself!
> Don't think all the time, do it by your hands!
> Personal URL:
> E-Mail: baishuwei at or baishuwei at

> --
> fedora-selinux-list mailing list
> fedora-selinux-list at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <>

More information about the fedora-selinux-list mailing list