[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SELinux won't let dovecot connect to postgresql

On 11/29/2009 05:11 AM, Sandro Janke wrote:
Actually, you don't need to have any of the setroubleshoot packages installed to get AVC messages logged. What you need is auditd running and it will log AVC messages to /var/log/audit/audit.log

With setroubleshoot-server installed you can watch the logged messages using:

# sealert -a /var/log/audit/audit.log

The output will be long and in the style of setroubleshoot browser, so take your measures.

Another tool - from the audit package - that can prove very useful is ausearch. It will search the audit logs for messages matching the given criteria.

But I'm not getting any messages there. And changing enforcing mode fixes the problem, so it seems like it has to be SELinux, but with no log, I can't figure out what rule needs to be changed.

		       PGP Key ID: 66 BC 3B CD
Roland B. Roberts, PhD                             RL Enterprises
roland rlenter com                            6818 Madeline Court
roland astrofoto org                           Brooklyn, NY 11220

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]