John Dennis wrote:
Johnny Tan wrote:
> Paul Howarth wrote:
>> Turn off the dontaudit rules:
>> # semodule -DB
>>
>> You should then see the AVCs and be able to generate the policy
>> module you need.
>>
>> You can then turn back on the dontaduit rules:
>> # semodule -B
>
> I don't have dontaudit turned on to begin with. As I mentioned, I *do*
> see AVCs for other selinux problems.
I think you're misunderstanding what dontaudit does. There are specific
policy rules which have a dontaudit flag associated with them which says
even if you are auditing don't log this particular denial.
Ok, got it. Is there a similar option for older (i.e.,
RHEL-5) versions?
policycoreutils-1.33.12-12.el5
johnn