Aaron Gray wrote:
I am trying to audit2allow on F10 to allow a cgi-bin perl script to run on Apache. Runs fine in permissive mode not in enforcing.
I bought the O'Reilly SE Linux book and learned the basics but it does not really seem to help me on Fedora.
there was no /var/log/kernel so I tried /var/log/secure with the following command sequence
setenforce 0
# access the cgi from the web
setenforce 1
audit2allow -l -i /var/log/secure
The audit log file is /var/log/audit/audit.log. Note, you must have root privileges to read it.
What is strange also is the system is not flagging things up as a notification icon anymore in enforcing mode.
Do you mean the "Star" Icon which opens the SETroubleshoot browser is not appearing on your desktop?
If so are there any errors in /var/log/setroubleshoot/setroubleshootd.log?
Are there actually AVC messages in the /var/log/audit/audit.log file?
What version of setroubleshoot is installed?
If someone could guide me or push me in the right direction I would be most thankful.
Aaron
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list