Re: sealerts

m.roth(a)5-cent.us wrote: > Two issues: first, I've noticed a number of times that selinux is there, > which we usually have in permissive, but setroubleshoot is *not* > installed. Is there be some kind of dependency or group that it should > be part of that's missing? I don't see why I need to manually install > it.... > > Second - and I thought I knew the answer to this, but guess I don't - I > see AVC's in the log file, but no sealerts - how do I start it up to > give me them in messages? I see auditd is running.... > Point of information: CentOS 6.4, up to date. Dan, you say that setroubleshoot should run; I did install setroubleshoot-server and setroubleshoot-plugins, and then restarted auditd, yet I've seen some avc's since then, I think (wish audit.log had timestamps). mark -- selinux mailing list selinux(a)lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlGyAFcACgkQrlYvE4MpobMmBQCgpMez2BwDSlK7+CreOc8dWyfb mqEAoNItNRJ+S1/Vt0VWlMqwgRCSmqfI =8IE1 -----END PGP SIGNATURE-----