Yep your right,
i just wanted to point the fact that even if the logs are in messages instead of audit.log, audit2allow can be used (related to Wilkinson Matthew post).
Birdy.
I figured it out. Once I got auditd running again, I was able to use audit2allow to get the right policies from SELinux. Once I did that, rsyslogd could read the logs in /var/named/data/
--Matthew Wilkinson
-----Original Message----- From: birdynam [mailto:birdynambox@gmail.com] Sent: Friday, September 22, 2017 12:41 To: selinux@lists.fedoraproject.org Subject: Re: Unable to use audit2allow on avc denials
[This is an external email. Be cautious with links, attachments and responses.]
********************************************************************** Yep your right,
i just wanted to point the fact that even if the logs are in messages instead of audit.log, audit2allow can be used (related to Wilkinson Matthew post).
Birdy. _______________________________________________ selinux mailing list -- selinux@lists.fedoraproject.org To unsubscribe send an email to selinux-leave@lists.fedoraproject.org
Matthew,
Just to make sure I understand this correctly, rsyslogd has been granted permission to read all the various statistics and debugging files stored in /var/named/data/
----- Original Message -----
From: "Matthew Wilkinson" MatthewWilkinson@alliantenergy.com To: "birdynam" birdynambox@gmail.com, selinux@lists.fedoraproject.org Sent: Friday, September 22, 2017 1:54:38 PM Subject: RE: Unable to use audit2allow on avc denials
I figured it out. Once I got auditd running again, I was able to use audit2allow to get the right policies from SELinux. Once I did that, rsyslogd could read the logs in /var/named/data/
--Matthew Wilkinson
-----Original Message----- From: birdynam [mailto:birdynambox@gmail.com] Sent: Friday, September 22, 2017 12:41 To: selinux@lists.fedoraproject.org Subject: Re: Unable to use audit2allow on avc denials
[This is an external email. Be cautious with links, attachments and responses.]
Yep your right,
i just wanted to point the fact that even if the logs are in messages instead of audit.log, audit2allow can be used (related to Wilkinson Matthew post).
Birdy. _______________________________________________ selinux mailing list -- selinux@lists.fedoraproject.org To unsubscribe send an email to selinux-leave@lists.fedoraproject.org _______________________________________________ selinux mailing list -- selinux@lists.fedoraproject.org To unsubscribe send an email to selinux-leave@lists.fedoraproject.org
selinux@lists.fedoraproject.org