Le 14/03/2018 à 12:04, Kai Bojens a écrit :
On 14/03/2018 –– 11:42:47AM +0100, François Patte wrote:
Le 14/03/2018 à 11:05, Kai Bojens a écrit :
sealert -a /var/log/audit/audit.log
Thank you for this answer, but I don't know what to do with the alert message: "I you think that mdadm should be allowed to access getattr..."
There should also be a solution shown which you could just copy and past to create an exception for this alert. I really don't know if SELinux might block this access for a good reason – but in my experience almost all of the alerts I encountered where due to some misconfiguration by package maintainers.
So, it is a bit frustrating and strange: selinux is supposed to watch on computer security and it is suggested to add security exceptions for every selinux alert....