audit log for "setenforce" changes?
cra at WPI.EDU
Mon Jan 14 20:10:43 UTC 2008
On Mon, Jan 14, 2008 at 02:36:45PM -0500, Daniel J Walsh wrote:
> Do you have user accounts setup in /var/log? /lib/libexec?
> If you have system accounts with homedirs and real shells, you can
> confuse SELinux. Any system account should have a UID < 500 or a shell
> of /bin/false or /sbin/nologin.
I fixed all accounts to meet these expectations.
There were these which I changed to use shells of /sbin/nologin:
> You also look like you have root account setup to login as system_u.
> You probably want to execute
> semanage login -m -s unconfined_u root
Thanks for all the help. It sounds like I should go through all my
systems to be sure they meet current SELinux standards.
More information about the selinux