No avcs generated after running at jobs in enforcing mode
Justin P. Mattock
justinmattock at gmail.com
Wed Oct 21 00:38:34 UTC 2009
Bruno Wolff III wrote:
> On Tue, Oct 20, 2009 at 16:52:43 -0700,
> "Anamitra Dutta Majumdar (anmajumd)"<anmajumd at cisco.com> wrote:
>
>>
>> We are trying to run an at job which echoes something on the terminal as
>> below
>>
>> at 14:53
>> at> echo "hello"> /dev/pts/1
>> at> ^D
>>
>> When we run the above in the permissive mode we get hello on our term.
>> However when we run in enforcing mode nothing seems to happen. We do not
>> get any sealerts either.
>>
>> Can someone let us know what is going on in the enforcing mode and what
>> would be a way to check the status of the job?
>>
>
> There might be a don't audit on that rule.
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
>
>
yep,
check to see if there's a mislabel use
restorecon * then
like above just use make enableaudit
while compiling the policy to generate
any avc's that are in the don't audit section.
Justin P. Mattock
More information about the selinux
mailing list