[selinux] Unable to modify a file in enforcing mode, but no denials seen even after semodule -DB
Robin Lee Powell
rlpowell at digitalkingdom.org
Wed Jul 31 17:51:13 UTC 2013
On Tue, Jul 30, 2013 at 11:12:27PM +0000, Radha Venkatesh (radvenka)
wrote:
> We have a strange issue showing up in our system. We are trying to
> modify a configuration file - we are unable to in enforcing mode
> but are able to in permissive mode. There are no denials seen.
>
> We have run semodule -DB, to get to the hidden denials, but to no
> avail.
That's really odd.
I use "sudo semanage dontaudit off", but I imagine it's the same
thing.
The other thing I'd check is that the audit daemon is actually
running, to give you the messages.
-Robin
More information about the selinux
mailing list