sealerts
m.roth at 5-cent.us
m.roth at 5-cent.us
Fri Jun 7 15:28:33 UTC 2013
m.roth at 5-cent.us wrote:
> Two issues: first, I've noticed a number of times that selinux is there,
> which we usually have in permissive, but setroubleshoot is *not*
> installed. Is there be some kind of dependency or group that it should be
> part of that's missing? I don't see why I need to manually install it....
>
> Second - and I thought I knew the answer to this, but guess I don't - I
> see AVC's in the log file, but no sealerts - how do I start it up to give
> me them in messages? I see auditd is running....
>
Point of information: CentOS 6.4, up to date.
Dan, you say that setroubleshoot should run; I did install
setroubleshoot-server and setroubleshoot-plugins, and then restarted
auditd, yet I've seen some avc's since then, I think (wish audit.log had
timestamps).
mark
More information about the selinux
mailing list