How to whitelist a user avc?
Bruno Wolff III
bruno at wolff.to
Tue Sep 29 16:29:02 UTC 2015
On Tue, Sep 29, 2015 at 10:57:07 +0200,
Miroslav Grepl <mgrepl at redhat.com> wrote:
>On 09/28/2015 10:34 PM, Bruno Wolff III wrote:
>> I have a problem in F23 (that wasn't in F22), where getmail (or its feed
>> into qmail) doesn't work in enforcing mode. I first tried using
>> audit2allow to whitelist all of the avcs.
>
>Could you attach them?
Are you looking for audit2allow output? THe latest said that all of the
AVCs are allowed in the current policy. The mystery AVC from audit.log
was included in the original message.
>> type=USER_AVC msg=audit(1443471901.485:584): pid=1 uid=0 auid=4294967295
>> ses=4294967295 subj=system_u:system_r:init_t:s0 msg='Unknown permission
>> stop for class system exe="/usr/lib/systemd/systemd" sauid=0 hostname=?
>> addr=? terminal=?'
More information about the selinux
mailing list