using audit2allow
Athmane Madjoudj
athmanem at gmail.com
Sat Nov 6 05:18:11 UTC 2010
On 11/06/2010 01:52 AM, Jim wrote:
> Fedora 14 /KDE
>
> This is the real Raw Audit Message.
>
> This location that has a bunch of FAQ's which one is for making
> policies, http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385
>
> Where is there a very good instructions on creating policies.
>
> # audit2allow -w -a node=(removed) type=AVC
> msg=audit(1288923096.835:99): avc: denied { write } for pid=16148
> comm="kdm" name="root" dev=sda1 ino=798
> scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
> tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
>
> bash: syntax error near unexpected token `('
>
>
This is related to bash; to fix you need quote the parameter value with '
ie:
# audit2allow -w -a 'node=(removed) type=AVC
msg=audit(1288923096.835:99): avc: denied { write } for pid=16148
comm="kdm" name="root" dev=sda1 ino=798
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
tcontext=system_u:object_r:admin_home_t:s0 tclass=dir'
HTH
--
Athmane Madjoudj
More information about the users
mailing list