using audit2allow

Athmane Madjoudj athmanem at gmail.com
Sat Nov 6 05:18:11 UTC 2010


On 11/06/2010 01:52 AM, Jim wrote:
> Fedora 14 /KDE
>
> This is the real Raw Audit Message.
>
> This location that has a bunch of FAQ's which one is for making
> policies,  http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385
>
> Where is there a very good instructions on creating policies.
>
> # audit2allow -w -a node=(removed) type=AVC
> msg=audit(1288923096.835:99): avc:  denied  { write } for  pid=16148
> comm="kdm" name="root" dev=sda1 ino=798
> scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023
> tcontext=system_u:object_r:admin_home_t:s0 tclass=dir
>
> bash: syntax error near unexpected token `('
>
>

This is related to bash; to fix you need quote the parameter value with '
ie:

# audit2allow -w -a 'node=(removed) type=AVC 
msg=audit(1288923096.835:99): avc:  denied  { write } for  pid=16148 
comm="kdm" name="root" dev=sda1 ino=798 
scontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 
tcontext=system_u:object_r:admin_home_t:s0 tclass=dir'

HTH
-- 
Athmane Madjoudj


More information about the users mailing list