====== Diagnose And Address Routine Selinux Policy Violations ======
**General Information**
Troubleshooting SELinux.
----
===== General SELinux Troubleshooting =====
SELinux Audit Log file
* /var/log/audit/audit.log
* SELinux entries are of type "AVC"grep AVC /var/log/audit/audit.log
\\
Install SELinux Troubleshooter
yum install setroubleshoot-server
* Once installed, easier to understand log entries are made to /var/log/messages with tips on how to fix any possible issues.
\\
Scan Audit Log for Alerts
sealert -a /var/log/audit/audit.log
* Analyzes the audit.log file and provides suggestions on how to fix issues.
* You may need to pipe to 'less' to read the entire message
**Other Tips**
* Always check selinux status: getenforce
* Set permissive temporarily to see if selinux is the issue: setenforce 0
* Change back when done to fix the underlying issue: setenforce 1
----