Diagnose And Address Routine Selinux Policy Violations

General Information

Troubleshooting SELinux.

SELinux Audit Log file

  • /var/log/audit/audit.log
  • SELinux entries are of type “AVC”
    grep AVC /var/log/audit/audit.log

Install SELinux Troubleshooter

yum install setroubleshoot-server
  • Once installed, easier to understand log entries are made to /var/log/messages with tips on how to fix any possible issues.

Scan Audit Log for Alerts

sealert -a /var/log/audit/audit.log
  • Analyzes the audit.log file and provides suggestions on how to fix issues.
  • You may need to pipe to 'less' to read the entire message

Other Tips

  • Always check selinux status: getenforce
  • Set permissive temporarily to see if selinux is the issue: setenforce 0
  • Change back when done to fix the underlying issue: setenforce 1

  • linux_wiki/diagnose_and_address_routine_selinux_policy_violations.txt
  • Last modified: 2019/05/25 23:50
  • (external edit)