Differences
This shows you the differences between two versions of the page.
linux_wiki:diagnose_and_address_routine_selinux_policy_violations [2016/02/29 22:19] billdozor created |
linux_wiki:diagnose_and_address_routine_selinux_policy_violations [2019/05/25 23:50] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Diagnose And Address Routine Selinux Policy Violations ====== | ||
- | |||
- | **General Information** | ||
- | |||
- | About this page/ | ||
- | |||
- | ---- | ||
- | |||
- | SELinux Audit Log file | ||
- | * / | ||
- | * SELinux entries are of type " | ||
- | |||
- | \\ | ||
- | Install SELinux Troubleshooter | ||
- | <code bash> | ||
- | yum install setroubleshoot-server | ||
- | </ | ||
- | * Once installed, easier to understand log entries are made to / | ||
- | |||
- | \\ | ||
- | Scan Audit Log | ||
- | <code bash> | ||
- | sealert -a / | ||
- | </ | ||
- | * Analyzes the audit.log file and provides suggestions on how to fix issues. | ||
- | |||
- | **Other Tips** | ||
- | * Always check selinux status: getenforce | ||
- | * Set permissive temporarily to see if selinux is the issue: setenforce 0 | ||
- | * Change back when done to fix the underlying issue: setenforce 1 | ||
- | |||
- | ---- | ||