linux_wiki:diagnose_and_address_routine_selinux_policy_violations

This is an old revision of the document!

Diagnose And Address Routine Selinux Policy Violations

General Information

About this page/how-to/script.

SELinux Audit Log file

  • /var/log/audit/audit.log
  • SELinux entries are of type “AVC”
    grep AVC /var/log/audit/audit.log


Install SELinux Troubleshooter 

yum install setroubleshoot-server
  • Once installed, easier to understand log entries are made to /var/log/messages with tips on how to fix any possible issues.


Scan Audit Log 

sealert -a /var/log/audit/audit.log
  • Analyzes the audit.log file and provides suggestions on how to fix issues.

Other Tips

  • Always check selinux status: getenforce
  • Set permissive temporarily to see if selinux is the issue: setenforce 0
  • Change back when done to fix the underlying issue: setenforce 1
  • linux_wiki/diagnose_and_address_routine_selinux_policy_violations.1456802373.txt.gz
  • Last modified: 2019/05/25 23:50
  • (external edit)