Diagnose And Address Routine Selinux Policy Violations
General Information
Troubleshooting SELinux.
General SELinux Troubleshooting
SELinux Audit Log file
- /var/log/audit/audit.log
- SELinux entries are of type “AVC”
grep AVC /var/log/audit/audit.log
Install SELinux Troubleshooter
yum install setroubleshoot-server
- Once installed, easier to understand log entries are made to /var/log/messages with tips on how to fix any possible issues.
Scan Audit Log for Alerts
sealert -a /var/log/audit/audit.log
- Analyzes the audit.log file and provides suggestions on how to fix issues.
- You may need to pipe to 'less' to read the entire message
Other Tips
- Always check selinux status: getenforce
- Set permissive temporarily to see if selinux is the issue: setenforce 0
- Change back when done to fix the underlying issue: setenforce 1