Newbie Q
John Dennis
jdennis at redhat.com
Fri Mar 20 20:42:31 UTC 2009
Aaron Gray wrote:
> I am trying to audit2allow on F10 to allow a cgi-bin perl script to
> run on Apache. Runs fine in permissive mode not in enforcing.
>
> I bought the O'Reilly SE Linux book and learned the basics but it does
> not really seem to help me on Fedora.
>
> there was no /var/log/kernel so I tried /var/log/secure with the
> following command sequence
>
> setenforce 0
>
> # access the cgi from the web
>
> setenforce 1
>
> audit2allow -l -i /var/log/secure
The audit log file is /var/log/audit/audit.log. Note, you must have root
privileges to read it.
>
>
> What is strange also is the system is not flagging things up as a
> notification icon anymore in enforcing mode.
Do you mean the "Star" Icon which opens the SETroubleshoot browser is
not appearing on your desktop?
If so are there any errors in /var/log/setroubleshoot/setroubleshootd.log?
Are there actually AVC messages in the /var/log/audit/audit.log file?
What version of setroubleshoot is installed?
>
> If someone could guide me or push me in the right direction I would be
> most thankful.
>
> Aaron
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the fedora-selinux-list
mailing list