Joy Latten wrote:
Is there a way to reverse a dontaudit rule without having to
modify and recompile base policy?
I need to see the audit message to help determine what permissions
are being denied for a particular application.
No - that is why the enableaudit.pp base policy is provided in
/usr/share/selinux/[policyname]/enableaudit.pp. Install that with:
semodule -b path_to_enableaudit
and you should see all denials.
Karl
--
redhat-lspp mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/redhat-lspp
