Aleksey Tsalolikhin disturbed my sleep to write: > No recent AVC denied entries in /var/log/audit/audit.log or > /var/log/messages. (One did not get logged when I tried to start httpd > and failed.)
There are some SELinux violations (is that the right term?) that are
not logged/audited. This page:
http://moonpup.blogspot.com/2010/01/dear-lazyweb-and-selinux-gurus.html
details problems a while back with RHEL, SELinux and Postfix; I didn't
write it, but I tripped over the same error, and while SELinux was the
problem, no AVC denials were being logged.
The comments give a RH bug and suggestions for enabling auditing for
the stuff that's not usually audited. On the CentOS 5 machine I was
having this problem on, running:
semodule -b /usr/share/selinux/targeted/enableaudit.pp
turned on all auditing.
Hope that helps,
Hugh
--
Hugh Brown
http://saintaardvarkthecarpeted.com
Because the plural of Anecdote is Myth.
signature.asc
Description: Digital signature
_______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
