Wednesday, July 14, 2010

fixing selinux issues

type=AVC msg=audit(1247465930.147:397): avc: denied { append } for pid=21828 comm="named" name="transfer.log" dev=sda1 ino=335255 scontext=unconfined_u:system_r:named_t:s0 tcontext=unconfined_u:object_r:var_log_t:s0 tclass=file


grep "audit" /var/log/messages > /tmp/local.audit

audit2allow -m local -l -i /tmp/local.audit > local.te

checkmodule -M -m -o local.mod local.te
semodule_package -o local.pp -m local.mod


semodule -i local.pp

No comments: