You can install audit2why by installing the policycoreutils package<\/p>\n\n\n\n
sudo dnf install policycoreutils-python-utils<\/pre>\n\n\n\nShow what and why something is failing<\/p>\n\n\n\n
audit2why < \/var\/log\/audit\/audit.log<\/pre>\n\n\n\nSearch with ausearch<\/p>\n\n\n\n
ausearch -m avc --start recent<\/pre>\n\n\n\nCreate and apply a module to fix the failure<\/p>\n\n\n\n
This creates two files, a .pp and .te. The .pp is the compiled version of the .te<\/p>\n\n\n\n
audit2allow -M mymodule < \/var\/log\/audit\/audit.log<\/pre>\n\n\n\nsemodule -i mymodule.pp<\/pre>\n\n\n\nNote that “mymodule.pp” will replace any previous “mymodule.pp”. If your needing to create multiple modules\/allow multiple exceptions, you can change the name of each module. <\/p>\n\n\n\n
You can also add the rules together then manually compile it. Refer to the first link for more details.<\/p>\n\n\n\n
<\/p>\n\n\n\n
Links with more info<\/p>\n\n\n\n
https:\/\/danwalsh.livejournal.com\/24750.html<\/a><\/p>\n\n\n\n
http:\/\/selinuxgame.org\/tutorials\/ausearch\/index.html<\/a><\/p>\n\n\n\n
https:\/\/access.redhat.com\/documentation\/en-us\/red_hat_enterprise_linux\/6\/html\/security-enhanced_linux\/sect-security-enhanced_linux-fixing_problems-allowing_access_audit2allow<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
You can install audit2why by installing the policycoreutils package sudo dnf install policycoreutils-python-utils Show what and why something is failing audit2why < \/var\/log\/audit\/audit.log Search with ausearch ausearch -m avc –start recent Create and apply a module to fix the failure … Continue reading