SELinuxTroubleshhoting from the command line.

I love SELinux and think it is a great way to assist you to ensure services and users are not accessing files and directories they should not be.

I have found the sealert GUI tool to be a great help when setting up and troubleshooting issues on a system, but have always struggled at the command line. Until I found a solution.

 sealert -a /var/log/audit/audit.log

This outputs the text of the sealert GUI to stdout and assists you in troubleshooting where SELinux is interfering with the system.

This is also handy as you can point any file that has audit log entries in it and it will assess this so if you are emailed the log entries. Dump them in a file and point sealert at it.

Also Checkout the SELinux HowTo on the Centos Wiki for heaps of other tips and tricks on troubleshooting SELinux.

Bookmark on Delicious
Digg this post
Recommend on Facebook
share via Reddit
Share with Stumblers
Tweet about it
Subscribe to the comments on this post
Tell a friend

This entry was posted on July 3, 2009, 12:11 pm and is filed under Computer Stuff. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.

PureDistortion

SELinuxTroubleshhoting from the command line.

No comments yet.

Tags

What I'm up to:

Archive