7.2.1.5.�SELinux Audit Log

7.2.1.5. SELinux Audit Log
Prev	7.2.1. Example: Security Enhanced Linux	Next

7.2.1.5. SELinux Audit Log

> tail /var/log/audit/audit.log
type=AVC msg=audit(1515657259.550:620585): avc:  denied  { open } for  pid=8358 comm="sudo" path="/run/utmp" dev="tmpfs" ino=11643 scontext=system_u:system_r:nagios_t:s0 tcontext=system_u:object_r:initrc_var_run_t:s0 tclass=file permissive=1
...
> audit2allow < /var/log/audit/audit.log
#============= nagios_t ==============
allow nagios_t initrc_var_run_t:file open;
...
> ls -Z /run/utmp
system_u:object_r:initrc_var_run_t:s0 /run/utmp

Prev	Up	Next
7.2.1.4. SELinux Booleans	Home	7.2.1.6. SELinux Policy Sources