On Wed, 2011-04-13 at 16:00 -0400, Daniel J Walsh wrote: [snip] > The avc messages are in /var/log/audit/audit.log > > ausearch -m avc -ts recent > > Will also show you recent AVC messages. > > audit2allow -la > > will search for any avc message in /var/log/audit/audit.log or > /var/log/messages since the last policy load. Thanks for correcting me and providing the additional tools for the OP to use. I sometimes mis-type when in a hurry. I'd use caution with audit2allow, though, as this tool only shows you what to do to get rid of the avc denial message(s). It makes no judgement whether the resulting policy will be appropriate or safe. ./Cal