[CentOS] SELinux Question

Tue Jul 23 06:42:14 UTC 2013
Ken Smith <kens at kensnet.org>

Gordon Messmer wrote:
> On 07/22/2013 07:41 AM, Ken Smith wrote:
>> Hi Guys, My google foo is failing me this afternoon. Just configuring a
>> new C6 install. I know there are SELinux alerts happening, eg: I know I
>> need to enable named to write to the local .jnl file as part of dynamic
>> DNS, but sealert -b is not listing any alerts. I can see raw audit
>> messages.  Is there some daemon I have forgotten to start or install?
> If you don't see AVCs logged and suspect that SELinux is causing you
> problems anyway, enable all logging:
> semodule -BD
> http://fedoraproject.org/wiki/SELinux/Troubleshooting
> If you don't see AVCs in the log, then SELinux isn't denying access.
> Normally if files are created in /var/named/dynamic, then the SELinux
> context will already be set correctly.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
For some reason auditd wasn't running or enabled. I'm now seeing the 
messages I needed in /var/log/messages. I'm running bind chrooted and 
various other tweeks mean I need to set SELinux accordingly.



This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.