Questions about audit and selinux
Recently wanted to keep log on auditd via logrotate
But seliunx keeps blocking It is also invalid to follow the action recommended by selinux The action is as follows ausearch -c 'logrotate' --raw | audit2allow -M logrotate semodule -i logrotate.pp But the result is still invalid How can I do this without closing selinux? The second question is I checked on the Internet, change the `selinux` label to `var_t`. But what I want to ask is how do I know he is the tag I want to change `var_t` Instead of other tags I still can't tell if I have `audit2allow` and `semanage boolen` |
All times are GMT -5. The time now is 12:40 AM. |