Quote:
Originally Posted by c0wb0y
SELinux enabled? Please post
ls -lZ <file name>
then grep either the <filename> on /var/log/audit/audit.log (this is distro-dependent) and look for any denied entries. We can go from there.
With SELinux, even root is restricted to do various things without modifying contexts and rules. I think this is the case.
|
Here is the SELinux info:
Code:
[root@server Downloads]# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 24
Policy from config file: targeted
[root@server Downloads]# ls -alZ
drwxr-xr-x. root root unconfined_u:object_r:file_t:s0 .
drwxr-xr-x. root root unconfined_u:object_r:file_t:s0 ..
-rwxr--r--. root root unconfined_u:object_r:file_t:s0 cmake-2.8.10.2.tar.gz
-rw-r--r--. root root unconfined_u:object_r:file_t:s0 httplib2-0.8.tar.gz
-rw-r--r--. root root unconfined_u:object_r:file_t:s0 Orthanc-0.7.2.tar.gz
[root@server Downloads]# id -Z
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
[root@server Downloads]#
Code:
[root@server Downloads]# sealert -av /var/log/audit/audit.log | grep -i 'cmake-2.8.10.2.tar.gz'
[root@server Downloads]#
Unless you can recommend another type of search for sealert.