7.3.8. Allowing Access: audit2allow

7.3.8. Allowing Access: audit2allow

7.3.8. Allowing Access: audit2allow

Do not use the example in this section in production. It is used only to demonstrate the use of audit2allow.

From the audit2allow(1) manual page: “audit2allow – generate SELinux policy allow rules from logs of denied operations”[18]. After analyzing denials as per Section 7.3.7, “sealert Messages”, and if no label changes or Booleans allowed access, use audit2allow to create a local policy module. After access is denied by SELinux, running the audit2allow command presents Type Enforcement rules that allow the previously denied access.

The following example demonstrates using audit2allow to create a policy module:

A denial and the associated system call are logged to /var/log/audit/audit.log:

via 7.3.8. Allowing Access: audit2allow.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s