Tag: selinux

SELinux: Compile a policy package

You have generated a SELinux human readable .te file and want to compile it into a .pp policy file.     Create a policy The first command will read through the audit.log file to generate both a .te and .pp file. The .te is human readable. The .pp is compiled. The second command installs that policy. ausearch -c 'avc' --raw...Read More »

audit2allow error and explanation.

While troubleshooting some SELinux enforcement related issues using audit2allow, an ERROR message presented itself. After some research, a logical explanation was presented. The following error is an implication that there were no avc denials in the /var/log/uadit/audit.log and that the generated module was empty. That response was satisfactory and also correct for this situation. However, when running an all inclusive...Read More »