|
|
|
|
|
|
by Too
1571 days ago
|
|
|
grep denied /var/log/audit/* On some systems the avc violations also get printed in dmesg. If violations block your whole system from even running, you can enable permissive mode, this only logs violations without enforcing them. As others already mentioned, turning violation logs into allow rules can be done with audit2allow. Wouldn’t recommend blindly using that though as the generated rules are always either too narrow or too wide, just use it as a guideline. |
|
|