|
|
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
What does audit2why say?
Well, not what I expected :-\ : -bash-4.1# audit2why < /var/log/audit/audit.log Traceback (most recent call last): File "/usr/bin/audit2allow", line 24, in <module> import sepolgen.policygen as policygenFile "/usr/lib/python2.6/site-packages/sepolgen/policygen.py", line 33, in <module>
from setools import * ImportError: No module named setoolsSo, I guess I have to transfer my audit.log on a machine which does have setools (python) installed (the one I am getting this on is my dmz server, so it is pretty constrained).
I'll try these, thanks Dominick! I'll introduce these one by one as tunables and see what works.Some shots in the dark: # get past dyntransition kiddy lock domain_dyntrans_type(sshd_t) # get past subject identity change kiddy lock domain_subj_id_change_exemption(sshd_t) # get past role change kiddy lock domain_role_change_exemption(sshd_t)
Could it be that the new version of openssh introduced these new hooks, which were not present in older versions? To me this whole issue is caused entirely by openssh.
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
[Fedora Users] [Fedora Legacy] [Fedora Desktop] [Big List of Linux Books] [Yosemite Photos] [Yosemite News] [Yosemite Campsites] [KDE Users] [Gnome Users]
