0

Problem:

I'm facing an issue where SELinux is blocking certain actions of my application, which runs as a plugin for auditd. I've been trying to generate the necessary SELinux policy using audit2allow, but some actions still aren't resolved. Even after enabling ghost denial logs, the problem persists.

I want to run my application without setting SELinux or auditd to permissive mode, as I need to maintain security features.

Steps taken so far:

  1. Generated custom SELinux policies using audit2allow based on the logs.
  2. Enabled ghost denials to capture more detailed logs.
  3. Tried running the application while SELinux is in enforcing mode, but some actions are still blocked.

What I'm looking for:

Are there any alternative approaches or best practices to allow my application to run smoothly without disabling SELinux or switching to permissive mode?

Any insights or suggestions would be greatly appreciated!

Improve this question
2
  • 1
    Which distribution are you running? You've added tags for three different ones. Should these maybe be removed and replaced by the more generic linux tag (which I have now removed)?
    – Kusalananda
    Commented Apr 8 at 6:08
  • 1
    Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking.
    – Community Bot
    Commented Apr 8 at 6:15

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.