-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 10/21/2013 04:24 PM, m.roth@5-cent.us wrote:
The sealert tells me that a file named index.cgi is running avc on sysfs_t. Is there any tool that would get me the *full* path of index.cgi, as there are several of them, for several websites (including bugzilla)?
CentOS 6.4.
mark
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
You can turn on full auditing which should generate the path.
I add
- -w /etc/shadow
to
/etc/audit/audit.rules
Or you can turn it on temporarily (Until next reboot)
auditctl -w /etc/shadow