It's nice with selinux that a notification window pops up when a violation has been detected... and then that it's a simple matter to click on an icon to pop open a window with much more information. But lacking in that window is critical information necessary to identify and then perhaps resolve the issue.
Fundamentally the action of some executable has tried, against policy, to access some file. So why doesn't this page list:
- the name of the file, including full path, against which access was attempted;
- the name of the executable, including full path, which tried to access that file; and
-- text explaining the policy which was violated, or at least a link to it?
I've had selinux installed for some years now (in permissive mode), but am considering uninstalling it because, lacking this obvious and critical information, there doesn't seem to be a point to it.