Chapter 3. Troubleshooting issues related to SELinux
For diagnosing issues related to SELinux, you can check the file /var/log/audit/audit.log
, as follows:
To query Audit logs, use the
ausearch
tool. SELinux decisions, such as allowing or disallowing access, are cached in the Access Vector Cache (AVC). Therefore, you should use theAVC
andUSER_AVC
values for the message type parameter, for example:# ausearch -m AVC,USER_AVC,SELINUX_ERR,USER_SELINUX_ERR -ts boot
- If there are no matches, check if the Audit daemon is running.
If it is not running, then perform the following steps:
- Restart the audit.
- Re-run the denied scenario.
- Check the Audit log again.
For more information about solving SELinux related issues, see Troubleshooting problems related to SELinux.