Problem:
I'm facing an issue where SELinux is blocking certain actions of my application, which runs as a plugin for auditd. I've been trying to generate the necessary SELinux policy using audit2allow, but some actions still aren't resolved. Even after enabling ghost denial logs, the problem persists.
I want to run my application without setting SELinux or auditd to permissive mode, as I need to maintain security features.
Steps taken so far:
- Generated custom SELinux policies using
audit2allowbased on the logs. - Enabled ghost denials to capture more detailed logs.
- Tried running the application while SELinux is in enforcing mode, but some actions are still blocked.
What I'm looking for:
Are there any alternative approaches or best practices to allow my application to run smoothly without disabling SELinux or switching to permissive mode?
Any insights or suggestions would be greatly appreciated!
-
1Which distribution are you running? You've added tags for three different ones. Should these maybe be removed and replaced by the more generic linux tag (which I have now removed)?Kusalananda– Kusalananda ♦2025年04月08日 06:08:14 +00:00Commented Apr 8 at 6:08
-
1Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking.Community– Community Bot2025年04月08日 06:15:34 +00:00Commented Apr 8 at 6:15
You must log in to answer this question.
Explore related questions
See similar questions with these tags.