Setroubleshoot Log Redirects
Hi all,
I am wondering how can I redirect the setroubleshoot log message from
system message to another files?
Oct 7 15:42:59 localhost setroubleshoot: SELinux is preventing access
to files with the label, file_t. For complete SELinux messages. run
sealert -l 7252d716-97f1-48c1-90cf-af868b8eda9d
Oct 7 15:43:09 localhost setroubleshoot: SELinux is preventing access
to files with the label, file_t. For complete SELinux messages. run
sealert -l c0a89b73-ef07-4d14-bae3-c4056cc5c7d9
Oct 7 15:43:19 localhost setroubleshoot: SELinux is preventing access
to files with the label, file_t. For complete SELinux messages. run
sealert -l 38144616-8fde-4efe-91e2-62c1dda99d08
Oct 7 15:43:19 localhost setroubleshoot: SELinux is preventing access
to files with the label, file_t. For complete SELinux messages. run
sealert -l 5e9d5bc6-8e92-4cb9-9809-6d276ad99bbe
Thank you in advanced.
Re: Setroubleshoot Log Redirects
Jacky, Jack wrote:[color=blue]
> Hi all,
>
> I am wondering how can I redirect the setroubleshoot log message from
> system message to another files?
>
> [snip]
>
> Thank you in advanced.[/color]
If you're running Fedora or RedHat, then run the audit daemon.
SELinux messages will end up in the audit log.
