On Thursday 23 June 2005 10:13, Jason K Larson wrote: > I am fairly new to selinux and while I have a seemingly working > install, when its in enforcing mode I get errors trying to sync other > gentoo boxes portage tree, like: > > Jun 23 01:35:21 yorke rsyncd[18130]: chroot /usr/portage failed: > Permission denied > > It's the only error I can see anywhere about it, and I can't seem to > locate any log of the selinux denial, neither while in enforcing or in > permissive. However in permissive mode, the sync works as expected. > > I can see some grsec denials (not related to rsyncd) in > /var/log/grsec.log (running syslog-ng, btw) but nothing selinux related > in /var/log/kern.log or /var/log/messages and from what I have read > thus far I am certain that I should be getting something. kern.log and > messages both contain "security:" entries when I load a new selinux > policy. Is there just some verbosity flag I missed so I can start > logging these denials?
Yes, you need to enable a specific kernel option to log selinux messages. Then you should be able to recieve them. Paul -- Paul de Vrieze Gentoo Developer Mail: [EMAIL PROTECTED] Homepage: http://www.devrieze.net
pgpMRC7sz15eW.pgp
Description: PGP signature
