Hi,
I have OSSEC on RHEL6 but its logging errors from SELinux......is there any
docs on using SELinux with OSSEC?
This is the alarm message I'm getting,
===========
Nov 17 15:45:01 vuwunicosec0001 kernel: type=1400 audit(1321497901.028:35953):
avc: denied { getattr } for pid=19119 comm="httpd"
path="/var/ossec/queue/syscheck/syscheck" dev=dm-6 ino=260323
scontext=unconfined_u:system_r:httpd_t:s0 tcontext=system_u:object_r:var_t:s0
tclass=file
===========
regards
Steven Jones
Technical Specialist - Linux RHCE
Victoria University, Wellington, NZ
0064 4 463 6272
