mirror of
https://github.com/tldr-pages/tldr.git
synced 2025-04-29 23:24:55 +02:00
ae436c1b00
* batch1 * batch2 * batch3 * batch4 * Update matchpathcon.md * Update pages/linux/arecord.md Co-authored-by: Lena <126529524+acuteenvy@users.noreply.github.com> * Update pages/linux/arecord.md Co-authored-by: Lena <126529524+acuteenvy@users.noreply.github.com> * Update pages/linux/arecord.md Co-authored-by: Wiktor Perskawiec <git@spageektti.cc> --------- Co-authored-by: Lena <126529524+acuteenvy@users.noreply.github.com> Co-authored-by: Wiktor Perskawiec <git@spageektti.cc>
825 B
825 B
audit2allow
Create an SELinux local policy module to allow rules based on denied operations found in logs. Note: Use audit2allow with caution. Always review the generated policy before applying it, as it may allow excessive access. More information: https://manned.org/audit2allow.
- Generate a local policy to allow access for all denied services:
sudo audit2allow {{[-a|--all]}} -M {{local_policy_name}}
- Generate a local policy module to grant access to a specific process/service/command from the audit logs:
sudo grep {{apache2}} /var/log/audit/audit.log | sudo audit2allow -M {{local_policy_name}}
- Inspect and review the Type Enforcement (.te) file for a local policy:
vim {{local_policy_name}}.te
- Install a local policy module:
sudo semodule {{[-i|--install]}} {{local_policy_name}}.pp