Tim wrote:
On Sat, 2005-11-19 at 14:21 +0200, Dotan Cohen wrote:
I opened the Security Level GUI, and I see the option for
disabling individual services. However, I cannot check any of them.
The V mark does not appear when I click on them.
I think that's how it behaves when SELinux is disabled, overall.
In addition, I do prefer to edit config files manually, to learn.
I would, too. Though I've also found SELinux documentation to be less
than adequate to attempt configuring something manually.
Likewise for SELinux-related things. For instance, the audit.log is
just gibberish, to me. I can't look at it and see that something
happened at a particular time (like the messages log file), and the
content of some entries gives no clue as to what it means.
For example:
type=SOCKETCALL msg=audit(1123685491.877:78): nargs=6 a0=4 a1=bf8ce47c a2=10 a3=0 a4=bf8d0618 a5=c
type=CONFIG_CHANGE msg=audit(1123685491.878:83): audit_backlog_limit=256 old=64 by auid=4294967295
I can't even guess at what they might refer to.
You might try:
# ausearch -a 78
(the number is the number following the colon in the audit(xxx:yyy) part
of the entry)
That should result in something a little more comprehansible. Note that
the audit subsystem is not only used by SELinux - most entries will not
be SELinux-related at all.
Paul.
