On 01/22/2011 11:02 AM, Richard Shaw wrote: > Jan 22 08:59:45 hobbes setroubleshoot: Setroubleshoot can not analyze > AVCs while dontaudit rules are disabled, 'semodule -B' will turn on > dontaudit rules. > > What does it mean and should I do what it says? What version of Fedora are you running? Since when did it started happening? Does it happens when you do a particular action (open any particular program)? In the SELinux policy, there are dozens of these "dontaudit rules". They basically deny access requested by some program. These denials are so generic that the policy writer decided not to audit them so you won't get plenty of denial messages on your logs. In the rare occasion that you suspect SELinux is causing problems (and you're not getting any message on the logs) then you would "disable" these dontaudit-rules in order to get FULL detail of every denial. You disable these "dontaudit rules" by doing "semodule -DB". If you haven't done this yourself, I'm really not sure why you are getting these messages. Try running "semodule -B" and see if that solves it. HTH, Jorge -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
