Troubleshooting SELinux

Let's take a look at different ways of troubleshooting SELinux.

The log file

If we were left uncertain as to the problem that was causing errors that we encountered before with the web server, then our troubleshooting should always start with log files. For SELinux, this is the /var/log/audit/audit.log file. Logging in from SELinux will be marked as AVC (Access Vector Cache). We can search the log file with grep using something similar to the following command:

# grep AVC /var/log/audit/audit.log

However, more appropriately, there is also the ausearch command that we can use. If an error has just occurred, we can use the recent time start code to help reduce returned results. This is a shortcut for displaying errors within ...

Get Learning RHEL Networking now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.