sealert

From RaySoft

sealert is the user interface component (either GUI or command line) to the setroubleshoot system. setroubleshoot is used to diagnose SELinux denials and attempts to provide user friendly explanations for a SELinux denial (e.g. AVC) and recommendations for how one might adjust the system to prevent the denial in the future.[1]

Documentation

Syntax

sealert [PARAMETER ...]

Parameters

-a FILE, --analyze FILE
Scan a log FILE, analyze it's AVC's

Examples

Add a SELinux policy to allow a Traefik container to read from /var/run/docker.sock

Scan the log file and report all discovered SELinux issues: 

sealert --analyze '/var/log/audit/audit.log'

Create a SELinux policy for the Traefik container: 

ausearch --comm 'traefik' --raw | audit2allow --module-package='my-traefik'

Install the SELinux policy for the Traefik container: 

semodule --install='my-traefik'

References

  1. man 8 'sealert'
Retrieved from "https://www.raysoft.ch/w/index.php?title=sealert&oldid=41834"