Install setroubleshoot-server as follows.
# yum install -y setroubleshoot-server
If the system is in enforcing or permissive mode, setroubleshoot will provide a user-friendly explanation about the AVC's.
When there's AVC denial, messages like those below will print to /var/log/messages.
Jul 14 09:52:03 desktop setroubleshoot: SELinux is preventing 57656220436F6E74656E74 from write access on the file firefox52.pdf. For complete SELinux messages. run sealert -l 3c6aa24a-1b99-4eaf-bd95-a9c01e84ea27
Follow the instruction on the output of sealert -l xxxxxxxx to see more information about the AVC event.
# sealert -l 3c6aa24a-1b99-4eaf-bd95-a9c01e84ea27 SELinux is preventing 57656220436F6E74656E74 from write access on the file firefox52.pdf. ***** Plugin mozplugger (99.1 confidence) suggests ************************ If you want to use the plugin package Then you must turn off SELinux controls on the Firefox plugins. Do # setsebool -P unconfined_mozilla_plugin_transition 0
If you want to manually scan the log file and find its AVC's, the following command can be used.
# sealert -a /var/log/audit/audit.log
This will scan the complete log file, give the output on the terminal, and explain the details about AVC in user-friendly language.
