I get this aler all the time and I already did this 5 times.
ausearch -c 'iptables' --raw | audit2allow -M my-iptables#012# semodule -i my-iptables.pp#012
but still get the same alert.
Oct 12 15:55:14 localhost setroubleshoot: SELinux is preventing /usr/sbin/xtables-multi from getopt access on the rawip_socket Unknown. For complete SELinux messages run: sealert -l 1f7d951-a178-4a9-a1f5bee022f1f32
Oct 12 15:55:14 localhost python: SELinux is preventing /usr/sbin/xtables-multi from getopt access on the rawip_socket Unknown.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that xtables-multi should be allowed getopt access on the Unknown rawip_socket by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'iptables' --raw | audit2allow -M my-iptables#012# semodule -i my-iptables.pp#012
SEalert all the time the same one
-
stevemowbray
- Posts: 519
- Joined: 2012/06/26 14:20:47
Re: SEalert all the time the same one
I think the commands you want are:
ausearch -c 'iptables' --raw | audit2allow -M my-iptables
semodule -i my-iptables.pp
ausearch -c 'iptables' --raw | audit2allow -M my-iptables
semodule -i my-iptables.pp
Re: SEalert all the time the same one
Yes I did that exactly, 5 times and I still get this notifications in log