Invalid AVC allowed in current policy reported by sealert
Issue
- sealert reports
Invalid AVC allowed in current policy
# sealert -a /var/log/audit/audit.log
100% done
type=AVC msg=audit(1542383956.104:332): avc: denied { write } for pid=1564 comm="passwd" path="/root/avctest" dev="vda1" ino=1747 scontext=unconfined_u:unconfined_r:passwd_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:admin_home_t:s0 tclass=file permissive=0
**** Invalid AVC allowed in current policy ***
100% done
found 0 alerts in /var/log/audit/audit.log
Environment
Red Hat Enterprise Linux
sealert
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
