On 1/29/25 6:50 PM, Peter via Postfix-users wrote:
On 30/01/25 12:00, Wietse Venema via Postfix-users wrote:
If you can get them to address the root cause problem: failing
syscalls without proper logging why) then people could fix these
problem themselves (as the saying goes, "teach a human to fish").
Except for the very rare case of dontaudit logs (as discussed in the
other thread) these are all logged in /var/logs/audit/audit.log. The
format of this file is admittedly confusing to a newcomer, but there
are tools distributed for selinux that will read these logs and
interpret them in a very easy to understand display along with actual
steps that you can take to fix the issue.
This is no worse, imo than any other type of logs, including Postfix
logs which can be difficult for a newcomer to fully understand and
which has collate to help organise the logs to better present them.
And there are tools you can use to dig down into the whys and the
wherefores with SELinux. The video I posted earlier
(https://www.youtube.com/watch?v=_WOKRaM-HI) talks about dontaudit, and
how to turn it on and off. It also discusses a bunch of examples of how
errors get logged, and the tools for finding those errors and
explanations as to how to fix them.
Thomas
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
