Bug 138767
Summary: | SELinux FAQ - why is there no output from certain daemons run in debug or interactive mode? | ||
---|---|---|---|
Product: | [Fedora] Fedora Documentation | Reporter: | Karsten Wade <kwade> |
Component: | selinux-faq | Assignee: | Karsten Wade <kwade> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Tammy Fox <tammy.c.fox> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | devel | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://fedora.redhat.com/docs/selinux-faq-fc3/ | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2004-12-31 18:40:34 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 118757 |
Description
Karsten Wade
2004-11-11 01:09:51 UTC
Included in 1.3-5. ## begin Q/A addition to FAQ Q: Why do I not see the output when I run certain daemons in debug or interactive mode? A: SELinux intentionally disables access to the tty devices to stop daemons from communicating back with the controlling terminal. This communication is a potential security hole because such daemons could insert commands into the controlling terminal. A broken or compromised program could cause serious problems with this. There are a few ways you can capture STDOUT from daemons. One method is to pipe the output to the cat command. snmpd -v | cat When debugging a daemon, you may want to turn of the transitioning of the daemon to its specific domain. You can do this using system-config-securitylevel or setsebool on the command line. A final option is to turn off enforcing mode while debugging. You can do this with setenforce 0, using setenforce 1 to reenable SELinux when you are finished debugging. ## 30 ## |