If you’re reading this in the hope that all your SELinux woes will be magically resolved, I have some bad news for you. If you want to understand how to manage SELinux properly then you’re going to have to learn how to write a policy, and sooner or later I really hope that you will. In the mean time this post will provide you with a list of commands that should get you by 80% of the time, even if you don’t yet understand them.

SELinux isn’t everyone’s favourite operating system feature but, love it or hate it, it’s now been an integral part of the RedHat Enterprise Linux OS for some time and isn’t going anywhere any time soon. Usually the bad experiences admins have with SELinux are much the same; they’ve moved some files, or possibly trying to serve up files from a non-default directory, and things just mysteriously don’t work. Hours of consulting documentation and trawling through Google finally points them in the direction of the /var/log/audit/audit.