SELinux Denial

Learn about SELinux denial messages, where they're logged, and how to parse them in a brief RedHat tutorial.

 

Security Enhanced Linux (SELinux) is a security framework that allows and denies access to applications, files, etc. within a Linux system. For a full SELinux overview, see What is SELinux.

For this article, we will look at what happens when access to a desired file or application is denied. What messages will you see, where are these messages stored, and what does the information actually mean? What are some of the abnormal situations, caused by false positives and ghost denials, that you might find yourself in? We will explore all of that here.