...
Code Block |
---|
sudo systemctl stop fapolicyd # https://www.mankier.com/8/fapolicyd # ... # --debug-deny # leave the daemon in the foreground for debugging. Event information is written to stderr only when the decision is to deny access. # --permissive # the daemon will allow file access regardless of the policy decision. This is useful for debugging rules before making them permanent. sudo /usr/sbin/fapolicyd --debug-deny Loaded 16 rules Changed to uid 990 Initializing the database fapolicyd integrity is 0 backend rpmdb registered backend file registered Loading rpmdb backend Loading file backend Checking database Importing data from rpmdb backend Importing data from file backend Entries in DB: 28117 Loaded from all backends(without duplicates): 28117 Database checks OK added /dev/shm mount point added / mount point added /var mount point added /boot mount point added /tmp mount point added /data mount point added /run/user/1000 mount point Starting to listen for events rule=15 dec=deny_audit perm=execute auid=-1 pid=2302 exe=/usr/local/omk/bin/opha-cli.exe : path=/tmp/par-726f6f74/cache-00548e237c0c0fdd9581d8236e7b57e47c9024b4/opha-cli.pl ftype=application/x-executable rule=15 dec=deny_audit perm=execute auid=-1 pid=2303 exe=/usr/local/omk/bin/opreports-scheduler.exe : path=/tmp/par-726f6f74/cache-815c07b0877113fa7553963226f8855aa1160121/opreports-scheduler.exe ftype=application/x-executable rule=15 dec=deny_audit perm=execute auid=-1 pid=2306 exe=/usr/local/omk/bin/opha-cli.exe : path=/tmp/par-726f6f74/cache-00548e237c0c0fdd9581d8236e7b57e47c9024b4/opha-cli.pl ftype=application/x-executable rule=15 dec=deny_audit perm=execute auid=-1 pid=2542 exe=/usr/local/omk/bin/baseline.exe : path=/tmp/par-726f6f74/cache-62f960e7d5fb11c6bcbb34fba76fe5030b04477c/baseline.exe ftype=application/x-executable rule=15 dec=deny_audit perm=execute auid=-1 pid=2695 exe=/usr/local/omk/bin/opreports-scheduler.exe : path=/tmp/par-726f6f74/cache-815c07b0877113fa7553963226f8855aa1160121/opreports-scheduler.exe ftype=application/x-executable ... ... # When finished debugging, press CTRL+C to kill this foreground fapolicyd process and startrestart the fapolicyd service: sudo systemctl start fapolicyd |
...