Launching the below in one terminal
tail -f /var/log/audit/audit.log | grep httpd_use_nfs
And the below in an other
setsebool httpd_use_nfs=on
I see in the first terminal
type=MAC_CONFIG_CHANGE msg=audit(1730101288.652:110): bool=httpd_use_nfs val=1 old_val=0 auid=0 ses=1AUID="root"
So the type of audit log while changing an SE Linux boolean is MAC_CONFIG_CHANGE.
Red Hat
Learning Community
A collaborative learning environment, enabling open source skill development.