When the SELinux subsystem is asked to perform an invalid SELinux-specific operation, it will log this through the audit subsystem using the
SELINUX_ERR message type.
Make sure that the audit subsystem is up and running as we will be using the
ausearch application to (re)view audit events:
~# service auditd start
SELINUX_ERR messages is done by viewing the entry in the audit logs and understanding the individual fields; this is done by completing the following steps:
~# semodule -R