From 0549b84bd7fc9e9d083e8737f04d475484929cee Mon Sep 17 00:00:00 2001
From: fufesou <shuanglongchen@yeah.net>
Date: Sat, 21 Oct 2023 23:38:41 +0800
Subject: [PATCH 1/3] selinux, check /var/log/audit/audit.log to see if there's
 any deny

Signed-off-by: fufesou <shuanglongchen@yeah.net>
---
 content/client/linux/_index.en.md    | 12 +++++++++---
 content/client/linux/_index.zh-cn.md | 11 ++++++++---
 2 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/content/client/linux/_index.en.md b/content/client/linux/_index.en.md
index 6eeae4d..b045f8f 100755
--- a/content/client/linux/_index.en.md
+++ b/content/client/linux/_index.en.md
@@ -55,7 +55,13 @@ Please **reboot** to make above changes taking effect.
 
 #### Permissions Issue
 
-If you find that RustDesk's --server process is not running, that is, there is no output when executing `ps -ef | grep -E 'rustdesk +--server'`.
-Then it's probably a permissions issue.
+If SELinux is enabled, RustDesk will not work properly in either X11 or Wayland environments.
 
-Please refer to [SELinux](./selinux/) for adding SELinux policies.
+You can run:
+
+```bash
+$ sudo grep 'comm="rustdesk"' /var/log/audit/audit.log | tail -1
+type=AVC msg=audit(1697902459.165:707): avc:  denied  { name_connect } for  pid=31346 comm="rustdesk" dest=53330 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:ephemeral_port_t:s0 tclass=tcp_socket permissive=0
+```
+
+If the output contains `avc: denied`, you need to add SElinux policies, please refer to [SELinux](./selinux/).
diff --git a/content/client/linux/_index.zh-cn.md b/content/client/linux/_index.zh-cn.md
index a32de91..ea813c5 100755
--- a/content/client/linux/_index.zh-cn.md
+++ b/content/client/linux/_index.zh-cn.md
@@ -57,8 +57,13 @@ RustDesk 现在有实验性的 Wayland 支持，您可能需要下载 [nightly v
 
 #### 权限问题
 
-如果您发现 RustDesk 的 --server 进程没有启动，即执行 `ps -ef | grep -E 'rustdesk +--server'` 没有输出。
-那么很可能是权限问题。
+如果启用了 SELinux ，那么无论是 X11 环境 还是 Wayland 环境， RustDesk 都无法正常工作。
 
+您可以运行如下命令：
 
-SELinux 权限添加请参考[SELinux](./selinux/)。
+```bash
+$ sudo grep 'comm="rustdesk"' /var/log/audit/audit.log | tail -1
+type=AVC msg=audit(1697902459.165:707): avc:  denied  { name_connect } for  pid=31346 comm="rustdesk" dest=53330 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:ephemeral_port_t:s0 tclass=tcp_socket permissive=0
+```
+
+如果有 `avc: denied` 的输出，则需要添加 SElinux 策略，请参考[SELinux](./selinux/)。

From aa6a58ce2e58e3182ac3c42a39ec08051ae32ab5 Mon Sep 17 00:00:00 2001
From: fufesou <shuanglongchen@yeah.net>
Date: Sat, 21 Oct 2023 23:45:47 +0800
Subject: [PATCH 2/3] selinux

Signed-off-by: fufesou <shuanglongchen@yeah.net>
---
 content/client/linux/_index.en.md    | 2 ++
 content/client/linux/_index.zh-cn.md | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/content/client/linux/_index.en.md b/content/client/linux/_index.en.md
index b045f8f..b641069 100755
--- a/content/client/linux/_index.en.md
+++ b/content/client/linux/_index.en.md
@@ -64,4 +64,6 @@ $ sudo grep 'comm="rustdesk"' /var/log/audit/audit.log | tail -1
 type=AVC msg=audit(1697902459.165:707): avc:  denied  { name_connect } for  pid=31346 comm="rustdesk" dest=53330 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:ephemeral_port_t:s0 tclass=tcp_socket permissive=0
 ```
 
+**NOTE**: The number in parentheses after audit is timestamp.
+
 If the output contains `avc: denied`, you need to add SElinux policies, please refer to [SELinux](./selinux/).
diff --git a/content/client/linux/_index.zh-cn.md b/content/client/linux/_index.zh-cn.md
index ea813c5..3fc237c 100755
--- a/content/client/linux/_index.zh-cn.md
+++ b/content/client/linux/_index.zh-cn.md
@@ -66,4 +66,6 @@ $ sudo grep 'comm="rustdesk"' /var/log/audit/audit.log | tail -1
 type=AVC msg=audit(1697902459.165:707): avc:  denied  { name_connect } for  pid=31346 comm="rustdesk" dest=53330 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:ephemeral_port_t:s0 tclass=tcp_socket permissive=0
 ```
 
+**注意**: audit 后面括号内的数字是时间戳。
+
 如果有 `avc: denied` 的输出，则需要添加 SElinux 策略，请参考[SELinux](./selinux/)。

From e0b966c2147090c58040d9939f4f6a80d4a39782 Mon Sep 17 00:00:00 2001
From: fufesou <shuanglongchen@yeah.net>
Date: Sun, 22 Oct 2023 12:17:38 +0800
Subject: [PATCH 3/3] selinux

Signed-off-by: fufesou <shuanglongchen@yeah.net>
---
 content/client/linux/SELinux/_index.en.md    | 4 ++--
 content/client/linux/SELinux/_index.zh-cn.md | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/content/client/linux/SELinux/_index.en.md b/content/client/linux/SELinux/_index.en.md
index e771825..628d446 100644
--- a/content/client/linux/SELinux/_index.en.md
+++ b/content/client/linux/SELinux/_index.en.md
@@ -109,8 +109,8 @@ allow init_t user_tmp_t:file map;
 Run:
 
 ```bash
-checkmodule -M -m -o rustdesk.mod rustdesk.te && semodule_package -o rustdesk.pp -m rustdesk.mod && sudo semodule -i rustdesk.pp
-sudo semodule -l | grep rustdesk
+$ checkmodule -M -m -o rustdesk.mod rustdesk.te && semodule_package -o rustdesk.pp -m rustdesk.mod && sudo semodule -i rustdesk.pp
+$ sudo semodule -l | grep rustdesk
 ```
 
 ### Create A Type "rustdesk_t"
diff --git a/content/client/linux/SELinux/_index.zh-cn.md b/content/client/linux/SELinux/_index.zh-cn.md
index 4c3c465..aa30ab6 100644
--- a/content/client/linux/SELinux/_index.zh-cn.md
+++ b/content/client/linux/SELinux/_index.zh-cn.md
@@ -108,8 +108,8 @@ allow init_t user_tmp_t:file map;
 执行：
 
 ```bash
-checkmodule -M -m -o rustdesk.mod rustdesk.te && semodule_package -o rustdesk.pp -m rustdesk.mod && sudo semodule -i rustdesk.pp
-sudo semodule -l | grep rustdesk
+$ checkmodule -M -m -o rustdesk.mod rustdesk.te && semodule_package -o rustdesk.pp -m rustdesk.mod && sudo semodule -i rustdesk.pp
+$ sudo semodule -l | grep rustdesk
 ```
 
 ### 新建 rustdesk_t 的类型