[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Latest kernel (2356), avc's on hwclock



Stephen Smalley wrote:
> Looks like the Fedora hwclock is instrumented to generate an audit
> record, but policy doesn't yet allow it to do so.  These capability
> checks used to be silent (no auditing) since they occur on netlink recv,
> but a recent patch has enabled SELinux to generate audit messages on the
> netlink recv capability checks.  So we can expect these types of denials
> to show up now.  Should be allowed in this case.

So it's generating an audit message, because it wasn't allowed to
generate an audit message?

I've only had half a beer...

-- 
========================================================================
Ian Pilcher                                        i pilcher comcast net
========================================================================


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]