audit2allow -l is unusable in FC5

Steve G linux_4ever at yahoo.com
Wed Sep 6 00:35:24 UTC 2006


>There is no log saying "avc granted load_policy",
>instead, there is audit log "audit(1157498697.581:88): policy loaded 
>auid=4294967295 ".

Yes this is correct. This is the new way as of kernel 2.6.17. There was some
overlap where an audit was in the policy and the kernel, but we only need one
message. The audit2allow program should be updated to recognize the above as a
load policy event.

-Steve

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 




More information about the fedora-selinux-list mailing list