SELinux revisited
Gene Heskett
gene.heskett at verizon.net
Sun Oct 21 15:18:26 UTC 2007
On Sunday 21 October 2007, Steve G wrote:
[...]
>>> # Feel free to add below this line. See auditctl man page
>>>
>>> -a exit,always -S chroot
>>> #-a exit,always -S chdir -F obj_type=dhclient_t
>>
>>I don't know the rule syntax, but just looking at the source, it
>
> appears
>
>>to me that the rule on line 15 is malformed (at least compared to the
>>others).
>
>All of those rules look fine for audit package > 1.3 and kernel probably >
> 2.6.21. But those rules are not default and would have taken some research
> to come up with since I know of no public examples of auditing by selinux
> context.
So what should line 15 look like today?
--
Cheers, Gene
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Mix a little foolishness with your serious plans; it's lovely to be silly
at the right moment.
-- Horace
More information about the fedora-selinux-list
mailing list