SE Linux Questions

Jim Cornette redhat-jc at insight.rr.com
Wed Apr 14 11:21:25 UTC 2004


William Hooper wrote:
> Jim Cornette said:
> 
>>If the bug-buddy idea would overload mail servers.Maybe a cron job set
>>to parse repeated errors locally and to mail the reports periodically
>>might work to reduce all of the policy related security linux errors.
> 
> 
> Fedora already ships logwatch, so just a filter is needed.  File a RFE and
> possibly an upstream request (logwatch-suggestions at logwatch.org).
> 

Thanks for the suggestion. I sent the message below to the logwatch 
address in the link. Contents below.

Jim

----------------------------------

Since SELinux is so dependent on proper permissions on the system and 
effects a lot of factors. I was thinking that there could be some 
addition to logwatch to parse repeated avc errors and send the outputs 
to developers periodically.

This is a job that the developers know what errors are valid for aiding 
their forward refinements to the security Linux concept. Automated 
reporting sounds like the most productive way to accomplish this error 
tracking.

Hopefully, this automatic logging and informing developers can be used 
for the early stages of development, then slacked off after refinements 
are successfully implemented and errors with SELinux are very few.

Jim





More information about the fedora-test-list mailing list