[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: AVC messages



On Tue, 2005-01-04 at 14:53, Steve Grubb wrote:
> I was looking at my audit logs and have a question. Does the SE Linux AVC 
> denial messages constitute something that ought to be in the audit logs? Or 
> does it belong in syslog?
> 
> I agree that it is important information...just curious where it should really 
> live.

It belongs in an audit log, but you could certainly have multiple audit
logs, with one dedicated to SELinux (i.e. MAC) audit messages.
  
-- 
Stephen Smalley <sds epoch ncsc mil>
National Security Agency


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]