AVC messages

Steve Grubb sgrubb at redhat.com
Tue Jan 4 21:22:18 UTC 2005


On Tuesday 04 January 2005 15:52, Stephen Smalley wrote:
> The policy lets you configure what is audited (via dontaudit rules to
> selectively suppress auditing of denials and via auditallow rules to
> selectively enable auditing of grantings).  

But wouldn't this mean the admin would have to have policy source installed? 
That's far too messy.

> What more do you need? 

auditctl -selinux no_avc

;)

-Steve Grubb




More information about the Linux-audit mailing list