[prev in list] [next in list] [prev in thread] [next in thread]
List: fedora-selinux-list
Subject: Re: SELinux revisited
From: Steve G <linux_4ever () yahoo ! com>
Date: 2007-10-21 13:19:58
Message-ID: 419109.28932.qm () web51509 ! mail ! re2 ! yahoo ! com
[Download RAW message or body]
> > # This file contains the auditctl rules that are loaded
> > # whenever the audit daemon is started via the initscripts.
> > # The rules are simply the parameters that would be passed
> > # to auditctl.
> >
> > # First rule - delete all
> > -D
> >
> > # Increase the buffers to survive stress events.
> > # Make this bigger for busy systems
> > -b 320
> >
> > # Feel free to add below this line. See auditctl man page
> >
> > -a exit,always -S chroot
> > #-a exit,always -S chdir -F obj_type=dhclient_t
>
> I don't know the rule syntax, but just looking at the source, it
appears
> to me that the rule on line 15 is malformed (at least compared to the
> others).
All of those rules look fine for audit package > 1.3 and kernel probably > 2.6.21. \
But those rules are not default and would have taken some research to come up with \
since I know of no public examples of auditing by selinux context.
-Steve
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic