[prev in list] [next in list] [prev in thread] [next in thread] 

List:       selinux
Subject:    Re: Another Question
From:       Russell Coker <russell () coker ! com ! au>
Date:       2002-12-09 18:38:19
[Download RAW message or body]

On Mon, 9 Dec 2002 18:53, Richard Mayo wrote:
> While running in enforcing mode, is it possible to allow certain actions,
> but still to audit their occurences?

auditallow.

> (perhaps with some command working the opposite of "neveraudit")

dontaudit.


These are used in the sample policy.  dontaudit is a newer addition so it's 
not in the earlier documents, but it should be in the latest doco, auditallow 
is well documented.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
[prev in list] [next in list] [prev in thread] [next in thread]