[prev in list] [next in list] [prev in thread] [next in thread]
List: selinux
Subject: Re: Permissive mode for xace is broken.
From: Steve Grubb <sgrubb () redhat ! com>
Date: 2008-02-28 21:17:16
Message-ID: 200802281617.17223.sgrubb () redhat ! com
[Download RAW message or body]
On Thursday 28 February 2008 13:51:05 Stephen Smalley wrote:
> On Thu, 2008-02-28 at 13:48 -0500, Eamon Walsh wrote:
> > Stephen Smalley wrote:
> > > On Mon, 2008-02-25 at 20:12 -0500, Eamon Walsh wrote:
> > >> Eamon Walsh wrote:
> > >>> The X object manager logs all avc's and status messages (including
> > >>> the AVC netlink stuff) through the audit system using libaudit calls
> > >>> (audit_log_user_avc_message, etc.)
Please tell me they have different record types. Also do you have any samples
that we can look over to make sure they conform?
> > > Can you verify that the X server was able to create the audit socket
> > > successfully?
> >
> > Yes, because when I actually install the audit package, things started
> > appearing in /var/log/audit/audit.log. I did not have the audit package
> > installed. Why isn't it redirecting to /var/log/messages in this case?
It should be if you have audit enabled. Perhaps you didn't boot with audit=1?
-Steve
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic