[DSE-User] Audit data collection?
Jason Riedy
jason at acm.org
Thu Jul 19 23:09:32 UTC 2007
Is there a tool that correlates audit messages from permissive
mode with the servers / packages that are involved? I discovered
audit2allow and audit2why, but digging out the responsible
packages sometimes requires more time than I have available.
Actually, a central repository of such reports could be pretty
useful... Admins could reboot with selinux=1, run the tool for a
few days, then send a summary. Then someone (the hard part)
could either file appropriate bugs or pass the problem upstream.
Then people without time to learn the rule language could
contribute at least some usage data.
Jason
[please CC; I'm not subscribed and this list doesn't seem to be
on Gmane...]
More information about the Selinux-user
mailing list