does SELinux can log all the files access?
Dominick Grift
domg472 at gmail.com
Thu Aug 13 11:27:25 UTC 2009
On Thu, Aug 13, 2009 at 07:18:17PM +0800, Bai Shuwei wrote:
> Hi, ALL:
> I cannot find any log tools to log all the files access, including
> delete/remove/read/write operations. So i want to know whether SELinux
> upport the functions. Thanks for your responce!
>
> Best Regards!
the audit suite can do logging: see man auditctl.
You can get selinux to log grants by adding auditallow rules.
By default selinux logs denied access unless the denial is hidden using dontaudit.
>
> Bai Shuwei
>
> --
> Love other people, as same as love yourself!
> Don't think all the time, do it by your hands!
>
> Personal URL: http://dslab.lzu.edu.cn:8080/members/baishw/
> E-Mail: baishuwei at gmail.com or baishuwei at dslab.lzu.edu.cn
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20090813/31423864/attachment.sig>
More information about the fedora-selinux-list
mailing list