start setroubleshootd as audisp plugin

[Christoph Höger]

Hi,

thanks to Steve Grubb I figured out how to make setroubleshootd start as
an auditd plugin.
with the two files attached (plugin conf and selinux module) it should
be a little faster in boot (see attached bootchart).

Anyone wants to bring that into the setroubleshoot/audit pkg?

regards

christoph

-------------- next part --------------
A non-text attachment was scrubbed...
Name: bootchart.png
Type: image/png
Size: 184669 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20080926/b5b3ddfa/attachment.png>
-------------- next part --------------
policy_module(auditd-troubled,0.1)

gen_require(` type setroubleshootd_exec_t; ')
gen_require(` type setroubleshootd_t; ')
gen_require(` type audisp_t; ')

allow audisp_t setroubleshootd_exec_t:file read_file_perms;
allow audisp_t setroubleshootd_exec_t:file execute;
domain_auto_trans(audisp_t, setroubleshootd_exec_t, setroubleshootd_t)
corecmd_exec_bin(audisp_t)
allow setroubleshootd_t audisp_t:unix_stream_socket { ioctl read write };
allow audisp_t setroubleshootd_t:process signal;
-------------- next part --------------
active = yes
direction = out
path = /usr/sbin/setroubleshootd
type = always
args = -f
format = string
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20080926/b5b3ddfa/attachment.sig>