sds at epoch.ncsc.mil
Tue Dec 21 12:11:10 UTC 2004
On Mon, 2004-12-20 at 18:24, Browder, Tom wrote:
> I joined, and took a look. With the audit tools, and audit=1, do I need
> to keep SELinux turned on?
Not if all you want is auditing. But note that you'll have to set up
audit filters via auditctl to audit what you want, vs. using SELinux
policy to enable auditing on particular objects. There is ongoing work
to add support for object-based auditing in the audit framework as well,
as noted on the linux-audit list.
Stephen Smalley <sds at epoch.ncsc.mil>
National Security Agency
More information about the fedora-selinux-list