No Denial

Stephen Smalley sds at
Tue Dec 21 12:11:10 UTC 2004

On Mon, 2004-12-20 at 18:24, Browder, Tom wrote:
> I joined, and took a look.  With the audit tools, and audit=1, do I need
> to keep SELinux turned on?

Not if all you want is auditing.  But note that you'll have to set up
audit filters via auditctl to audit what you want, vs. using SELinux
policy to enable auditing on particular objects.  There is ongoing work
to add support for object-based auditing in the audit framework as well,
as noted on the linux-audit list.

Stephen Smalley <sds at>
National Security Agency

More information about the fedora-selinux-list mailing list