SELinux and Auditing of Security-Relevant Files
Kevin Degnan
degnan78 at yahoo.com
Wed Oct 13 22:16:57 UTC 2004
Hey folks,
I just installed Fedora Core 3 Test 3 with SELinux
turned on and in the "targeted" mode. My goal is to
simply record unsuccessful attempts to access certain
files (such as /etc/shadow and almost everything in
/var/log). The targeted mode doesn't cover this since
it only covers certain daemons, and the strict mode
was way too strict for our needs (I had trouble
logging in and it spit out tons of "avc: denied"
messages).
Is there an easy way to configure SELinux (or another
tool) to audit these files and record unsuccessful
access attempts?
Thanks,
Kevin
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com
More information about the fedora-selinux-list
mailing list