FC5 MLS Policy: auditctl permission denied
Michael C Thompson
mcthomps at us.ibm.com
Thu Mar 30 15:58:34 UTC 2006
Hey Steve,
Under the FC5 MLS policy, what is the magic incantation of SELinux role
and MLS range that will make auditctl go? I've tried staff_r, with staff_t
and SystemLow, which I did not expect to work (and it didn't). I've also
tried sysadm_[rt] and secadm_[rt] with both SystemHigh and SystemLow. So
far, no combination has lead to auditctl being usable. secadm & sysadm
attempts resolve in a direct bash denial message, whereas staff _can_
execute audit, but I get the messages:
"Error sending (rule/watch) list request (Permission denied)"
Anyone know the magic or is this a policy bug?
Thanks,
Mike
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20060330/580546ac/attachment.htm>
More information about the Linux-audit
mailing list