[redhat-lspp] RBAC Roles
Stephen Smalley
sds at tycho.nsa.gov
Fri Sep 23 17:40:16 UTC 2005
On Thu, 2005-09-22 at 16:49 -0400, Ivan Gyurdiev wrote:
> I can write a patch that does this if you need it.
> int sepol_audit_everything(int on);
> int semanage_audit_everything(int on);
>
> Seems like just an application of avtab_map that looks
> at the rule type...
>
> OTOH a kernel hook to control this seems better to me also.
We want something more general than just disabling/enabling all
dontaudit rules; sgrubb wants an auditctl-like interface for controlling
auditing of MAC permission checks, which could just be a utility that
uses libsemanage/libsepol to manipulate the policy and reload it. I
don't think we especially need or want a kernel change for this.
--
Stephen Smalley
National Security Agency
More information about the redhat-lspp
mailing list