2009-03-05 16:24:06

by Daniel Walsh

Subject: [refpolicy] roles_auditadm.patch

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F11/roles_auditadm.patch

Cleanup auditadm

auditadm should not have all these roles, needs to read kernel ring
buffer (dmesg?)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkmv/KYACgkQrlYvE4MpobMHYQCePM5fnYRtzG+A00Btu7g3EKoh
638An2oqpFv532zrDSfQvLNKiXiU5Lgx
=7wUX
-----END PGP SIGNATURE-----

2009-03-11 14:53:43

by cpebenito

Subject: [refpolicy] roles_auditadm.patch

On Thu, 2009-03-05 at 12:24 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/roles_auditadm.patch
>
> Cleanup auditadm
>
> auditadm should not have all these roles, needs to read kernel ring
> buffer (dmesg?)

Merged, except I kept screen, su, and sudo, which I feel are reasonable
apps for auditadm to use.

Yes, dmesg is a tool for reading the kernel ring buffer.

--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150