http://people.fedoraproject.org/~dwalsh/SELinux/F13/system_logging.patch
New log context
Allow setting audit tty
Fixing interfaces
On Tue, 2010-02-23 at 17:16 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F13/system_logging.patch
>
> New log context
>
> Allow setting audit tty
>
> Fixing interfaces
Why are the sockets being set to system high? Same thing for the pid
file? They don't have sensitive data.
The logging_manage_all_logs() change is excessive, as "manage" doesn't
include relabeling.
Why does auditd need to use nsswitch?
Otherwise merged.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
On 03/17/2010 02:40 PM, Christopher J. PeBenito wrote:
> On Tue, 2010-02-23 at 17:16 -0500, Daniel J Walsh wrote:
>
>> http://people.fedoraproject.org/~dwalsh/SELinux/F13/system_logging.patch
>>
>> New log context
>>
>> Allow setting audit tty
>>
>> Fixing interfaces
>>
> Why are the sockets being set to system high? Same thing for the pid
> file? They don't have sensitive data.
>
>
All audit data is SystemHigh. /var/log/messages also.
> The logging_manage_all_logs() change is excessive, as "manage" doesn't
> include relabeling.
>
> Why does auditd need to use nsswitch?
>
>
It calls getpw if there is a group set for the logfile.
> Otherwise merged.
>
>