On Fri, 2004-04-09 at 03:01, Karl MacMillan wrote: > > -----Original Message----- > > From: fedora-devel-list-bounces@xxxxxxxxxx [mailto:fedora-devel-list- > > bounces@xxxxxxxxxx] On Behalf Of Chris Kloiber, RHCX > > Sent: Thursday, April 08, 2004 3:17 AM > > To: Development discussions related to Fedora Core > > Subject: Re: Forward looking to FC2 final and SELinux > > > > > > I would like to see permissive mode the default, but don't spam > > /dev/console. Instead log the avc errors to a different local# facility, > > and capture that information separately from /var/log/messages. A gui > > log viewer specifically for the selinux.log that could parse the denial > > messages and propose policy source changes on a per-application basis > > would be very nice, probably a pipe dream short term though. > > > > A gui log viewer called seaudit is part of the setools package from Tresys > (http://www.tresys.com/selinux/index.html - screenshot here > http://www.tresys.com/Downloads/selinux-tools/seaudit/seaudit.gif ). Dan > Walsh has created packages that part of Fedora Core 2. > > Note that this tool doesn't suggest policy changes. I think that it is > non-trivial to create a tool to suggest useful policy changes and even then > any suggestions would have to be carefully considered by the user. > > Karl Thanks, now if I can ever get 'rawhide-latest' installed on my eMachines M6807 laptop... :) -- Chris Kloiber, RHCX Red Hat, Inc.
