Re: Braces in path field breaks audit2allow (PROPOSED FIX)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2004-08-12 at 17:47, t l wrote:
> Sorry to make the first mod so complicated.
> 
> After looking at the Perl a bit, this is simpler, but
> depends on 'important brace fields' starting with the
> brace character.  Is that correct?

I think so (I didn't write this script, and am not a perl expert
either).  The script is just trying to extract the list of permissions,
which starts with a { by itself after the avc:  denied prefix.  With
regard to your original diff, note that audit2allow captures auxiliary
audit information like path and exe for the -v option; the exceptions
for pid, dev, and ino are just to omit that information, as it was
viewed as too ephemeral to likely be useful when reviewing audit2allow
output.

-- 
Stephen Smalley <sds@xxxxxxxxxxxxxx>
National Security Agency


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux