I have setup a Fedora 2 box with SELinux enabled. I'm able to add users and relabel /home to allow their .ssh keys to work, so I have a baseline install that is working. I would like to create a shared dir tree that certain users have full access to. Every file access that reads or writes data (stat, open, read, write, delete, rename, ???) should be logged, while still allowing the operation to complete. Is SELinux appropriate for that type of tracking? If so, can anyone give me a hint on the way to construct the policy? Thanks. Barry
