>A bit missing in documentation on RHEL4, however I fetched sources from rawhide >(that have some documentation). At the time tha RHEL4 shipped, the audit framework had a lot of work to go. It couldn't really be documented since the utilities didn't really exist. It is slated for inclusion in U2. Also, FC4 has a respectable piece of the audit subsystem in it. >Is Audit Framework part of SELinux, used by SELinux, or something totally >unrelated? Its a separate entity with a different control interface. SE Linux uses it to send AVC messages. The audit system determines whether an audit daemon is in use. If so the messages go to the audit daemon. If not, they go to syslog. If you want to experiment with the audit system, try out FC4. I'll probably start writing tutorials and howto's once the audit system gets closer to completion. -Steve Grubb __________________________________ Yahoo! Mail Mobile Take Yahoo! Mail with you! Check email on your mobile phone. http://mobile.yahoo.com/learn/mail -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-selinux-list
