On Thu, 2006-03-30 at 14:51 -0500, Daniel J Walsh wrote: > http://fedoraproject.org/wiki/SELinux/Troubleshooting/AVCDecisions#preview > > Trying to build a analysys tool to be able to translate avc messages > into possible boolean/file_context solutions. > > The idea is that we can look at the AVC messages that are generated and > figure out what the servers were trying to do. Then we can give some > advise to the administrator on the corrective measures. So what we are > looking for are expected code paths where there is a file context of > boolean available. Usually if a AVC denied is fixed with a corresponding rule, the next AVC comes up in the log (allow getattr, after that ACV:denied read, and so on). Probably we don't want to annoy the administrator with several pop-ups coming up on his screen. What do you think about that? -- Thorsten Scherf, RHCE, RHCA, RHCSS Mobile: ++49 172 61 32 548 Red Hat GLS EMEA Fax: ++49 2064 470 564
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
