On 18 May 2007, at 7:35 AM, Rahul Sundaram wrote:
Lee Kok Seng wrote:
Hello,
Here is version 1.0.4 of the script previously posted.
a. Added regular expression (perl) to select messages to display
e.g avctree --re="context=~/java/" will show any avc
message that has 'java' in
scontext *or* tcontext.
e.g avctree --re="*=~/initrc/" will show any avc messages
that has 'su' anywhere.
b. Added message selection based on age of message
e.g avctree --age 3h will show avc messages not older than 3
hours from when you run the script.
c. Added 'unique' format of print
e.g avctree --uniq will show avc messages that are unique
once, i.e. scontext, tcontext, comm,
name, dev, ino, key all match up (except time tag, audit tag,
pid ... so, use with this in mind)
Try this: avctree --uniq --age 1d
/ks
How about submitting and maintaining this as a package in Fedora?
http://fedoraproject.org/wiki/PackageMaintainers/Join
Rahul
No issue with me, but this is a simple script, does it warrant being
a package?
Let me understand more what kind of work it takes to going down that
path.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
