Hi
There are many instances where SELinux policy causes AVC denials while
running programs. Some of these are policy issues, some actual bugs in
the program or security issues and others where the denial is rather
harmless and can be ignored for all practical purposes.
It is sometimes tedious to go and file a bug report methodologically on
all these denials in hope that we uncover and fix real policy issues.
What would be better is for users to run in some opt-in program that
automatically sends either the audit or messages log or both to central
server and the SELinux developers proactively fix policy issues without
the overhead of users filing bug reports.
I would gladly run a program and I would guess that many users would
find this a much better and easier way to report issues. We could even
tie this to a GUI and first boot in the installer. Kind of a smolt
(http://smolt.fedoraproject.org/stats) for SELinux if you will. Comments?
Rahul
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
