On Fri, 2008-10-24 at 15:38 -0700, Timothy Renner wrote: > Is there any debug stream available that can tell me what is being > processed by the SELinux system? Specifically, I'd like to be able to > follow the trail from starting an executable, through its state > transitions, what files it reads, and what their file contexts are, and > what transitions happen as it calls external programs. Options: - Use system call auditing (see man pages for autrace, auditctl, auditd; ask questions on linux-audit@xxxxxxxxxx). or - Add auditallow rules to the domain for the program in order to trigger auditing of permission grantings. And of course, denials are already audited by SELinux by default. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
