Are you running without enforcing just for testing? When you turn off enforcing it only logs once (by design) but I think it should log the denial every single time in enforcing mode. -Eric On 10/17/07, Hasan Rezaul-CHR010 <CHR010@xxxxxxxxxxxx> wrote: > Hi All, > > I am using a Fedora 6 STRICT policy as my base, and have written some > additional custom policies on top. > > For example, I have allowed certain domains (e.g. staff_t) to modify > file types of etc_t > And I have disallowed other domains (e.g. user_t) to modify file types > of etc_t. > > When user_t makes the first attempt to modify an etc_t file, I do get > DENY events :-) > > But subsequent attempts by user_t to modify etc_t files *DO NOT* > generate any more events ?!? > > - Is this by design ??? > > - Is there something I can do such that EVERY time user_t attempts to > modify a file type etc_t , I will get a corresponding DENY ? > > - In other words, I would like every violation attempt to be reported in > the audit.log file, even if the same violation occurs multiple times in > the same session. > > Thanks in advance, > > - Rezaul. > > > -- > This message was distributed to subscribers of the selinux mailing list. > If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with > the words "unsubscribe selinux" without quotes as the message. > -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
