On Wed, 2009-07-01 at 22:08 -0400, Christopher Pardy wrote: > This is a heavily modified version of the patch I recently submitted. It > provides 3 new functions: in libsepol sepol_get_disable_dontaudit; in > libsemanage semanage_get_disable_dontaudit; in libselinux > is_dontaudit_disabled. It also fixes issues with the previous patch. > > The justification for this patch is the same as the one I posted > earlier. Simply, there is currently no way to know if dontaudit rules > are enabled. Additionally once don't audit rules are turned they turn > themselves off after policy rebuild (is that the desired functionality?) > This patch provides a way to check on both the current and pending > state of the dontaudit rules and it maintains this state between policy > rebuilds. > > Signed-off-by Christopher Pardy <cpardy@xxxxxxxxxx> patch 0/N is generally discouraged these days - just incorporate the relevant description into the actual patch descriptions instead (which you also did, but no need to post it separately then). -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
