Great, Thank You Sir :-) -----Original Message----- From: Stephen Smalley [mailto:sds@xxxxxxxxxxxxx] Sent: Friday, September 04, 2009 9:56 AM To: Hasan Rezaul-CHR010 Cc: selinux@xxxxxxxxxxxxx Subject: RE: SELinux and SSH Timers ?... On Fri, 2009-09-04 at 10:45 -0400, Hasan Rezaul-CHR010 wrote: > My Linux kernel version is 2.6.21. So if you wanted to have SELinux audit every denial in permissive mode, you'd just apply this patch and rebuild your kernel. diff --git a/security/selinux/avc.c b/security/selinux/avc.c index da8caf1..b190eb7 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -874,10 +874,6 @@ int avc_has_perm_noaudit(u32 ssid, u32 tsid, if (!requested || denied) { if (selinux_enforcing) rc = -EACCES; - else - if (node) - avc_update_node(AVC_CALLBACK_GRANT,requested, - ssid,tsid,tclass); } rcu_read_unlock(); -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
