On Sat, 29 Jan 2011, Simon Brandmair <sbrandmair@xxxxxxx> wrote:
> I just started looking into SELinux. I am wondering if there is a way to
> have wildcards in avc rules like:
> auditallow source_t target_t : * * ;
> which audits all access from source_t to target_t.
>
> Or do I have to add all classes objects to the rule like:
> auditallow source_t target_t : {appletalk_socket, association,
> blk_file ... } * ;
No, there isn't such a wildcard at this time (AFAIK). It might be worth
adding one so I've moved this discussion to the SE Linux upstream mailing list
(please don't CC debian-security on future replies).
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
