So I gave it a shot and nothing changed. I did however notice some oddity with my serial console though. I get some udevd failures in enforcing and I see the Permission Denied messages there, but I see no audit associated with them on the console. I'm able to get into my system to check dmesg and lo and behold there are audits in dmesg for that udev service that couldn't start. -Aaron -----Original Message----- From: Stephen Smalley [mailto:sds@xxxxxxxxxxxxx] Sent: Friday, April 24, 2015 11:36 AM To: Spector, Aaron; SELinux (selinux@xxxxxxxxxxxxx); Paul Moore (paul@xxxxxxxxxxxxxx) Subject: Re: Switching to enforcing mode introduces new policy issues? On 04/24/2015 12:33 PM, Stephen Smalley wrote: > On 04/24/2015 12:30 PM, Spector, Aaron wrote: >> Correct, I'm not running auditd. >> >> Is it worth removing the printk_ratelimit call in audit_printk_skb() in audit.c for experimentation purposes? Just let it printk all the audits and if it rolls over, oh well? > > Sure. We actually do that in our kernel trees for Android policy development, e.g. https://bitbucket.org/seandroid/kernel-msm/commits/0388e1630648c481e42929135babb1dbba272e27 _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
