I am also trying out the new perf_event access vectors. I use the perf util for this. Whilst I wwas confining `perf` at some point there were no avc denials anymore but `perf` was segfaulting in enforcing mode. After some brute force it turns out that it wanted access to cap_syslog. My question: why was it not logging the capability2 syslog event? Could this be due to an access vectors ordering issue? -- Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02 https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02 Dominick Grift
Attachment:
signature.asc
Description: PGP signature
