This was added to Linux 4.17 via "selinux: Report permissive mode in avc: denied messages." Signed-off-by: Dominick Grift <dominick.grift@xxxxxxxxxxx> --- src/auditing.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/auditing.md b/src/auditing.md index 19f8be6..295373a 100644 --- a/src/auditing.md +++ b/src/auditing.md @@ -161,6 +161,12 @@ section that follows. <td>tclass</td> <td>The object class of the target or object.</td> </tr> +<tr> +<td>permissive</td> +<td>Keyword introduced in Linux 4.17 to indicate whether the event +was denied or granted due to global or per-domain permissive +mode.</td> +</tr> </tbody> </table> -- 2.27.0
