On Tuesday, September 15, 2020 1:33:32 PM EDT Chris PeBenito wrote:
> Signed-off-by: Chris PeBenito <chpebeni@xxxxxxxxxxxxxxxxxxx>
> ---
> libselinux/src/avc_internal.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/libselinux/src/avc_internal.c b/libselinux/src/avc_internal.c
> index 572b2159..53a99a1f 100644
> --- a/libselinux/src/avc_internal.c
> +++ b/libselinux/src/avc_internal.c
> @@ -59,7 +59,7 @@ int avc_process_setenforce(int enforcing)
> int rc = 0;
>
> avc_log(SELINUX_SETENFORCE,
> - "%s: received setenforce notice (enforcing=%d)\n",
> + "%s: op=setenforce lsm=selinux enforcing=%d res=1",
> avc_prefix, enforcing);
> if (avc_setenforce)
> goto out;
> @@ -81,7 +81,7 @@ int avc_process_policyload(uint32_t seqno)
> int rc = 0;
>
> avc_log(SELINUX_POLICYLOAD,
> - "%s: received policyload notice (seqno=%u)\n",
> + "%s: op=load_policy lsm=selinux seqno=%u res=1",
> avc_prefix, seqno);
> rc = avc_ss_reset(seqno);
> if (rc < 0) {
These look good from an audit perspective.
Thanks,
-Steve
