Hi Group Members , Good Morning & Happy new Year ! Can group member please provide any input / feedback for below functionality support in SELINUX : a) Is there any mechanism to generate an event / notification for selinux denials I came across Logstash, Logentries and Splunk , which i am currently looking at. Is there any selinux equivalent plugin or any other way for selinux specific. b) Is there any mechanism to block certain system call / library calls ? I came across "seccomp" from https://lwn.net/Articles/656307/ But is there any selinux equivalent plugin or any other way for selinux specific. or "seccomp" should be the preferred way for this task . Any pointer / feedback / inputs will be helpful on the same Thanks , Ashish Thanks , Ashish On Sun, Dec 27, 2020 at 2:17 PM Ashish Mishra <ashishm@xxxxxxxxxx> wrote: > > Hi All , > > For one of our internal projects we wanted to evaluate the functionality below . > Can group member please share any input w.r.t below aspect can be > implemented or any pointers on same : > > a) Is there any mechanism to generate an event / notification for > selinux denials > ( like say we have an action which is denied , so instead of user > reading log > file if there is any notification mechanism which can be used ) > > b) If there is any mechanism to block calling of certain system call's > / library calls . > ( idea is to discourage certain instances of container to avoid calling some > predefined system call & library functions ) > > Any pointers or comments or feedback on these two points will be helpful . > > Thanks , > Ashish