Red Hat Bugzilla – Bug 144920
dbus steer avc denial messages into audit system
Last modified: 2013-03-13 00:47:17 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041216 Firefox/1.0 Fedora/1.0-6
Description of problem:
The SE Linux avc denial messages go into syslog instead of the audit
log if the audit daemon is running. The solution is to patch the SE
Linux log_callback to send the messages into the kernel for
disposition using the audit library.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. found by inspection.
Actual Results: avc denials in /var/log/messages even with audita
Expected Results: all avc denial messages in the audit daemon's logs
if its running.
Created attachment 109684 [details]
patch to redirect avc denial messages
There should be a buildrequires: audit-libs-devel >= 0.6.1 in the spec file.
Added to package cvs. Will build into rawhide monday so packages that
depend on specific dbus versions don't break rawhide over the weekend.