Bug 144920 - dbus steer avc denial messages into audit system
Summary: dbus steer avc denial messages into audit system
Alias: None
Product: Fedora
Classification: Fedora
Component: dbus   
(Show other bugs)
Version: rawhide
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: John (J5) Palmieri
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2005-01-12 19:19 UTC by Steve Grubb
Modified: 2013-03-13 04:47 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2005-02-03 21:17:10 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
patch to redirect avc denial messages (2.78 KB, patch)
2005-01-12 19:23 UTC, Steve Grubb
no flags Details | Diff

Description Steve Grubb 2005-01-12 19:19:32 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041216 Firefox/1.0 Fedora/1.0-6

Description of problem:
The SE Linux avc denial messages go into syslog instead of the audit
log if the audit daemon is running. The solution is to patch the SE
Linux log_callback to send the messages into the kernel for
disposition using the audit library.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. found by inspection.

Actual Results:  avc denials in /var/log/messages even with audita
daemon running.

Expected Results:  all avc denial messages in the audit daemon's logs
if its running.

Additional info:

Comment 1 Steve Grubb 2005-01-12 19:23:13 UTC
Created attachment 109684 [details]
patch to redirect avc denial messages

There should be a buildrequires: audit-libs-devel >= 0.6.1 in the spec file.

Comment 3 John (J5) Palmieri 2005-01-21 23:41:59 UTC
Added to package cvs.  Will build into rawhide monday so packages that
depend on specific dbus versions don't break rawhide over the weekend.

Comment 4 John (J5) Palmieri 2005-02-03 21:17:10 UTC

Note You need to log in before you can comment on or make changes to this bug.