Thanks for your reply!
This is a working policy for my plugin:
---
module audisp-example 1.0;
require {
type auditd_t;
type proc_t;
class dir search;
class file { getattr read };
}
# Allow auditd_t to search /proc
# Allow auditd_t to read cwd and sessionid files
allow auditd_t proc_t:dir search;
allow auditd_t proc_t:file { getattr read };
---
Thanks for your help
_______________________________________________
Linux-audit mailing list -- linux-audit@lists.linux-audit.osci.io
To unsubscribe send an email to linux-audit-le...@lists.linux-audit.osci.io
