Steve Grubb wrote:
On Tuesday 16 May 2006 13:23, Steve Grubb wrote:
AFAICT, there are 2 places where an access decision is made,
audit_netlink_ok in kernel/audit.c. And the other place is
selinux_nlmsg_lookup in security/selinux/nlmsgtab.c. I think you'd want to
patch your kernel to printk its access decision results in both of those
functions. That should tell us something about what's going on.
Mike,
Did you ever patch your kernel to get more info or did this problem go away in
the latest kernel (lspp.26)?
I have tested this on the 26 and 27 kernel and am still experiencing the
problem. I'm working on tracking it down now.
Mike
--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit
