On Thursday 13 July 2006 17:03, Michael C Thompson wrote: > In doing some tests, I've noticed that the USER_ROLE_CHANGE audit record > is associated with both newrole, and semanage user -[ad].
semanage should also be using these: #define AUDIT_ROLE_ASSIGN 2301 /* Admin assigned user to role */ #define AUDIT_ROLE_REMOVE 2302 /* Admin removed user from role */ USER_ROLE_CHANGE should only be used when newrole is used. If semanage needs more record types let me know. -Steve -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
