Hello, I was wondering now that the xserver can run as non-root shouldn't the CAP_WRITE_AUDIT file capability be set on the Xorg executable? Same question for AVC denials logging with dbus session bus[0]?
And in general, does anybody has an opinion about giving this capability to $random executable? Cheers, Laurent Bigonville [0] See: https://bugs.freedesktop.org/show_bug.cgi?id=83856 -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
