Menu
▾
▴
[Selinux-commits] SF.net SVN: selinux: [2051] trunk/policycoreutils/audit2allow/avc.py
|
From: <ssm...@us...> - 2006-10-17 14:23:45
|
Revision: 2051
http://svn.sourceforge.net/selinux/?rev=2051&view=rev
Author: ssmalley
Date: 2006-10-17 07:22:47 -0700 (Tue, 17 Oct 2006)
Log Message:
-----------
Author: Yuichi Nakamura
Email: yn...@hi...
Subject: audit2allow -l is unusable in FC5
Date: 2006-09-06 1:15:11
On Tue, 5 Sep 2006 17:35:24 -0700 (PDT)
Steve G wrote:
> >There is no log saying "avc granted load_policy",
> >instead, there is audit log "audit(1157498697.581:88): policy loaded
> >auid=4294967295 ".
> Yes this is correct. This is the new way as of kernel 2.6.17. There was some
> overlap where an audit was in the policy and the kernel, but we only need one
> message. The audit2allow program should be updated to recognize the above as a
> load policy event.
I see, so avc.py should be fixed.
I wrote simple patch.
Yuichi Nakamura
Modified Paths:
--------------
trunk/policycoreutils/audit2allow/avc.py
Modified: trunk/policycoreutils/audit2allow/avc.py
===================================================================
--- trunk/policycoreutils/audit2allow/avc.py 2006-10-06 00:17:46 UTC (rev 2050)
+++ trunk/policycoreutils/audit2allow/avc.py 2006-10-17 14:22:47 UTC (rev 2051)
@@ -357,6 +357,15 @@
break
else:
dict.append(i)
+
+ if not found:
+ regexp = "audit\(\d+\.\d+:\d+\): policy loaded"
+ m = re.match(regexp, line)
+ if m !=None:
+ found =1
+ dict.append("load_policy")
+ dict.append("granted")
+
if found:
self.translate(dict)
found = 0
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
