On Tue, Oct 09, 2007 at 11:10:26AM +1000, Alex Samad wrote:
> Hi
>
>
>
> Just thought I would try out selinux, what is the best mailing list to ask
>
> questions about this.
>
>
> right now I am looking at how to forward all the audit messages to a seperate
>
> log file instead of syslog
>
>
>
> Oct 7 11:45:18 hufpuf kernel: audit(1191721518.548:757): avc: denied {
>
> search } for pid=8080 comm="spamd" name="/" dev=sdc1 ino=2
>
> scontext=user_u:system_r:spamd_t:s0 tcontext=system_u:object_r:var_log_t:s0
>
> tclass=dir
>
>
>
> is an example output in syslog and it looks like its the kernel that is
> sending
> the message, but I would like only my selinux audit lines to go into the
>
> audit.log log
> Looks like the package to install is auditd > > > > > Alex
signature.asc
Description: Digital signature
