On Thu, Sep 14, 2006 at 03:44:12PM -0500, Michael C Thompson wrote: > I'm seeing no audit record get produced if a newrole attempt fails due > to an invalid context... is this known and expected?
I guess you could argue that an invalid attempt to use newrole doesn't count as "unsuccessful" as far as the protection profile audit requirements are concerned, similar to how you don't need an audit record if you call a trusted program with unsupported command line flags. The cleaner solution would be to have an audit record. -Klaus -- redhat-lspp mailing list [email protected] https://www.redhat.com/mailman/listinfo/redhat-lspp
