HP has posted an updated version of the audit-test suite for the audit and MLS
portions of CAPP/LSPP/RBACPP certification on RHEL5.1.
http://sourceforge.net/projects/audit-test/
The suite (2090) is available as a tarball, a source rpm, and as a noarch
rpm which will install files into /usr/local/
Stephen Smalley wrote:
> On Wed, 2008-03-12 at 08:40 -0700, Casey Schaufler wrote:
>> --- Stephen Smalley <[EMAIL PROTECTED]> wrote:
>>
>>> On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote:
Hi!,
Setup the new Audit hooks for Smack. The AUDIT_SUBJ_USER and
AUDIT_OBJ_USE
--- "Ahmed S. Darwish" <[EMAIL PROTECTED]> wrote:
>
> > Perhaps I misunderstand, but Smack labels don't represent users (i.e.
> > user identity) in any way, so it seemed like a mismatch to use the _USER
> > flag there. Whereas types in SELinux bear some similarity to Smack
> > labels - simple u
On Wed, Mar 12, 2008 at 11:48:17AM -0400, Stephen Smalley wrote:
>
> On Wed, 2008-03-12 at 08:40 -0700, Casey Schaufler wrote:
> > --- Stephen Smalley <[EMAIL PROTECTED]> wrote:
> >
> > >
> > > On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote:
> > > > Hi!,
> > > >
> > > > Setup the new
On Wed, 2008-03-12 at 08:40 -0700, Casey Schaufler wrote:
> --- Stephen Smalley <[EMAIL PROTECTED]> wrote:
>
> >
> > On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote:
> > > Hi!,
> > >
> > > Setup the new Audit hooks for Smack. The AUDIT_SUBJ_USER and
> > > AUDIT_OBJ_USER SELinux flags
--- Stephen Smalley <[EMAIL PROTECTED]> wrote:
>
> On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote:
> > Hi!,
> >
> > Setup the new Audit hooks for Smack. The AUDIT_SUBJ_USER and
> > AUDIT_OBJ_USER SELinux flags are recycled to avoid `auditd'
> > userspace modifications. Smack only n
On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote:
> Hi!,
>
> Setup the new Audit hooks for Smack. The AUDIT_SUBJ_USER and
> AUDIT_OBJ_USER SELinux flags are recycled to avoid `auditd'
> userspace modifications. Smack only needs auditing on
> a subject/object bases, so those flags were
Hi!,
[ Minor styling fixes ]
-->
Setup the new Audit hooks for Smack. SELinux Audit rule fields
are recycled to avoid `auditd' userspace modifications.
Currently only equality testing is supported on labels acting
as a subject (AUDIT_SUBJ_USER) or as an object (AUDIT_OBJ_USER).
Signed-off-by: