New Version (2090) of Certification Test Suite

HP has posted an updated version of the audit-test suite for the audit and MLS portions of CAPP/LSPP/RBACPP certification on RHEL5.1. http://sourceforge.net/projects/audit-test/ The suite (2090) is available as a tarball, a source rpm, and as a noarch rpm which will install files into /usr/local/

Re: [RFC][PATCH -v2] Smack: Integrate with Audit

Stephen Smalley wrote: > On Wed, 2008-03-12 at 08:40 -0700, Casey Schaufler wrote: >> --- Stephen Smalley <[EMAIL PROTECTED]> wrote: >> >>> On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote: Hi!, Setup the new Audit hooks for Smack. The AUDIT_SUBJ_USER and AUDIT_OBJ_USE

Re: [RFC][PATCH -v2] Smack: Integrate with Audit

--- "Ahmed S. Darwish" <[EMAIL PROTECTED]> wrote: > > > Perhaps I misunderstand, but Smack labels don't represent users (i.e. > > user identity) in any way, so it seemed like a mismatch to use the _USER > > flag there. Whereas types in SELinux bear some similarity to Smack > > labels - simple u

Re: [RFC][PATCH -v2] Smack: Integrate with Audit

On Wed, Mar 12, 2008 at 11:48:17AM -0400, Stephen Smalley wrote: > > On Wed, 2008-03-12 at 08:40 -0700, Casey Schaufler wrote: > > --- Stephen Smalley <[EMAIL PROTECTED]> wrote: > > > > > > > > On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote: > > > > Hi!, > > > > > > > > Setup the new

Re: [RFC][PATCH -v2] Smack: Integrate with Audit

On Wed, 2008-03-12 at 08:40 -0700, Casey Schaufler wrote: > --- Stephen Smalley <[EMAIL PROTECTED]> wrote: > > > > > On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote: > > > Hi!, > > > > > > Setup the new Audit hooks for Smack. The AUDIT_SUBJ_USER and > > > AUDIT_OBJ_USER SELinux flags

Re: [RFC][PATCH -v2] Smack: Integrate with Audit

--- Stephen Smalley <[EMAIL PROTECTED]> wrote: > > On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote: > > Hi!, > > > > Setup the new Audit hooks for Smack. The AUDIT_SUBJ_USER and > > AUDIT_OBJ_USER SELinux flags are recycled to avoid `auditd' > > userspace modifications. Smack only n

Re: [RFC][PATCH -v2] Smack: Integrate with Audit

On Wed, 2008-03-12 at 04:44 +0200, Ahmed S. Darwish wrote: > Hi!, > > Setup the new Audit hooks for Smack. The AUDIT_SUBJ_USER and > AUDIT_OBJ_USER SELinux flags are recycled to avoid `auditd' > userspace modifications. Smack only needs auditing on > a subject/object bases, so those flags were

[PATCH -v2b] Smack: Integrate with Audit

Hi!, [ Minor styling fixes ] --> Setup the new Audit hooks for Smack. SELinux Audit rule fields are recycled to avoid `auditd' userspace modifications. Currently only equality testing is supported on labels acting as a subject (AUDIT_SUBJ_USER) or as an object (AUDIT_OBJ_USER). Signed-off-by: