SELinux policy reload cannot be sent to audit system

Hi, With dbus 1.10.2 (on Debian), when I'm running "semodule -B", the system dbus daemon is complaining with the following message: nov 03 15:02:57 soldur dbus[1057]: Can't send to audit system: USER_AVC avc: received policyload notice (seqno=3) exe="/usr/bin/dbus-daemon" sauid=102 hostname

Re: SELinux policy reload cannot be sent to audit system

On Tuesday, November 03, 2015 05:05:55 PM Laurent Bigonville wrote: > Hi, > > With dbus 1.10.2 (on Debian), when I'm running "semodule -B", the system > dbus daemon is complaining with the following message: > > nov 03 15:02:57 soldur dbus[1057]: Can't send to audit system: USER_AVC > avc: recei

Re: SELinux policy reload cannot be sent to audit system

Le 03/11/15 17:28, Steve Grubb a écrit : On Tuesday, November 03, 2015 05:05:55 PM Laurent Bigonville wrote: Hi, With dbus 1.10.2 (on Debian), when I'm running "semodule -B", the system dbus daemon is complaining with the following message: nov 03 15:02:57 soldur dbus[1057]: Can't send to audi

Re: SELinux policy reload cannot be sent to audit system

On Tue, Nov 3, 2015 at 11:28 AM, Steve Grubb wrote: > On Tuesday, November 03, 2015 05:05:55 PM Laurent Bigonville wrote: >> Hi, >> >> With dbus 1.10.2 (on Debian), when I'm running "semodule -B", the system >> dbus daemon is complaining with the following message: >> >> nov 03 15:02:57 soldur dbu

Audit Framework and namespaces

Does the audit framework work with linux namespaces? Scott Gulland HP Networking, CEB R&D 916.785.1497 Hewlett-Packard Company 8000 Foothills Blvd; MS - 5505 Roseville, CA 95747 USA [hp] -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinf

Re: SELinux policy reload cannot be sent to audit system

On Tuesday, November 03, 2015 06:12:07 PM Laurent Bigonville wrote: > Le 03/11/15 17:28, Steve Grubb a écrit : > > On Tuesday, November 03, 2015 05:05:55 PM Laurent Bigonville wrote: > >> Hi, > >> > >> With dbus 1.10.2 (on Debian), when I'm running "semodule -B", the system > >> dbus daemon is com

Re: Audit Framework and namespaces

On 15/11/03, Gulland, Scott A wrote: > Does the audit framework work with linux namespaces? The quick answer is "Some". I am not aware of any restrictions on running audit services in MNT, UTS or IPC namespaces. The upstream kernel has support for running auditd in any network namespace. Additi

Re: Audit Framework and namespaces

On Tue, Nov 3, 2015 at 12:34 PM, Gulland, Scott A wrote: > Does the audit framework work with linux namespaces? I'm sorry, you'll have to be more specific than that; what exactly are you interested in with respect to audit and namespaces? -- paul moore www.paul-moore.com -- Linux-audit mailing

Re: SELinux policy reload cannot be sent to audit system

On 15/11/03, Steve Grubb wrote: > On Tuesday, November 03, 2015 06:12:07 PM Laurent Bigonville wrote: > > Le 03/11/15 17:28, Steve Grubb a écrit : > > > On Tuesday, November 03, 2015 05:05:55 PM Laurent Bigonville wrote: > > >> Hi, > > >> > > >> With dbus 1.10.2 (on Debian), when I'm running "semo

Re: SELinux policy reload cannot be sent to audit system

Le 03/11/15 21:08, Richard Guy Briggs a écrit : On 15/11/03, Steve Grubb wrote: On Tuesday, November 03, 2015 06:12:07 PM Laurent Bigonville wrote: I'm running in permissive mode. I'm seeing a netlink open to the audit: dbus-daem 1057 messagebus7u netlink 0t0 15248 AUDIT Apparently au