summaryrefslogtreecommitdiff
path: root/man
diff options
context:
space:
mode:
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2015-02-23 20:06:00 -0500
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2015-04-14 21:47:20 -0400
commit17af49f24812a6dd1b3f0732e33ea5dae9e32b29 (patch)
tree630b21237bf041619345f74c29aa0e5a956a6006 /man
parent40acc203c043fd419f3c045dc6f116c3a28411d8 (diff)
selinux: use different log priorites for log messages
When selinux calls our callback with a log message, it specifies the type as AVC or INFO/WARNING/ERROR. The question is how to map this to audit types and/or log priorities. SELINUX_AVC maps to AUDIT_USER_AVC reasonably, but for the other messages we have no idea, hence we use AUDIT_USER_AVC for everything. When not using audit logging, we can map those selinux levels to LOG_INFO/WARNING/ERROR etc. Also update comment which was not valid anymore in light of journald sucking in audit logs, and was actually wrong from the beginning — libselinux uses the callback for everything, not just avcs. This stemmed out of https://bugzilla.redhat.com/show_bug.cgi?id=1195330, but does not solve it.
Diffstat (limited to 'man')
0 files changed, 0 insertions, 0 deletions