[refpolicy] services_setroubleshoot.patch

Daniel J Walsh dwalsh at redhat.com
Tue Mar 24 09:00:00 CDT 2009


http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_setroubleshoot.patch

setroubleshoot has been rewritten to use dbus

needs sys_nice

Will kill itself and send signals to itself

Lots reads net_sysctls.

if a process or file becomes unlabeled_t setroubleshoot will look at it

examines all devices on the system

examines all files for at least getattr

Sends audit messages

Examines binary policy for audit2why functionality



More information about the refpolicy mailing list