74de835e2c
- Use libsepol.so.2 - Convert matchpathcon to selabel_lookup() - Change userspace AVC setenforce and policy load messages to audit format - Remove trailing slash on selabel_file lookups - Use kernel status page by default
38 lines
1.2 KiB
Diff
38 lines
1.2 KiB
Diff
From 7ef5b1854f75056d23e60aabc86706dfed622669 Mon Sep 17 00:00:00 2001
|
|
From: Chris PeBenito <chpebeni@linux.microsoft.com>
|
|
Date: Tue, 15 Sep 2020 13:33:32 -0400
|
|
Subject: [PATCH] libselinux: Change userspace AVC setenforce and policy load
|
|
messages to audit format.
|
|
|
|
Signed-off-by: Chris PeBenito <chpebeni@linux.microsoft.com>
|
|
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
|
|
---
|
|
libselinux/src/avc_internal.c | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/libselinux/src/avc_internal.c b/libselinux/src/avc_internal.c
|
|
index 572b2159c3ed..53a99a1fe957 100644
|
|
--- a/libselinux/src/avc_internal.c
|
|
+++ b/libselinux/src/avc_internal.c
|
|
@@ -59,7 +59,7 @@ int avc_process_setenforce(int enforcing)
|
|
int rc = 0;
|
|
|
|
avc_log(SELINUX_SETENFORCE,
|
|
- "%s: received setenforce notice (enforcing=%d)\n",
|
|
+ "%s: op=setenforce lsm=selinux enforcing=%d res=1",
|
|
avc_prefix, enforcing);
|
|
if (avc_setenforce)
|
|
goto out;
|
|
@@ -81,7 +81,7 @@ int avc_process_policyload(uint32_t seqno)
|
|
int rc = 0;
|
|
|
|
avc_log(SELINUX_POLICYLOAD,
|
|
- "%s: received policyload notice (seqno=%u)\n",
|
|
+ "%s: op=load_policy lsm=selinux seqno=%u res=1",
|
|
avc_prefix, seqno);
|
|
rc = avc_ss_reset(seqno);
|
|
if (rc < 0) {
|
|
--
|
|
2.29.0
|
|
|