Closed pebenito closed 3 years ago
Sorry for the churn on this.
I submitted a libselinux patch to clarify what should be audited from the libselinux log callback so this mistake isn't repeated, as other projects have this too.
No worries. Thanks for the update!
After discussions on the SELinux mail list related to the content of audit messages that libselinux generates, it was determined that no SELINUX_ERROR messages are auditable after all. In the future, if there are ones that need to be audited, they will have a different value in the libselinux log callback and this can be restored.
Audit messages added in bus1/dbus-broker#240 are still appropriate.
Signed-off-by: Chris PeBenito chpebeni@linux.microsoft.com