Closed rgbriggs closed 6 years ago
Sure. That said, you'd need permission from selinux community to mess with their events.
I'm really not sure this is worth the risk; we stand a reasonable chance of breaking stuff (setroubleshoot, audit2allow, etc.) simply so the output is a little more consistent. Consistency is nice, but I think we missed our opportunity here.
Perhaps most importantly, as the SELinux kernel maintainer I'm going to NACK this for the time being, so let's close this as WONTFIX.
@stevegrubb Are these worth normalizing the listed fields?
Should "oldcontext" be switched to "old-scontext", "newcontext" to "scontext", "taskcontext" to "tcontext"?