Re: [PATCH] support for context based audit filtering
On Fri, Mar 10, 2006 at 02:52:51PM -0600, Darrel Goeddel wrote:
I like 'em. Here is a new patch that incorporates them. It also
moves the initialization call to selinux into the audit_init
function as you had suggested earlier. Look right?
You may want to audit_log a message indicating that the audit rules
were updated due to policy reload. And in the case when you remove a
rule because you couldn't update it, you might want to log that too.
Otherwise, looks good to me.