On Tuesday 19 April 2005 23:07, "Christofer C. Bell"
On 4/18/05, Russell Coker <russell(a)coker.com.au> wrote:
> On Tuesday 19 April 2005 12:25, Valdis.Kletnieks(a)vt.edu wrote:
> > Personally, I'm not thrilled by the idea of sticking in dontaudit rules
> > to quiet complaints at boot time that are caused by directories that
> > are mislabelled.
> Why not?
I can't speak for Valdis, but for me the word "kludge" comes to mind.
It's not a kludge. The purpose of dontaudit rules is to prevent auditing of
operations that are not permitted, not interesting, and expected to happen.
This is exactly the situation.
Using dontaudit rules for such things also gives correct behavior in
situations where relabelling will not. As an example there is the following
dontaudit lvm_t file_t:dir search;
Without this rule the lvm utilities when run before /var is mounted would
create the /var/lock directory on the mount-point. This is not desired
functionality, the machine is in single-user mode at the time (so the lack of
locking is not a problem) and creating directories that later get hidden by
mounting a file system is not desirable.
So far no-one has provided any reasons not to use dontaudit rules.
Accusations of kludging don't count as a reason.
I don't consider file_t labelling for a mount point as "mislabelling". The
mount point directory is expected to be hidden, so generally only mount needs
to access it.
My NSA Security Enhanced Linux packages
Bonnie++ hard drive benchmark
Postal SMTP/POP benchmark
My home page