We are working on the Fedora SELinux FAQ
Stephen Smalley
sds at tycho.nsa.gov
Mon Jan 25 16:09:58 UTC 2010
On Mon, 2010-01-25 at 10:54 -0500, Stephen Smalley wrote:
> On Fri, 2010-01-22 at 07:48 -0500, Daniel J Walsh wrote:
> > Any comments? What should we add? What should we remove?
> >
> > http://sradvan.fedorapeople.org/SELinux_FAQ/#id2654720
>
> Meta-comment: I'm not sure what the proper dividing line between the
> Fedora SELinux FAQ and the Fedora SELinux Guide should be.
Maybe you should preface the FAQ with a strong reference to the Guide
(e.g. Please read the Fedora SELinux Guide first), and then drop all
Q&As that are already covered by the Guide. And keep the FAQ limited to
short Q&As, while elaborating at greater length on specific topics in
the Guide.
> Under "Why doesn't SELinux give me the full path in an error message?",
> you don't mention the best method, i.e. define an audit filter using
> auditctl and then retry the operation so that the path will be collected
> by the kernel and reported as a PATH record.
--
Stephen Smalley
National Security Agency
More information about the selinux
mailing list