[Swan-dev] if [ -f /sbin/ausearch ]; then ausearch -r -m avc -ts recent ; fi
Wewegama, Kavinda
Kavinda.Wewegama at forcepoint.com
Thu Apr 8 13:53:04 UTC 2021
The fixes for that test are waiting to be merged: https://github.com/libreswan/libreswan/pull/420
-Kavinda
> -----Original Message-----
> From: Swan-dev <swan-dev-bounces at lists.libreswan.org> On Behalf Of Paul
> Wouters
> Sent: Wednesday, April 7, 2021 9:22 AM
> To: Andrew Cagney <andrew.cagney at gmail.com>
> Cc: Libreswan Development List <swan-dev at lists.libreswan.org>
> Subject: EXTERNAL: Re: [Swan-dev] if [ -f /sbin/ausearch ]; then ausearch -r -
> m avc -ts recent ; fi
>
> On Wed, 7 Apr 2021, Andrew Cagney wrote:
>
> > I'll move it to post-mortem.sh then
> >
> > I've also pushed this:
> >
> > commit c9783475af893389cc5aaf034a2a12b7c5088775 (HEAD -> main,
> > origin/main, origin/HEAD)
> > Author: Andrew Cagney <cagney at gnu.org>
> > Date: Wed Apr 7 08:46:00 2021 -0400
> >
> > testing selinux: drop another selinux sanitizer -
> > temp-selinux-ignore.sed
> >
> > Pull back the curtain on the selinux records being found by
> > post-mortem.sh but then hidden by a sanitizer.
> >
> > For instance, ikev2-labeled-ipsec-03-multi-acquires-enforced,
> > currently
> > fails because post-mortem.sh detects the record:
> > type=AVC msg=audit(1617773741.748:165): avc: denied { setcontext }
> for pid=752 comm="pluto" ...
> > but the sanitizer then hides it (all records are dumped into
> > OUTPUT/*.avsearch.log).
>
> Yeah that seems wrong. The only possible selinux warnings to ignore are
> those related to system-unknown mounting mounts like /source and
> /testing
>
> Paul
> _______________________________________________
> Swan-dev mailing list
> Swan-dev at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan-dev
More information about the Swan-dev
mailing list