On 3/4/2025 4:04 PM, Jasjiv Singh wrote:
>
>
> On 3/3/2025 2:11 PM, Fan Wu wrote:
>> On Fri, Feb 28, 2025 at 3:11 PM Jasjiv Singh
>> wrote:
>>>
>>> Users of IPE require a way to identify when and why an operation fails,
>>> allowing them to both respond to violations of policy and be notified
When no audit rules are in place, AUDIT_ANOM_{LINK,CREAT} events
reported in audit_log_path_denied() are unconditionally dropped due to
an explicit check for the existence of any audit rules. Given this is a
report of a security violation, allow it to be recorded regardless of
the existence of any
On Tue, Mar 4, 2025 at 4:04 PM Jasjiv Singh
wrote:
>
>
>
> On 3/3/2025 2:11 PM, Fan Wu wrote:
> > On Fri, Feb 28, 2025 at 3:11 PM Jasjiv Singh
> > wrote:
> >>
> >> Users of IPE require a way to identify when and why an operation fails,
> >> allowing them to both respond to violations of policy an
The audit subsystem normally suppresses output when there are no rules
present to avoid overwhelming the user with unwanted messages. It could
be argued that another security subsystem would generally want to
override that default. Allow them through for fsnotify and filesystem
security violation
When no audit rules are in place, fanotify event results are
unconditionally dropped due to an explicit check for the existence of
any audit rules. Given this is a report from another security
sub-system, allow it to be recorded regardless of the existence of any
audit rules.
To test, install and
On 3/5/2025 1:23 PM, Fan Wu wrote:
> On Tue, Mar 4, 2025 at 4:04 PM Jasjiv Singh
> wrote:
>>
>>
>>
>> On 3/3/2025 2:11 PM, Fan Wu wrote:
>>> On Fri, Feb 28, 2025 at 3:11 PM Jasjiv Singh
>>> wrote:
Users of IPE require a way to identify when and why an operation fails,
allowing t
On Wed, Mar 5, 2025 at 3:27 PM Jasjiv Singh
wrote:
>
>
>
> On 3/5/2025 1:23 PM, Fan Wu wrote:
> > On Tue, Mar 4, 2025 at 4:04 PM Jasjiv Singh
> > wrote:
> >>
> >>
> >>
> >> On 3/3/2025 2:11 PM, Fan Wu wrote:
> >>> On Fri, Feb 28, 2025 at 3:11 PM Jasjiv Singh
> >>> wrote:
>
> Users of I
