From mboxrd@z Thu Jan  1 00:00:00 1970
From: Steve Grubb <sgrubb@redhat.com>
Subject: Re: SELinux policy reload cannot be sent to audit system
Date: Thu, 05 Nov 2015 08:20:15 -0500
Message-ID: <1545408.jriTJxqJyO@x2>
References: <5638DB63.7010204@debian.org> <563B1409.3030803@debian.org>
	<563B20B9.6050209@debian.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Return-path: <linux-audit-bounces@redhat.com>
In-Reply-To: <563B20B9.6050209@debian.org>
List-Unsubscribe: <https://www.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

On Thursday, November 05, 2015 10:26:17 AM Laurent Bigonville wrote:
> Le 05/11/15 09:32, Laurent Bigonville a =E9crit :
> > Le 05/11/15 04:23, Steve Grubb a =E9crit :
> >> I tested this on Fedora 22 and did not get a USER_AVC from dbus, but
> >> I also did not get an error message in syslog. So, I don't know what to
> >> make of it.
> >> (And for the record, I have a bz open saying that USER_AVC is the
> >> wrong event type. They are blaming libselinux but I blame them for not
> >> using AUDIT_USER_MAC_POLICY_LOAD.)
> > =

> > The audit code in dbus has been refactored a bit in the version
> > present F23 and debian unstable, so it might be related to this that.
> > =

> > Do you still have the number of that bz bug?
> =

> BTW, systemd is also apparently sending a USER_AVC event when the policy
> is reloaded.

This is bz 1195330.

-Steve