From mboxrd@z Thu Jan  1 00:00:00 1970
From: Eric Paris <eparis@redhat.com>
Subject: Re: [PATCH 2/2] security/smack implement logging V3
Date: Mon, 13 Apr 2009 14:53:27 -0400
Message-ID: <1239648807.4320.4.camel@localhost.localdomain>
References: <49DCEF86.4090909@numericable.fr>
Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Return-path: <linux-audit-bounces@redhat.com>
In-Reply-To: <49DCEF86.4090909@numericable.fr>
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: Etienne Basset <etienne.basset@numericable.fr>
Cc: LSM <linux-security-module@vger.kernel.org>, linux-audit@redhat.com
List-Id: linux-audit@redhat.com

On Wed, 2009-04-08 at 20:40 +0200, Etienne Basset wrote:
> the following patch, add logging of Smack security decisions. 
> This is of course very useful to understand what your current smack policy does.
> As suggested by Casey, it also now forbids labels with ', " or \
> 
> It introduces a '/smack/logging' switch :
> 0: no logging
> 1: log denied (default)
> 2: log accepted 
> 3: log denied&accepted 
> 
> 
> Signed-off-by: Etienne Basset <etienne.basset@numericable.fr>

Acked-by: Eric Paris <eparis@redhat.com>

I don't think it's worth doing now, but if for some reason you have to
make another round....

smk_ad_setfield_u_tsk and friends could be generic functions since
SELinux could use them just as well to clear up some of their code.