From mboxrd@z Thu Jan  1 00:00:00 1970
From: Steve Grubb <sgrubb@redhat.com>
Subject: Re: [PATCH 00/07][RFC] RACF audit plugin
Date: Fri, 28 Sep 2007 18:43:29 -0400
Message-ID: <200709281843.30015.sgrubb@redhat.com>
References: <1190986087.4113.49.camel@klausk.br.ibm.com>
	<fdjqi0$vk2$1@sea.gmane.org>
Mime-Version: 1.0
Content-Type: text/plain;
  charset="utf-8"
Content-Transfer-Encoding: 7bit
Return-path: <linux-audit-bounces@redhat.com>
In-Reply-To: <fdjqi0$vk2$1@sea.gmane.org>
Content-Disposition: inline
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

On Friday 28 September 2007 17:09:20 Klaus Heinrich Kiwi wrote:
> On Fri, 28 Sep 2007 10:28:07 -0300, Klaus Heinrich Kiwi wrote:
> > TODO list:
> > ==========
> > - SELinux policy (currently, the plugin runs under the audit daemon
> > domain, which denies some network operations, for example)
>
> Steve,
>
>   you mentioned in an IRC chat that dwalsh has made a nice GUI tool for
> building new policy - can you point it out??

You need to have policycoreutils-gui package installed. In F7, bring up the SE 
Linux Administration tool in System | Administration. Select the Policy 
Module item in the left window pane, then click on New button in tool bar. 
This starts the druid. On rawhide/F8, I think its broken out as its own 
program in Applications | System Tools menu item.

Dan wrote a nice article about using this policy GUI tool here:

http://www.redhatmagazine.com/2007/08/21/a-step-by-step-guide-to-building-a-new-selinux-policy-module/ 

Have fun....

-Steve