Security Enhanced Linux
What's New
Frequently Asked Questions
Background
Documents
License
Download
Participating
Mail List
Archives
Remaining Work
Contributors
Related Work
Press Releases
Information Assurance Research
NIARL In-house Research Areas
Mathematical Sciences Program
Sabbaticals
Computer & Information Sciences Research
Technology Transfer
Advanced Computing
Advanced Mathematics
Communications & Networking
Information Processing
Microelectronics
Other Technologies
Technology Fact Sheets
Publications
Related Links
|
SELinux Mailing ListRe: [PATCH] change printks from KERN_INFO to KERN_DEBUG
From: Stephen Smalley <sds_at_tycho.nsa.gov>
Date: Tue, 19 Dec 2006 16:34:56 -0500
Possibly this should be KERN_ERR. Or dropped.
> hooks.c: printk(KERN_INFO "%s: Registering secondary module %s\n", I'd keep this one as KERN_INFO or turn it into an audit message.
> hooks.c: printk(KERN_INFO "%s: trying to unregister a security module " KERN_ERR or drop.
> hooks.c: printk(KERN_INFO "SELinux: Disabled at boot.\n"); Keep as KERN_INFO or turn it into an audit message. Corresponds to booting with selinux=0.
> hooks.c: printk(KERN_INFO "SELinux: Initializing.\n"); I'd turn the above three messages into KERN_DEBUG messages.
> hooks.c: printk(KERN_INFO "SELinux: Disabled at runtime.\n"); Keep as KERN_INFO or turn into audit. Corresponds to SELINUX=disabled in /etc/selinux/config or equivalent (e.g. boot with init=/bin/bash and write to /selinux/disable).
> ss/avtab.c: printk(KERN_INFO "%s: %d entries and %d/%d buckets used, longest " <- wrapped in DEBUG_HASHES
KERN_DEBUG.
Not sure. Possibly KERN_DEBUG.
> ss/services.c: printk(KERN_INFO <- missing class definitions in policy Possibly an audit message?
> ss/sidtab.c: printk(KERN_INFO "%s: %d entries and %d/%d buckets used, longest " <- inside #if 0 KERN_DEBUG or drop.
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c This one should actually be KERN_ERR, I suspect. -- Stephen Smalley National Security Agency -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message.Received on Tue 19 Dec 2006 - 16:41:27 EST |
|
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009 |