On 04/21/2010 04:24 AM, Dominick Grift wrote:
On Wed, Apr 21, 2010 at 01:36:13AM -0500, Robert Nichols wrote:
Does the loading and removing of modules by semodule get logged anywhere? Apparently not. That would seem to be pretty important
/var/log/messages displays when policy is loaded. It does not display why (e.g. maybe because a particular module was disabled or removed)
It may or may not be a good idea to mention that somewhere though.
When I've been installing and removing local modules trying to fix a problem, it would be extremely useful to be able to tell what modules were in place at the time a particular AVC was logged. Without that information it is sometimes hard to tell what, if anything, got fixed by what module.