Skip to content

Commit

Permalink
fix: do not ignore AVC messages
Browse files Browse the repository at this point in the history 
AppArmor messages are also logged as AVC messages. The current
behaviour blocks them all, so no apparmor messages are printed.
Change this to allow AVC.
  • Loading branch information
@secDre4mer
secDre4mer committed May 22, 2024
1 parent 8ba9a83 commit 793a373
Showing 1 changed file with 0 additions and 3 deletions.
3 changes: 0 additions & 3 deletions audit.rules
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,9 +74,6 @@

### We put these early because audit is a first match wins system.

## Ignore SELinux AVC records
-a always,exclude -F msgtype=AVC

## Ignore current working directory records
-a always,exclude -F msgtype=CWD

Expand Down

0 comments on commit 793a373

Please sign in to comment.