To cut the long story short - I need to find out what part of the source
code in a given application/process triggers the need for a particular
SELinux permission - process:setsched, capability:setpcap or
capability:net_admin for example.


I am guessing this is all done via appropriate SELInux hooks, but I need
to find a way to trace that back (stack trace?) to the originating
code/process, which triggers this. Is there a way I could do that?

--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/29/2012 01:01 PM, Mr Dash Four wrote:
> To cut the long story short - I need to find out what part of the
> source code in a given application/process triggers the need for a
> particular SELinux permission - process:setsched,
> capability:setpcap or capability:net_admin for example.
>
> I am guessing this is all done via appropriate SELInux hooks, but I
> need to find a way to trace that back (stack trace?) to the
> originating code/process, which triggers this. Is there a way I
> could do that? -- selinux mailing list
> selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux

Questions like this should be asked on the SELinux list.
<selinux@tycho.nsa.gov>

More likely to get kernel guys to pay attention.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk9OoioACgkQrlYvE4MpobNsZACZASrj16/qDkCUXWMcT8kCzNLD
OEMAnA3cqD7/vpb5+xurE526cN5bXCkP
=yWvH
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux