4

Can selinux log an application owner name?

view full story
linux-howto

http://unix.stackexchange.com – So I've set up selinux to log all file access operations in a certain directory. Here's some sample log output when doing an ls from sftp: type=AVC msg=audit(1338465611.221:356): avc: granted { getattr } for pid=5973 comm="sftp-server" path="/polog" dev=dm-0 ino=1966081 scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:polog_t:s0 tclass=dir sftp in this case is running as user1, is there a way to have selinux log this username as well or should I be taking a different approach? Here's my policy files: ---polog.te--- policy_module(polog, 1.0. (HowTos)