Open Stack

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The quickest way to handle this is to look at the audit subsystem and
invoke auditing, you can also use inotify (like pynotify) to track
specific files. If as you mentioned the use case is creating AppArmour
profiles then you'll want to look at our SELinux policies and a dump
of the file system permissions (e.g. which files have which
permissions applied to them). If you need assistance with thins ping
me, I've used both for some time. Sadly there is no tool to convert
policies (that I know of), but with dumps of file permissions and the
selinux policies you should be able to convert it without to much pain.


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQIcBAEBAgAGBQJSitFEAAoJEBYNRVNeJnmTlP0P/3IK7CO2X8icIXAkJUyo/9IB
IN2Fes3hQ3TQ2zVc6HG+z/5hgSMiDIKDeLK6PXHGNlJ+gwfRGtPquQEgtKNyP1fF
FM9kStVBrckzOkkO3D9yEwkCpM+1AKEdxcy3ZlJa9R/inITH3nVrBQj3YIZks99F
WM+w8HjfybWE3lWRg0NXP75lDfZHRao7TOFn4s4PgLTVxVw6CLP403f7g6Y9ltTd
nyW+PPEjJRp+MAguYx0/cHmoxyq/lNEWJjpdnGeObiBqCsLv49iMi2O3sRInUPr6
l/8HIoy/n/IcJIXxlPr73vtS+tNbKpfxADHbUTRZMClKvsNugUc7zPgGStYLcmbG
CB27kkcarZL8lUqTj6KFA9Zmjp16rWWjnPEqX6pOb0uifOFLrILwIA9OyA9x5TS4
4dh9tvPCO3w52yuiv2Y/1R0e6tC0zCMKSZkpDndT04b4EdeXP+BebWMpajRa7Q4f
ZQQhK6BbV2D++FcsbtRrXNs/3cflfN2Uihyw375tIZPyRDrxIxlnRuzBrKiSmD98
wANYr+8NxNCNqylIi1jCGLaZUHJSns8ek3GawRGq9E7hoCDgqX3AbgcbWZjX7ZA7
vFE3cQiDIAILNuqjzE/2jQUGNkt3bURZEzdtxToJj9KrGhzhk8/bU2+J7OAnub/3
aoC/JhmBtYmv1LdW4fUb
=U0tS
-----END PGP SIGNATURE-----