auditctl behavior

[Steve Grubb]

On Tuesday 21 June 2005 14:15, Amy Griffis wrote:
> # auditctl -D
> Error receiving list (Success)
> No rules
> No watches

OK I see what's happening. -D gets a list to work from. Since the kernel has 
been changed so that kernel threads take care of doing the actual list, we 
now get an ack immediately and then the list. The ack is an error packet with 
error code of 0. I fixed this in the soon to be released 0.9.11.

Thanks,
-Steve