audit-0.6.7 released
Debora Velarde
dvelarde at us.ibm.com
Thu Mar 10 23:57:48 UTC 2005
I am using kernel: 2.6.11-1.1176_FC4.
Steve Grubb
<sgrubb at redhat.co
m> To
Sent by: Linux Audit Discussion
linux-audit-bounc <linux-audit at redhat.com>
es at redhat.com cc
Subject
03/10/2005 04:02 Re: audit-0.6.7 released
PM
Please respond to
Linux Audit
Discussion
On Thursday 10 March 2005 15:55, Debora Velarde wrote:
> But I'm not sure that enabled really is 1. Because if you start adding
> rules and executing syscalls, the audit records go to /var/log/messages
> instead of /var/log/audit.log.
This sounds like the kernel bug that I was chasing over the weekend. What
kernel are you using? I'm using the latest from the yum repo (I think .11)
and don't see this problem.
If enabled is 1 & the pid matches the audit daemon's, the audit daemon had
better get the packets or there's a kernel problem. The kernel decides the
packet disposition between auditd & syslog.
-Steve
--
Linux-audit mailing list
Linux-audit at redhat.com
http://www.redhat.com/mailman/listinfo/linux-audit
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20050310/a24a7a2d/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: graycol.gif
Type: image/gif
Size: 105 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20050310/a24a7a2d/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pic19202.gif
Type: image/gif
Size: 1255 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20050310/a24a7a2d/attachment-0001.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ecblank.gif
Type: image/gif
Size: 45 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20050310/a24a7a2d/attachment-0002.gif>
More information about the Linux-audit
mailing list