type=USER_ROLE_CHANGE
Steve Grubb
sgrubb at redhat.com
Sun Jul 16 12:41:43 UTC 2006
On Thursday 13 July 2006 17:03, Michael C Thompson wrote:
> In doing some tests, I've noticed that the USER_ROLE_CHANGE audit record
> is associated with both newrole, and semanage user -[ad].
semanage should also be using these:
#define AUDIT_ROLE_ASSIGN 2301 /* Admin assigned user to role */
#define AUDIT_ROLE_REMOVE 2302 /* Admin removed user from role */
USER_ROLE_CHANGE should only be used when newrole is used. If semanage needs
more record types let me know.
-Steve
More information about the Linux-audit
mailing list