Linux audit newbie question (Sorry probably a little boring...)
Adrian Powell
awp at cray.com
Sun May 7 14:11:06 UTC 2006
Hi,
I have a Linux system running a 2.6.5 kernel, which cannot be upgraded to a later
release for the time being. I do have the source available, and can patch it if necessary.
I wish to run some kind of system call level auditing/logging for security purposes. I have
the LaUS package installed with the PAM modules, but this does not impliment the system
call level logging that I require, without a patch. The trouble is that the only patches that I can
find are not compatible with this particular kernel.
Looking at other options, it appears that syscalltrace is no longer being developed ?.
It doesn't appear for the 2.6 kernels, and LSM again looks only good to 2.5 kernels.
The only other thing that I can find is ptrace, but has to be explicity run under each
executable ?.
What are my options here ?.
Thanks in advance,
Adrian.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20060507/68a01ece/attachment.htm>
More information about the Linux-audit
mailing list