Assorted questions

Thu Aug 9 14:34:06 UTC 2007

Questions relate to RHEL4 (unless they don't).

What are the meanings of the following fields from the SYSCALL record:
* items
* fsuid
* fsgid

What are the meanings of the following fields from the PATH record:
* flags 
* rdev

How can I programmatically translate an architecture into human, eg
40000003 => 'i686'?

Is there a way of doing a syscall name lookup without having root?

In RHEL5, what's the equivalent of 'auditctl -t'?

Is there any master documentation I've missed? I'm only aware of the man
pages.

Thanks,

Matt
-- 
Matthew Booth, RHCA, RHCSS
Red Hat, Global Professional Services

M:       +44 (0)7977 267231
GPG ID:  D33C3490
GPG FPR: 3733 612D 2D05 5458 8A8A 1600 3441 EA19 D33C 3490
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20070809/581f9e83/attachment.sig>