"Watch"ing a directory

Wieprecht, Karen M. Karen.Wieprecht at jhuapl.edu
Wed Aug 22 20:37:21 UTC 2007

Previous message (by thread): "Watch"ing a directory
Next message (by thread): "Watch"ing a directory
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

We catch failures to cd into a directory with the rule "-a exit,always
-S all -F exit=-13"

Perhaps this captures too much, but it does seem to get the failed cd
attempts.  

Karen Wieprecht

Previous message (by thread): "Watch"ing a directory
Next message (by thread): "Watch"ing a directory
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Linux-audit mailing list