Running auditd from Raspberry Pi (Raspbian)
Kangkook Jee
aixer77 at gmail.com
Mon Oct 26 20:57:18 UTC 2015
I added “—with-armeb” should it be just “—with-arm” ?
This following shows my configuration status.
pi at raspberrypi ~/audit-2.4.4 $ grep arm config.status
ac_cs_config="'--with-armeb'"
set X /bin/bash './configure' '--with-armeb' $ac_configure_extra_args --no-create --no-recursion
host='armv7l-unknown-linux-gnueabihf'
build='armv7l-unknown-linux-gnueabihf'
sys_lib_search_path_spec='/usr/lib/gcc/arm-linux-gnueabihf/4.9 /usr/lib/arm-linux-gnueabihf /usr/lib /lib/arm-linux-gnueabihf /lib '
sys_lib_dlsearch_path_spec='/lib64 /usr/lib64 /lib /usr/lib /opt/vc/lib /lib/arm-linux-gnueabihf /usr/lib/arm-linux-gnueabihf /usr/lib/arm-linux-gnueabihf/libfakeroot /usr/local/lib '
S["target_cpu"]="armv7l"
S["target"]="armv7l-unknown-linux-gnueabihf"
S["host_cpu"]="armv7l"
S["host"]="armv7l-unknown-linux-gnueabihf"
S["build_cpu"]="armv7l"
S["build"]="armv7l-unknown-linux-gnueabihf”
> On Oct 26, 2015, at 4:37 PM, Steve Grubb <sgrubb at redhat.com> wrote:
>
> On Monday, October 26, 2015 04:25:57 PM Kangkook Jee wrote:
>> Dear Steve,
>>
>> I built auditctl from recent audit source and tried it again but I failed
>> with the following errors.
>>
>> pi at raspberrypi ~/audit-2.4.4 $ sudo auditctl -e1 -b 102400
>> AUDIT_STATUS: enabled=1 flag=1 pid=2022 rate_limit=0 backlog_limit=320
>> lost=0 backlog=0 (reverse-i-search)`b': sudo auditctl -e1 -^C102400
>> pi at raspberrypi ~/audit-2.4.4 $ sudo src/auditctl -a exit,always -F
>> arch=armeb -S clone arch elf mapping not found
>> pi at raspberrypi ~/audit-2.4.4 $ sudo src/auditctl -a exit,always -S clone
>> Error detecting machine type
>>
>> Would you help me with this?
>
> Did you add --with-arm to the ./configure line? Its disabled by default.
>
> -Steve
More information about the Linux-audit
mailing list