shadow: what uid to log?

Christian Göttsche cgzones at googlemail.com
Thu Oct 17 21:05:56 UTC 2019

Previous message (by thread): New field seen in audit.log
Next message (by thread): shadow: what uid to log?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,
I am working on migrating src:shadow to today's SELinux api and
enabling audit logging for denials.
The question which uid to log with 'audit_log_user_avc_message' came up.
What is preferred for the applications like passwd, chfn, ... , which
might be setuid binaries (getuid, geteuid, 0)?

Kind regards,
     Christian Göttsche

Previous message (by thread): New field seen in audit.log
Next message (by thread): shadow: what uid to log?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Linux-audit mailing list