[redhat-lspp] what happens when something can't be audited?
Linda Knippers
linda.knippers at hp.com
Sat Feb 10 19:24:50 UTC 2007
Steve Grubb wrote:
> On Saturday 10 February 2007 14:00, Linda Knippers wrote:
>
>>That's why we added the audit library routine to get the user selectable
>>failure action from /etc/libaudit.conf.
>
>
> Did patches get submitted so that trusted programs use it?
Aside from cups, I don't think so. Other programs handle not being
able to open the audit socket but they take a hard-coded action rather
than a selectable one.
- ljk
More information about the redhat-lspp
mailing list