Mike...
>From the AFS 3.5 manual:
You can audit AFS events on AIX File Servers using an AFS mechanism
that transfers audit information from AFS to the AIX auditing system.
The following general classes of AFS events can be audited. For a
complete list of specific AFS audit events, see Appendix B. AIX Audit
Events.
- Authentication and Identification Events
- Security Events
- Privilege Required Events
- Object Creation and Deletion Events
- Attribute Modification Events
- Process Control Events
You'll have to check if this was implemented in 3.4 as well....
- Paul
-----Original Message-----
From: Mike W Ellwood [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 06, 2000 7:19 PM
To: info-afs
Subject: (3.4) Monitoring ACL changes
We may have had a case where an ACL was changed by
an unauthorised person, or at least in mysterious
circumstances.
Can ACL changes be logged?
What logging mode needs to be on, and where would the changes
be recorded?
[May be too late for this one, but we may be able to cover ourselves
in future]
Are there any circumstances where ACLS can just get "lost"?
(e.g. because of a volume move or something?)
Running:
Base configuration afs3.4 5.74
Thank you.
--
[EMAIL PROTECTED]
