Hello.
I tried to audit write syscall on /dev/watchdog in order to check
https://access.redhat.com/site/solutions/707563 .
I expected that I can do it using
# auditctl -a exit,always -F filetype=character -F devmajor=10 -F
devminor=130 -F arch=b64 -S write -k watchdog
but it did not work (even
# auditctl -a exit,always -F filetype=character -F arch=b64 -S write -k
watchdog
did not work).
Is this functionality not implemented?
Should I do
# stap -d hpwdt -e 'probe module("hpwdt").function("hpwdt_ping") {
printf("%u\n", gettimeofday_ns()); }'
instead (if I can't use this functionality) ?
Regards.
--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit
