The RHEL 6 STIG says: auditctl -l | grep syscall | grep chmod
Should return lines referring to chmod. Those lines are in my audit.rules. Just doing an: auditctl -l | grep syscall Returns nothing. I've got no issues telling the STIG folks how to do their work, but wanted to make sure I know what I'm talking about first. Am I missing something if there's no "syscall" line(s) returned? Thanks! Leam -- Mind on a Mission -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
