On 2016-10-17 12:04, Steve Grubb wrote:
> On Monday, October 17, 2016 11:40:17 AM EDT Richard Guy Briggs wrote:
> > Since sessionid is a new field for filter specification (but not
> > reporting and searching), I blocked sessionid==-1 in the api for setting
> > filters. This unfortunately makes it a different way to specify it than
> > loginuid when it is not set.
> Can we unblock that?
Sure, then we would have two ways to express the same thing and ends up
using in-band signalling which is what Eric was trying to avoid in the
Richard Guy Briggs <r...@redhat.com>
Kernel Security Engineering, Base Operating Systems, Red Hat
Remote, Ottawa, Canada
Voice: +1.647.777.2635, Internal: (81) 32635
Linux-audit mailing list