On Wed, Oct 11, 2006 at 04:43:16PM -0500, Joy Latten wrote:
> On Wed, 2006-10-11 at 16:58 -0400, Paul Moore wrote:
> > While it's been a looong time since I looked at PFKEY I believe you can get
> > away
> > with plucking the loginuid from the current task, yes? no?
> >
>
> I was also wondering
On Wed, 2006-10-11 at 16:58 -0400, Paul Moore wrote:
> Joy Latten wrote:
> > Linux provides two apis to add/delete/manage SAs and spd.
> > One is netlink which was extended to do key management. The
> > other is pfkeyv2, which our setkey and racoon uses.
> >
> > With all that said, I am not able
Joy Latten wrote:
> Linux provides two apis to add/delete/manage SAs and spd.
> One is netlink which was extended to do key management. The
> other is pfkeyv2, which our setkey and racoon uses.
>
> With all that said, I am not able to figure out how to get "auid" from
> pfkeyv2? I can use NETLINK
On Wed, 2006-10-11 at 16:06 -0400, John D. Ramsdell wrote:
> Last summer, someone else in my company made a simple version of a
> fork following tracer based on the audit library; however it does not
> compile on my FC5 machine. The reason is he was including the
> kernel's headers for ptrace, wh
Linux provides two apis to add/delete/manage SAs and spd.
One is netlink which was extended to do key management. The
other is pfkeyv2, which our setkey and racoon uses.
With all that said, I am not able to figure out how to get "auid" from
pfkeyv2? I can use NETLINK_CB(skb).loginuid to get it wh
On Wednesday 11 October 2006 16:06, John D. Ramsdell wrote:
> I plan to write a version of autrace that follows forks.
This is a problem that requires a kernel side implementation. We've talked
about it in the past and I don't think we've got code yet. We did add audit
by ppid which helps a litt
I plan to write a version of autrace that follows forks. When run in
follow forks mode, it will ptrace the child. Each time the child or
one of its descendents creates a new process, the program will use the
API provided by libaudit to add an audit rule for the freshly created
process. If I hear
On Wed, 2006-10-11 at 08:38 -0500, Serge E. Hallyn wrote:
> Quoting Joy Latten ([EMAIL PROTECTED]):
> > On Mon, 2006-10-09 at 14:30 -0500, Klaus Weidner wrote:
> > > On Mon, Oct 09, 2006 at 03:15:09PM -0400, Paul Moore wrote:
> > > > Going back to Joy's original mail I think it was the establishing
Quoting Joy Latten ([EMAIL PROTECTED]):
> On Mon, 2006-10-09 at 14:30 -0500, Klaus Weidner wrote:
> > On Mon, Oct 09, 2006 at 03:15:09PM -0400, Paul Moore wrote:
> > > Going back to Joy's original mail I think it was the establishing or
> > > deleting of
> > > an SA with SELinux context that we we
On Wednesday 11 October 2006 07:49, Boyce, Kevin P. (Melbourne, FL) wrote:
> I can install the deb files and the audit daemon runs, but it has trouble
> parsing the audit.rules file. The error I am getting is "Error sending
> insert watch request (Invalid Argument)."
This is not a parsing error..
Title: Audit-1.0.14
I am trying to use a vanilla kernel from kernel.org version 2.6.12 and 2.6.16 with the audit daemon version 1.0.14. I am using ubuntu, so I have used alien to convert the redhat binary packages for an x86_64 architecture into *.deb files. I can install the deb files and
11 matches
Mail list logo
