On 14/10/07, Richard Guy Briggs wrote:
On 14/10/07, Eric Paris wrote:
On Tue, 2014-10-07 at 14:23 -0400, Richard Guy Briggs wrote:
Log the event when a client attempts to connect to the netlink audit
multicast
socket, requiring CAP_AUDIT_READ capability, binding to the
On Mon, 2014-10-20 at 12:23 -0400, Paul Moore wrote:
After a long stint maintaining the audit tree, Eric asked me to step
in and handle the day-to-day management of the audit tree. We should
also update the linux-audit mailing list entry to better reflect
current usage.
Signed-off-by: Paul
Hi Stephen,
The audit tree has just changed hands and as a result the git repo has
changed. The new location is:
* git://git.infradead.org/users/pcmoore/audit next
Thanks,
-Paul
--
paul moore
www.paul-moore.com
--
Linux-audit mailing list
Linux-audit@redhat.com
On 14/10/21, Steve Grubb wrote:
On Tuesday, October 07, 2014 03:03:14 PM Eric Paris wrote:
On Tue, 2014-10-07 at 14:23 -0400, Richard Guy Briggs wrote:
Log the event when a client attempts to connect to the netlink audit
multicast socket, requiring CAP_AUDIT_READ capability, binding to
On Tuesday, October 21, 2014 05:08:22 PM Richard Guy Briggs wrote:
On 14/10/21, Steve Grubb wrote:
super crazy yuck. audit_log_task_info() ??
audit_log_task_info logs too much information for typical use. There are
times when you might want to know everything about what's connecting.
On Monday, October 20, 2014 07:33:39 PM Steve Grubb wrote:
On Monday, October 20, 2014 07:02:33 PM Paul Moore wrote:
On Monday, October 20, 2014 06:47:27 PM Eric Paris wrote:
On Mon, 2014-10-20 at 16:25 -0400, Steve Grubb wrote:
On Thursday, October 02, 2014 11:06:51 PM Richard Guy
On Tuesday, October 21, 2014 05:56:36 PM Paul Moore wrote:
On Monday, October 20, 2014 07:33:39 PM Steve Grubb wrote:
On Monday, October 20, 2014 07:02:33 PM Paul Moore wrote:
On Monday, October 20, 2014 06:47:27 PM Eric Paris wrote:
On Mon, 2014-10-20 at 16:25 -0400, Steve Grubb wrote:
On Tue, 2014-10-21 at 17:56 -0400, Paul Moore wrote:
* Change the audit_status.version field comment in include/uapi/linux/audit.h
to /* audit functionality bitmap */, or similar. We can't really change
the
structure now, but the comment is fair game.
Trying to think how to do things
On Tuesday, October 21, 2014 03:56:10 PM Steve Grubb wrote:
audit_log_task_info logs too much information for typical use. There are
times when you might want to know everything about what's connecting. But
in this case, we don't need anything about groups, saved uids, fsuid, or
ppid.
Its a
On Tuesday, October 21, 2014 06:19:52 PM Eric Paris wrote:
On Tue, 2014-10-21 at 17:56 -0400, Paul Moore wrote:
* Change the audit_status.version field comment in
include/uapi/linux/audit.h to /* audit functionality bitmap */, or
similar. We can't really change the structure now, but the
On Wednesday, October 22, 2014 09:19:10 AM Stephen Rothwell wrote:
Hi Paul,
On Tue, 21 Oct 2014 17:00:48 -0400 Paul Moore p...@paul-moore.com wrote:
The audit tree has just changed hands and as a result the git repo has
changed. The new location is:
*
On 14/10/21, Paul Moore wrote:
On Tuesday, October 21, 2014 03:56:10 PM Steve Grubb wrote:
audit_log_task_info logs too much information for typical use. There are
times when you might want to know everything about what's connecting. But
in this case, we don't need anything about groups,
12 matches
Mail list logo
