Henning, Arthur C. (CSL) napsal(a):
Copy NISPOM.rules to /etc/audit/audit.rules
Using system-config-audit, I create a rule for the SYSCALL kill with a
key of kill
Save the configuration.
Get the described error.
Thanks for your report. The attached patch, to be included in s-c-audit
0.4.3,
Henning, Arthur C. (CSL) wrote:
Using system-config-audit getting key (-k) configuration errors when
saving changes.
[EMAIL PROTECTED] ~]# Stopping auditd: [ OK ]
Starting auditd: [ OK ]
key option needs a watch or syscall given prior to it
This is telling you that the -k flag needs to
On Tuesday 21 August 2007 11:39:51 Linda Knippers wrote:
Using system-config-audit getting key (-k) configuration errors when
saving changes.
[EMAIL PROTECTED] ~]# Stopping auditd: [ OK ]
Starting auditd: [ OK ]
key option needs a watch or syscall given prior to it
This is
correctly.
Art Henning (CSL)
Enterprise IT Solutions
Northrop Grumman Corp
[EMAIL PROTECTED]
-Original Message-
From: Steve Grubb [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 21, 2007 10:56 AM
To: linux-audit@redhat.com
Cc: Linda Knippers; Henning, Arthur C. (CSL)
Subject: Re: Audit rules
On Tuesday 21 August 2007 12:09:28 Henning, Arthur C. (CSL) wrote:
Would appear the system-config-audit GUI is rewriting the entire rule file
then complaining it's not configured correctly.
Yes its re-writing the rules. But its probably auditctl that's complaining.
Thanks for the feedback on