Ignacio Marambio Cat?n wrote: > On Wed, Apr 1, 2009 at 12:18 PM, Gary Winiger <gww at eng.sun.com> wrote: >>> I thought that should have been clear from the the first example in the >>> audit_syslog(5) man page. >> If the man page isn't clear, please file a bug report through >> your sun service account. > > the man page is clear, however, I still was not able to log pfexec > usage after correcting the audit_control file, the odd thing is that > logging commands ran in a profiled shell does work, and the profiled > shell uses pfexec internally and doesnt seem to do anything related to > auditing itself. > Here is what I did: > > nacho at saturn:/etc/security$ pfexec audit -n > nacho at saturn:/etc/security$ pfexec roleadd -s /bin/pfcsh -d
Since you changed /etc/security/audit_control had you either rebooted or logged in freshly to that shell ? ie it wasn't one from before the changes to audit_control. -- Darren J Moffat
