i had only spawned new shells but hadnt rebooted or logged out, i rebooted and that solved it, my bad
2009/4/2 Darren J Moffat <darrenm at opensolaris.org>: > Ignacio Marambio Cat?n wrote: >> >> On Wed, Apr 1, 2009 at 12:18 PM, Gary Winiger <gww at eng.sun.com> wrote: >>>> >>>> I thought that should have been clear from the the first example in the >>>> audit_syslog(5) man page. >>> >>> ? ? ? If the man page isn't clear, please file a bug report through >>> ? ? ? your sun service account. >> >> the man page is clear, however, I still was not able to log pfexec >> usage after correcting the audit_control file, the odd thing is that >> logging commands ran in a profiled shell does work, and the profiled >> shell uses pfexec internally and doesnt seem to do anything related to >> auditing itself. >> Here is what I did: >> >> nacho at saturn:/etc/security$ pfexec audit -n >> nacho at saturn:/etc/security$ pfexec roleadd -s /bin/pfcsh -d > > Since you changed /etc/security/audit_control had you either rebooted or > logged in freshly to that shell ? ie it wasn't one from before the changes > to audit_control. > > -- > Darren J Moffat >
