Although then perhaps you should check pluto.log too ? But that would likely give false positives too ?
Sent from mobile device > On Sep 6, 2019, at 16:24, Andrew Cagney <[email protected]> wrote: > > > >> On Thu, 5 Sep 2019 at 10:52, Paul Wouters <[email protected]> wrote: >> On Wed, 4 Sep 2019, Andrew Cagney wrote: >> >> > Look in nic.console.verbose.txt >> > >> > type=SYSCALL msg=audit(1567646808.958:61): arch=c000003e syscall=165 >> > success=yes exit=0 a0=0 a1=55cef7279d60 a2=0 a3=1031 items=1 ppid=1 >> > pid=486 auid=429496729 >> > 5 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) >> >> Should it not only trigger for the console.txt's? instead of looking at >> the verbose console.txt's? If it did that, we could add a sanitizer to >> strip out: tty=(none) >> > > I'll try this - nic's sanitized output already looks pretty empty. >
_______________________________________________ Swan-dev mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan-dev
