>Excuse me, but what is your question? I've PCs protected with Tomoyo. I'd like to be informed when Tomoyo detect any policy violation. I'd like to get this information in a central pc. syslog is a good solution to centralize these violations.
>Why /usr/sbin/ccs-auditd and /usr/sbin/ccs-notifyd cannot be used? These tools provide access violation locally (only in the pc that generates the violation). And I need an automatic solution (ccs-notifyd is an int'ractive tool). >You want to use (e.g.) /sbin/rsyslogd for saving logs read from >/proc/ccs/ >rather than running /usr/sbin/ccs-auditd and /usr/sbin/ccs-notifyd ? ccs-auditd and ccs-notifyd seem to be tools to update policy. So these tools are dedicated for Tomoyo administrators. But in a production environment, what is the good tool? _______________________________________________ tomoyo-users-en mailing list [email protected] http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en
