[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Linux Audit trail
On 2001 September? 30 ,Sunday 17:34, you wrote:
> come on guys, it's a POSIX.1e feature. Novell had it for years, NT
> has it, Solaris has it, how can it be that linux doesn't!??
Well, it seems there is a kernel component which is supposed to do
the auditing, called "kernel auditing facility". This I found here
(look under Auditing):
<http://www.linuxsecurity.com/resource_files/server_security/linux-pr
ivs/linux-privs.html>
And I got there from freshmeat, which offers a daemon to read the
audit data from /proc/audit
I hope this helps you a bit more.
Herouth
PS, according to the above document, the POSIX standard merely states
what the audit trail should look like, not that an audit is a part of
the POSIX standard.
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il