On 03/02/12 18:17, George Mamalakis wrote:
Ah!
And one more thing with respect to this issue. Since I realized that
probably I won't be able to run audit within a jail, I tried to
continue with my work from outside the jail. What I need is to audit
some system users (like www) inside my jails and do stuff with their
audit trails. In order to be able to audit www's actions, I downloaded
setaudit from http://www.freebsd.org/~csjp/setaudit.c which allows
this functionality. setaudit works fine from outside my jails, but
when I run it from within a jail, I get the following error again:
[root@in-jail] # setaudit -awww -mfr /bin/ls
setaudit: setaudit_addr: Function not implemented
Is there, at least, some
easy/secure/not-whole-system-configuration-changing way to start
apache from within a jail to be able to audit his actions from outside
the jail?
Thank you all in advance, once more.
OK, found it!
I am running:
[root@out-of-jail] setaudit -awww -m fr,fw,fa,fm,fc,fd,cl jexec 6
/usr/local/bin/sudo -u www /usr/local/sbin/apachectl startssl
from outside the jails and it works like a charm! Nasty, but at least
it's working...
Thank you all anyway!
--
George Mamalakis
IT and Security Officer
Electrical and Computer Engineer (Aristotle Un. of Thessaloniki),
MSc (Imperial College of London)
Department of Electrical and Computer Engineering
Faculty of Engineering
Aristotle University of Thessaloniki
phone number : +30 (2310) 994379
_______________________________________________
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"