Questions relate to RHEL4 (unless they don't). What are the meanings of the following fields from the SYSCALL record: * items * fsuid * fsgid
What are the meanings of the following fields from the PATH record: * flags * rdev How can I programmatically translate an architecture into human, eg 40000003 => 'i686'? Is there a way of doing a syscall name lookup without having root? In RHEL5, what's the equivalent of 'auditctl -t'? Is there any master documentation I've missed? I'm only aware of the man pages. Thanks, Matt -- Matthew Booth, RHCA, RHCSS Red Hat, Global Professional Services M: +44 (0)7977 267231 GPG ID: D33C3490 GPG FPR: 3733 612D 2D05 5458 8A8A 1600 3441 EA19 D33C 3490
signature.asc
Description: This is a digitally signed message part
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
