On Tue, Jan 3, 2017 at 3:44 PM, Kees Cook <keesc...@chromium.org> wrote: > I still wonder, though, isn't there a way to use auditctl to get all > the seccomp messages you need?
Not all of the seccomp actions are currently logged, that's one of the problems (and the biggest at the moment). -- paul moore www.paul-moore.com
