Thank You for the valuable Response RGB.
As you mentioned in the above statement is what I was looking for, "There
is a mapping from the PID in the initial PID namespace to its PID in a
child PID namespace".
As per your context, Is it initial PID namespace is the one which is get
created in the "H
On 16/04/28, Deepika Sundar wrote:
> Thank you for all replies and Sorry, I am new to this audit subsystem field.
>
> I am facing the problem in the initial stage itself that,Where to add the
> new field in the source code, as per my work understanding in the below
> code,Is it possible to fine tu
On 16/04/28, Deepika Sundar wrote:
> Thank you for the replies.
>
> As per My understanding Root as Admin it has the control over all the
> namespaces.If this is correct,
As per my previous email, not necessarily.
> (i) Is that root should have access to all namespace relate info,
> for ex:
On 16/04/27, Deepika Sundar wrote:
> As per rule root(admin) is the one who is monitoring the system's
> information .so,there must exist some namespace information in proc field
> for the namespace related PID in global.Is this the way I'm approaching to
> the namespace related stuffs is correct?
On 16/04/26, Deepika Sundar wrote:
[re-adding the list]
> https://www.redhat.com/archives/linux-audit/2015-April/msg00031.html
> In the above link it is mentioned that cloned action for the initial
> creation has the pid=481,is this a pid seen in namespace or the global
> one?Please clarify me.
On Wed, Apr 27, 2016 at 9:31 PM, Richard Guy Briggs wrote:
> On 16/04/22, Peter Hurley wrote:
>> 2. The existing usage is always tsk==current
>
> My understanding is that when it is called via:
>
> copy_process()
> audit_free()
> __audit_free()
>
If I centralize audit logging through rsyslog, and I have each of the remote
machines' /etc/rsyslog.conf to use the same generic audit.log file name instead
of customizing the audit logs with something like; HOSTNAME-audit.log, because
ausearch apparently only looks for a file specifically of th
On 04/28/2016 12:28 PM, Richard Guy Briggs wrote:
> On 16/04/27, Peter Hurley wrote:
>> On 04/27/2016 06:31 PM, Richard Guy Briggs wrote:
>>> On 16/04/22, Peter Hurley wrote:
On 04/21/2016 11:14 AM, Richard Guy Briggs wrote:
> The tty field was missing from AUDIT_LOGIN events.
>
>
On 16/04/27, Peter Hurley wrote:
> On 04/27/2016 06:31 PM, Richard Guy Briggs wrote:
> > On 16/04/22, Peter Hurley wrote:
> >> On 04/21/2016 11:14 AM, Richard Guy Briggs wrote:
> >>> The tty field was missing from AUDIT_LOGIN events.
> >>>
> >>> Refactor code to create a new function audit_get_tty(
On Thursday, April 28, 2016 02:45:55 AM Manuel Scunthorpe wrote:
> The build fails in Arch Linux openrc when configure has the option
> --enable-systemd=no It seems to work and build the package but fails at the
> end, I think it is a makefile error. I wanted to build the package with
> static
Steve, thanks for your replies to all of my questions.
Can you please send me a walk through document for trying to send the 6
workstations and 1 servers audit-data into the same directory structure?
Something that will definitely work, please?
I have a VM environment that I can make changes o
On Wednesday, April 27, 2016 09:10:39 PM Warron S French wrote:
> I have a scenario that I need a little help understanding how to work
> through in an isolated environment of 1 server and 6 workstations (7
> machines). The 7 machines are all running CentOS-6.7 and selinux =
> disabled.
>
> All 6 w
On 04/27/2016 06:31 PM, Richard Guy Briggs wrote:
> On 16/04/22, Peter Hurley wrote:
>> On 04/21/2016 11:14 AM, Richard Guy Briggs wrote:
>>> The tty field was missing from AUDIT_LOGIN events.
>>>
>>> Refactor code to create a new function audit_get_tty(), using it to
>>> replace the call in audit_
The build fails in Arch Linux openrc when configure has the option
--enable-systemd=no
It seems to work and build the package but fails at the end, I think it is a
makefile error. I wanted to build the package with static libs rather than use
the precompiled Arch version.I tried the standar
14 matches
Mail list logo