How does one enable file system watches on RHEL5 update 0?
When I run auditctl -l It says File system watches not supported. I
have reverted back to audit-1.0.15 and upgraded the kernel to 2.6.18-52.
Anyone have any suggestions?
Thanks,
Kevin
--
Linux-audit mailing list
Linux-audit@redhat.com
Correct me if I am wrong, but in doing the auditctl -w /home, the only
thing that is being audited is the inode entry for the directory itself.
You need to construct an explicit list of each file you want to watch.
You can do this rather easily with a combination of find and awk.
Regards.
Kevin
All,
Is there any recommended audit dispatcher for the the RHEL audit daemon?
Thanks,
Kevin Boyce
Northrop Grumman Corp.
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
I would download the source rpms, make your changes, change the version,
and use the rpm -Uhv to upgrade existing packages.
Kevin Boyce
Northrop Grumman Corp.
On Fri, 2007-11-16 at 10:54 -0500, Bill Tangren wrote:
I'm running RHEL ES 4 servers, and am having difficulty with aureport. I'm
Oops, don't forget to recompile, and then the rpm -Uhv
On Fri, 2007-11-16 at 11:11 -0500, Kevin Boyce wrote:
I would download the source rpms, make your changes, change the
version, and use the rpm -Uhv to upgrade existing packages.
Kevin Boyce
Northrop Grumman Corp.
On Fri, 2007-11
