On Thursday, July 21, 2016 4:12:48 PM EDT Ondrej Moris wrote:
> On 07/21/2016 03:55 PM, Steve Grubb wrote:
> >> I am fine with that but while I see the motivation [1], I
> >> just cannot find where is that happening in the code.
> >
> > https://fedorahosted.org/audit/browser/trunk/src/auditd-event
On 07/21/2016 03:55 PM, Steve Grubb wrote:
> On Thursday, July 21, 2016 11:48:04 AM EDT Ondrej Moris wrote:
>> Hi, I noticed that in 2.6.5 /var/log/audit permission were dropped from
>> 750 to 600.
>
> The directory should be 0750 or 0700 depending on your config. 0600 would be
> a
> mistake.
On Thursday, July 21, 2016 11:48:04 AM EDT Ondrej Moris wrote:
> Hi, I noticed that in 2.6.5 /var/log/audit permission were dropped from
> 750 to 600.
The directory should be 0750 or 0700 depending on your config. 0600 would be a
mistake.
> I am fine with that but while I see the motivation [1
Hi, I noticed that in 2.6.5 /var/log/audit permission were dropped from
750 to 600. I am fine with that but while I see the motivation [1], I
just cannot find where is that happening in the code. Besides, specfile
still contains:
%attr(750,root,root) %dir %{_var}/log/audit
and hence 'rpm -V audit