Hello.
Silva Paulo wrote:
> How do I do to redirect the logged records from /var/log/messages to any
> other log file, let's say /var/log/tomoyo?
Please use
grep -F 'ERROR:' /var/log/messages
grep -F 'WARNING:' /var/log/messages
if you want to get printk() logs.
printk() logs are just for telling policy violation occurred.
Better log with plenty information is available from /proc/ccs/reject_log .
You can start ccs-auditd like
/usr/sbin/ccs-auditd /dev/null /var/log/tomoyo
using some startup script (e.g. /etc/rc.local).
You can use
grep -A 3 -F " mode=enforcing " /var/log/tomoyo
to get logs of requests which violated policy in enforcing mode.
Regards.
_______________________________________________
tomoyo-users-en mailing list
[email protected]
http://lists.sourceforge.jp/mailman/listinfo/tomoyo-users-en
