Re: OpenBSM & Jails
- From: Robert Watson <rwatson@xxxxxxxxxxx>
- Date: Wed, 27 Feb 2008 19:17:43 +0000 (GMT)
On Thu, 21 Feb 2008, sam wrote:
i am using OpenBSM on System with jails
part of praudit output / action write file in jail
--------------------------------------------------
header,176,10,open(2) - write,creat,trunc,0,Thu Feb 21 13:45:06 2008, + 501 msec,argument,3,0x81ed,mode,argument,2,0x601,flags,path,//site/svn/dev.lineage2.dom/pamm/hooks/post-commit,attribute,755,www,www,88,800911,3234053,subject,lynx,root,wheel,root,wheel,44680,44668,56876,10.15.1.116,return,success,4,trailer,176,
--------------------------------------------------
please add jail-identification in output (cat /dev/auditpipe | praudit -lp)
Vladimir,
I believe Christian has plans to use the Solaris "zone" BSM token to this end, as well as plans to enhance our support for hostid header fields so that when audit trails are aggregated from many sources, they can be processed with awareness of which source they came from. I've added him to the CC line, and he may be able to expand on this.
Robert N M Watson
Computer Laboratory
University of Cambridge
_______________________________________________
freebsd-hackers@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@xxxxxxxxxxx"
- References:
- OpenBSM & Jails
- From: sam
- OpenBSM & Jails
- Prev by Date: Re: synchronous freebsd print
- Next by Date: Re: cvs tag renaming after repo copy
- Previous by thread: OpenBSM & Jails
- Next by thread: ath0 will not associate
- Index(es):
Relevant Pages
|
|
