From: Steve Grubb <sgrubb@redhat.com>
To: linux-audit@redhat.com
Cc: Maupertuis Philippe <philippe.maupertuis@equensworldline.com>
Subject: Re: adutictl -F exe
Date: Wed, 11 Jan 2017 08:57:24 -0500 [thread overview]
Message-ID: <5799953.MNnZxQFCLM@x2> (raw)
In-Reply-To: <3D2AB1326AB2974190FCE3F69401F790DB2042B469@FRVDX103.fr01.awl.atosorigin.net>
On Tuesday, January 10, 2017 3:49:16 PM EST Maupertuis Philippe wrote:
> Hello list,
> On my fedora 24 with audit-2.6.7-1.fc24.x86_64, the man auditctl list :
> exe Absolute path to application that while executing
> this rule will apply to. This can only be used on the exit list.
>
> On my RHEL7.3 with audit-2.6.5-3.el7.x86_64 the option is missing.
I think the man page has it missing, but its there.
> Reading the changelog at https://people.redhat.com/sgrubb/audit/ChangeLog, I
> couldn't find in which version it was introduced.
2.5 - audit by process name
> Is this option available
> on 4.x kernel only ?
It was backported into the RHEL 7.3 kernel.
> Is there any chance that the option finally arrive on RHEL 7 ?
Its there.
-Steve
> !!!*************************************************************************
> ************ "Ce message et les pi?ces jointes sont confidentiels et
> r?serv?s ? l'usage exclusif de ses destinataires. Il peut ?galement ?tre
> prot?g? par le secret professionnel. Si vous recevez ce message par erreur,
> merci d'en avertir imm?diatement l'exp?diteur et de le d?truire.
> L'int?grit? du message ne pouvant ?tre assur?e sur Internet, la
> responsabilit? de Worldline ne pourra ?tre recherch?e quant au contenu de
> ce message. Bien que les meilleurs efforts soient faits pour maintenir
> cette transmission exempte de tout virus, l'exp?diteur ne donne aucune
> garantie ? cet ?gard et sa responsabilit? ne saurait ?tre recherch?e pour
> tout dommage r?sultant d'un virus transmis.
>
> This e-mail and the documents attached are confidential and intended solely
> for the addressee; it may also be privileged. If you receive this e-mail in
> error, please notify the sender immediately and destroy it. As its
> integrity cannot be secured on the Internet, the Worldline liability cannot
> be triggered for the message content. Although the sender endeavours to
> maintain a computer virus-free network, the sender does not warrant that
> this transmission is virus-free and will not be liable for any damages
> resulting from any virus transmitted.!!!"
next prev parent reply other threads:[~2017-01-11 13:57 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-10 14:49 adutictl -F exe Maupertuis Philippe
2017-01-11 13:57 ` Steve Grubb [this message]
2017-01-11 14:23 ` Ryan Sawhill Aroha
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5799953.MNnZxQFCLM@x2 \
--to=sgrubb@redhat.com \
--cc=linux-audit@redhat.com \
--cc=philippe.maupertuis@equensworldline.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.