audit-testsuite usage

audit-testsuite usage

[Richard Guy Briggs]

Hi folks,

We're trying to get an idea of how many users there are for the
relatively new https://github.com/linux-audit/audit-testsuite and how
they are using it or would like to use it to help inform decisions about
how to manage the suite so that it is still useful to us but not prevent
some other unforseen reasonable use cases.

Who is using it?

How/Why?


Thanks!


- RGB

--
Richard Guy Briggs <rgb@redhat.com>
Sr. S/W Engineer, Kernel Security, Base Operating Systems
Remote, Ottawa, Red Hat Canada
IRC: rgb, SunRaycer
Voice: +1.647.777.2635, Internal: (81) 32635

Re: audit-testsuite usage

[Stephan Müller]

Am Sonntag, 7. Mai 2017, 18:43:59 CEST schrieb Richard Guy Briggs:

Hi Richard,

> Hi folks,
> 
> We're trying to get an idea of how many users there are for the
> relatively new https://github.com/linux-audit/audit-testsuite and how
> they are using it or would like to use it to help inform decisions about
> how to manage the suite so that it is still useful to us but not prevent
> some other unforseen reasonable use cases.
> 
> Who is using it?

I am using it.

> 
> How/Why?

On behalf of customers for various validations works.

Ciao
Stephan

Re: audit-testsuite usage

[Paul Moore]

On Mon, May 8, 2017 at 2:20 AM, Stephan Müller <smueller@chronox.de> wrote:
> Am Sonntag, 7. Mai 2017, 18:43:59 CEST schrieb Richard Guy Briggs:
>
> Hi Richard,
>
>> Hi folks,
>>
>> We're trying to get an idea of how many users there are for the
>> relatively new https://github.com/linux-audit/audit-testsuite and how
>> they are using it or would like to use it to help inform decisions about
>> how to manage the suite so that it is still useful to us but not prevent
>> some other unforseen reasonable use cases.
>>
>> Who is using it?
>
> I am using it.
>
>>
>> How/Why?
>
> On behalf of customers for various validations works.

Just to be clear, you are talking about the test suite hosted on
GitHub (see the URL in Richard's original mail) and not the older test
suite hosted on SF.net and commonly used for Common Criteria
evaluations?

-- 
paul moore
www.paul-moore.com

--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit

Re: audit-testsuite usage

[Stephan Müller]

Am Montag, 8. Mai 2017, 16:34:33 CEST schrieb Paul Moore:

Hi Paul,

> > 
> > On behalf of customers for various validations works.
> 
> Just to be clear, you are talking about the test suite hosted on
> GitHub (see the URL in Richard's original mail) and not the older test
> suite hosted on SF.net and commonly used for Common Criteria
> evaluations?

Apologies, I was thinking of the audit-test suite from HP. I did not followed 
up the URL.

I am not using the test suite pointed to by Rich' URL.

Ciao
Stephan

Re: audit-testsuite usage

[Burn Alting]

[-- Attachment #1.1: Type: text/plain, Size: 1590 bytes --]

Richard,

I have yet to start using the test suite, but I am looking for a Linux
auditd testing capability which will provide

        
        - a human readable description of the user or system entity's
        interaction with Linux for a given test
        - the commands that enact the above test
        - the resultant auditd file  which I can run though ausearch
        -i/aushape for processing
        

And generate this for each possible event and event sub-variant (e.g
iterate over all syscalls and variants) that the Linux kernel and other
mainstream utilities can generate.

I have been through https://sourceforge.net/projects/audit-test/ but
this is problematic as it was difficult to get all the above AND pump
the output into ausearch -i as it was processing.

Rgds


On Sun, 2017-05-07 at 12:43 -0400, Richard Guy Briggs wrote:

> Hi folks,
> 
> We're trying to get an idea of how many users there are for the
> relatively new https://github.com/linux-audit/audit-testsuite and how
> they are using it or would like to use it to help inform decisions about
> how to manage the suite so that it is still useful to us but not prevent
> some other unforseen reasonable use cases.
> 
> Who is using it?
> 
> How/Why?
> 
> 
> Thanks!
> 
> 
> - RGB
> 
> --
> Richard Guy Briggs <rgb@redhat.com>
> Sr. S/W Engineer, Kernel Security, Base Operating Systems
> Remote, Ottawa, Red Hat Canada
> IRC: rgb, SunRaycer
> Voice: +1.647.777.2635, Internal: (81) 32635
> 
> --
> Linux-audit mailing list
> Linux-audit@redhat.com
> https://www.redhat.com/mailman/listinfo/linux-audit



[-- Attachment #1.2: Type: text/html, Size: 2139 bytes --]

[-- Attachment #2: Type: text/plain, Size: 0 bytes --]