messages from 2011-08-16 09:56:41 to 2012-01-04 21:13:30 UTC [more...]
[PATCH 1/5] audit: allow interfield comparison in audit rules
2012-01-04 21:12 UTC (8+ messages)
` [PATCH 2/5] audit: complex interfield comparison helper
` [PATCH 3/5] audit: allow interfield comparison between gid and ogid
` [PATCH 4/5] audit: implement all object interfield comparisons
` [PATCH 5/5] audit: comparison on interprocess fields
Question - Rule Syntax
2012-01-03 14:13 UTC (4+ messages)
[PATCH] Inter-field comparisons between uid/euid and gid/egid
2011-12-24 21:51 UTC (8+ messages)
Path ignored but syscall event still logged
2011-12-21 19:24 UTC (4+ messages)
[PATCH] auvirt: a new tool for reporting events related to virtual machines
2011-12-20 18:18 UTC (2+ messages)
[PATCH] Added support for virtualization related fields to ausearch
2011-12-20 15:55 UTC (2+ messages)
test patch for auditctl inter-field comparisons on euid/uid, egid/gid
2011-12-16 23:34 UTC (9+ messages)
[PATCH/RFC] audit: improve GID/EGID comparation logic
2011-12-13 20:09 UTC
Daemon start problems
2011-12-13 11:50 UTC (3+ messages)
[RFC] Virtual machine related events support
2011-12-06 21:06 UTC (4+ messages)
Regarding bug 435682
2011-12-03 13:44 UTC (2+ messages)
filter specific file from specific program
2011-12-02 15:27 UTC (4+ messages)
help- auditing sys admin commands
2011-12-02 13:48 UTC (2+ messages)
watch with -p wa catching fstat calls?
2011-12-01 19:11 UTC
Auditing only system admin commands and argument
2011-11-30 13:34 UTC
FW: I'd like to turn auditd off but
2011-11-29 16:33 UTC (2+ messages)
FW: I'd like to turn auditd off but
2011-11-29 16:29 UTC (2+ messages)
Disabling monitoring of a subfolder
2011-11-29 16:26 UTC (3+ messages)
missing user authentication events
2011-11-29 16:17 UTC (6+ messages)
I'd like to turn auditd off but
2011-11-22 2:30 UTC (3+ messages)
[PATCH 01/26] audit: make filetype matching consistent with other filters
2011-11-17 22:47 UTC (27+ messages)
` [PATCH 02/26] audit: dynamically allocate audit_names when not enough space is in the names array
` [PATCH 03/26] audit: drop the meaningless and format breaking word 'user'
` [PATCH 04/26] audit: check current inode and containing object when filtering on major and minor
` [PATCH 05/26] seccomp: audit abnormal end to a process due to seccomp
` [PATCH 06/26] Audit: push audit success and retcode into arch ptrace.h
` [PATCH 07/26] audit: ia32entry.S sign extend error codes when calling 64 bit code
` [PATCH 08/26] audit: inline audit_syscall_entry to reduce burdon on archs
` [PATCH 09/26] audit: remove AUDIT_SETUP_CONTEXT as it isn't used
` [PATCH 10/26] audit: drop some potentially inadvisable likely notations
` [PATCH 11/26] audit: inline checks for not needing to collect aux records
` [PATCH 12/26] audit: drop audit_set_macxattr as it doesn't do anything
` [PATCH 13/26] audit: inline audit_free to simplify the look of generic code
` [PATCH 14/26] audit: reject entry,always rules
` [PATCH 15/26] audit: remove audit_finish_fork as it can't be called
` [PATCH 16/26] audit: allow matching on obj_uid
` [PATCH 17/26] audit: allow audit matching on inode gid
` [PATCH 18/26] audit: allow interfield comparison in audit rules
` [PATCH 19/26] audit: complex interfield comparison helper
` [PATCH 20/26] audit: allow interfield comparison between gid and ogid
` [PATCH 21/26] audit: remove task argument to audit_set_loginuid
` [PATCH 22/26] audit: only allow tasks to set their loginuid if it is -1
` [PATCH 23/26] audit: do not call audit_getname on error
` [PATCH 24/26] Kernel: Audit Support For The ARM Platform
` [PATCH 25/26] audit: fix mark refcounting
` [PATCH 26/26] audit: collect path information when possible
test patch for new inode filter types
2011-11-17 22:31 UTC (2+ messages)
Audit Event Record Types
2011-11-17 3:04 UTC
Audit Event Record Types
2011-11-16 13:45 UTC (3+ messages)
filtering on inode ouid
2011-11-09 19:42 UTC (4+ messages)
Do we need entry,always rules?
2011-11-08 22:18 UTC (2+ messages)
command logging
2011-11-08 21:31 UTC (3+ messages)
Suppress messages from /var/log/audit.log via audit.rules
2011-11-08 14:38 UTC (13+ messages)
audit-1.8 released
2011-10-27 15:33 UTC (2+ messages)
IRC channel
2011-10-26 23:42 UTC (2+ messages)
question on syslog-ng and auditd
2011-10-26 21:35 UTC (2+ messages)
[RFC] Auditing user command execution
2011-10-26 17:36 UTC (2+ messages)
[PATCH] Kernel: Audit Support For The ARM Platform (Re-post requested)
2011-10-26 17:07 UTC (2+ messages)
audit without python?
2011-10-25 18:36 UTC (6+ messages)
Regarding bug 435682
2011-10-21 13:03 UTC (4+ messages)
Error deleting rule during shutdown with -e 2
2011-10-12 16:01 UTC (3+ messages)
auditing account lockouts
2011-10-10 14:13 UTC (2+ messages)
linux-audit: reconstruct path names from syscall events?
2011-10-10 12:54 UTC (12+ messages)
question on audit_backlog settings and how to prevent the sytem from hanging due to audit overload
2011-10-07 12:28 UTC (2+ messages)
performance questions
2011-09-30 14:35 UTC (4+ messages)
unsub
2011-09-30 1:55 UTC
[PATCH] audit: dynamically allocate audit_names when not enough spaceis in the names array
2011-09-29 21:15 UTC (2+ messages)
problem while restarting auditd
2011-09-23 5:55 UTC (3+ messages)
Best means of capturing audit changes to a certain filename under a path subtree? aka wildcard file watches
2011-09-15 17:21 UTC (2+ messages)
Getting Process name instead of PPID
2011-09-09 18:31 UTC
auditd questions
2011-09-09 4:55 UTC (3+ messages)
auditing ntpd
2011-09-08 13:24 UTC (2+ messages)
help needed: how to exclude a single file from being audited
2011-09-08 5:38 UTC (3+ messages)
new auparse question
2011-09-01 0:55 UTC (3+ messages)
auparse question
2011-08-31 18:29 UTC (4+ messages)
auparse question
2011-08-31 18:07 UTC
auparse question
2011-08-30 21:09 UTC
Verify DVD is Closed/Finalized
2011-08-26 16:03 UTC
Auditing the "chattr" command (ioctl syscall?)
2011-08-24 16:04 UTC (6+ messages)
audit-2.1.3 released
2011-08-16 12:03 UTC (3+ messages)
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox