messages from 2011-11-08 23:17:21 to 2012-02-29 00:26:41 UTC [more...]
New audit package release this week
2012-02-29 0:25 UTC
[PATCH 0/2] Improvements to AVC record matching
2012-02-28 23:28 UTC (5+ messages)
` [PATCH 1/2] auvirt: Improve matching of AVC records generated by SELinux
` [PATCH 2/2] auvirt: Add support for AVC records generated by AppArmor
[PATCH] auparse: apparmor fields
2012-02-28 23:15 UTC (4+ messages)
` [PATCH v2] "
test patch for auditctl inter-field comparisons on euid/uid, egid/gid
2012-02-28 23:12 UTC (11+ messages)
[PATCH - linux-next] ARM: ptrace: Fix audit caused compile error
2012-02-21 13:49 UTC (5+ messages)
[PATCH] auvirt: Remove workaround for VM name searching
2012-02-13 11:46 UTC (3+ messages)
[PATCH] auvirt: Add security context to "relabel{to, from}" AVC records
2012-02-11 15:04 UTC (2+ messages)
[PATCH] auvirt: Add details to cgroup records
2012-02-11 15:02 UTC (2+ messages)
AUTO: Gavin Appleton is out of the office. (returning 20/02/2012)
2012-02-10 18:10 UTC
[PATCH 1/2] auparse: Remove quotes from parsed fields
2012-02-09 18:04 UTC (8+ messages)
` [PATCH 2/2] auvirt: Remove workaround for VM name searching
audit.rules
2012-02-08 18:40 UTC (4+ messages)
Kernel oops+crash on repeated auditd restarts
2012-02-08 16:11 UTC (5+ messages)
[PATCH] ausearch: Fix parsing of uid in user space events
2012-02-07 22:11 UTC (2+ messages)
Question about Memory leaks in 1.7
2012-02-06 15:49 UTC
[PATCH] auvirt: a new tool for reporting events related to virtual machines
2012-02-03 18:52 UTC (2+ messages)
[PATCH] auvirt: a new tool for reporting events related to virtual machines
2012-01-27 17:31 UTC (19+ messages)
linux auditd: Not getting log for chmod syscall
2012-01-24 16:03 UTC (6+ messages)
` Fwd: "
expected performance hit for logging all execve's?
2012-01-21 0:29 UTC (2+ messages)
Captured system calls that should be filtered out
2012-01-20 16:49 UTC (2+ messages)
what does the arch= hex number represent?
2012-01-20 14:26 UTC (2+ messages)
Capture System Time Changes
2012-01-19 19:13 UTC (2+ messages)
Path ignored but syscall event still logged
2012-01-16 11:13 UTC (12+ messages)
linux audit: not getting log for chmod
2012-01-13 6:12 UTC
Relying on syscall record for information and useless key/value duplication
2012-01-12 14:00 UTC (5+ messages)
Consolidate Audit's msgs
2012-01-11 19:03 UTC (2+ messages)
MAC_IPSEC_EVENT Logged without rules
2012-01-09 16:46 UTC (2+ messages)
GUI audit review interface?
2012-01-05 22:29 UTC (2+ messages)
[PATCH 1/5] audit: allow interfield comparison in audit rules
2012-01-04 21:12 UTC (8+ messages)
` [PATCH 2/5] audit: complex interfield comparison helper
` [PATCH 3/5] audit: allow interfield comparison between gid and ogid
` [PATCH 4/5] audit: implement all object interfield comparisons
` [PATCH 5/5] audit: comparison on interprocess fields
Question - Rule Syntax
2012-01-03 14:13 UTC (4+ messages)
[PATCH] Inter-field comparisons between uid/euid and gid/egid
2011-12-24 21:51 UTC (8+ messages)
[PATCH] Added support for virtualization related fields to ausearch
2011-12-20 15:55 UTC (2+ messages)
[PATCH/RFC] audit: improve GID/EGID comparation logic
2011-12-13 20:09 UTC
Daemon start problems
2011-12-13 11:50 UTC (3+ messages)
[RFC] Virtual machine related events support
2011-12-06 21:06 UTC (4+ messages)
Regarding bug 435682
2011-12-03 13:44 UTC (2+ messages)
filter specific file from specific program
2011-12-02 15:27 UTC (4+ messages)
help- auditing sys admin commands
2011-12-02 13:48 UTC (2+ messages)
watch with -p wa catching fstat calls?
2011-12-01 19:11 UTC
Auditing only system admin commands and argument
2011-11-30 13:34 UTC
FW: I'd like to turn auditd off but
2011-11-29 16:33 UTC (2+ messages)
FW: I'd like to turn auditd off but
2011-11-29 16:29 UTC (2+ messages)
Disabling monitoring of a subfolder
2011-11-29 16:26 UTC (3+ messages)
missing user authentication events
2011-11-29 16:17 UTC (6+ messages)
I'd like to turn auditd off but
2011-11-22 2:30 UTC (3+ messages)
[PATCH 01/26] audit: make filetype matching consistent with other filters
2011-11-17 22:47 UTC (27+ messages)
` [PATCH 02/26] audit: dynamically allocate audit_names when not enough space is in the names array
` [PATCH 03/26] audit: drop the meaningless and format breaking word 'user'
` [PATCH 04/26] audit: check current inode and containing object when filtering on major and minor
` [PATCH 05/26] seccomp: audit abnormal end to a process due to seccomp
` [PATCH 06/26] Audit: push audit success and retcode into arch ptrace.h
` [PATCH 07/26] audit: ia32entry.S sign extend error codes when calling 64 bit code
` [PATCH 08/26] audit: inline audit_syscall_entry to reduce burdon on archs
` [PATCH 09/26] audit: remove AUDIT_SETUP_CONTEXT as it isn't used
` [PATCH 10/26] audit: drop some potentially inadvisable likely notations
` [PATCH 11/26] audit: inline checks for not needing to collect aux records
` [PATCH 12/26] audit: drop audit_set_macxattr as it doesn't do anything
` [PATCH 13/26] audit: inline audit_free to simplify the look of generic code
` [PATCH 14/26] audit: reject entry,always rules
` [PATCH 15/26] audit: remove audit_finish_fork as it can't be called
` [PATCH 16/26] audit: allow matching on obj_uid
` [PATCH 17/26] audit: allow audit matching on inode gid
` [PATCH 18/26] audit: allow interfield comparison in audit rules
` [PATCH 19/26] audit: complex interfield comparison helper
` [PATCH 20/26] audit: allow interfield comparison between gid and ogid
` [PATCH 21/26] audit: remove task argument to audit_set_loginuid
` [PATCH 22/26] audit: only allow tasks to set their loginuid if it is -1
` [PATCH 23/26] audit: do not call audit_getname on error
` [PATCH 24/26] Kernel: Audit Support For The ARM Platform
` [PATCH 25/26] audit: fix mark refcounting
` [PATCH 26/26] audit: collect path information when possible
test patch for new inode filter types
2011-11-17 22:31 UTC (2+ messages)
Audit Event Record Types
2011-11-17 3:04 UTC
Audit Event Record Types
2011-11-16 13:45 UTC (3+ messages)
filtering on inode ouid
2011-11-09 19:42 UTC (4+ messages)
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox