messages from 2014-06-04 19:28:41 to 2014-08-21 13:32:18 UTC [more...]
A memory leak problem when the the ”log_format = NOLOG“ is set in auditd.conf
2014-08-21 13:32 UTC
[PATCH V4 0/8] namespaces: log namespaces per task
2014-08-21 1:09 UTC (9+ messages)
` [PATCH V4 1/8] namespaces: assign each namespace instance a serial number
` [PATCH V4 2/8] namespaces: expose namespace instance serial number in proc_ns_operations
` [PATCH V4 3/8] namespaces: expose ns instance serial numbers in proc
` [PATCH V4 4/8] Documentation: add a section for /proc/<pid>/ns/
` [PATCH V4 5/8] namespaces: expose ns_entries
` [PATCH V4 6/8] audit: log namespace serial numbers
` [PATCH V4 7/8] audit: log creation and deletion of namespace instances
` [PATCH V4 8/8] audit: initialize at subsystem time rather than device time
[PATCH V3 0/6] namespaces: log namespaces per task
2014-08-20 17:43 UTC (7+ messages)
ausearch checkpoint capability
2014-08-20 16:57 UTC (7+ messages)
Excluding the single executable on the top of audit.rules
2014-08-20 9:47 UTC (3+ messages)
[PATCH] auditd.service: if audit=0 in kernel cmdline do not start service
2014-08-18 22:30 UTC (2+ messages)
[PATCH] arm64: audit: Fix build for audit changes
2014-08-18 16:40 UTC (2+ messages)
Backlog exceeded when using audisp
2014-08-15 18:01 UTC (2+ messages)
Backlog exceeded when using audisp
2014-08-14 12:50 UTC (2+ messages)
[PATCH] arm64: audit: Fix build for audit changes
2014-08-11 15:47 UTC (14+ messages)
Fw: How to define rule for SERVICE_START/STOP?
2014-08-06 12:57 UTC (3+ messages)
How to define rule for SERVICE_START/STOP?
2014-08-04 20:34 UTC (2+ messages)
Can we audit writing to character device?
2014-08-04 13:08 UTC (3+ messages)
RHEL 6 audit.rules question
2014-08-01 1:46 UTC (3+ messages)
RHEL 6 audit.rules question
2014-07-30 20:33 UTC (2+ messages)
[PATCH audit] reconfigure: Apply log_group change
2014-07-25 14:30 UTC (4+ messages)
file watch: separating file reads and writes
2014-07-22 2:19 UTC (3+ messages)
[PATCH] [STABLE] audit: remove superfluous new- prefix in AUDIT_LOGIN messages
2014-07-13 4:21 UTC (2+ messages)
[PATCH 0/3] [RFC] X32: fix syscall_get_nr while not breaking seccomp BPF
2014-07-11 23:12 UTC (22+ messages)
` [PATCH 1/3] [RFC] audit: add AUDIT_ARCH_X86_X32 arch definition
` [PATCH 2/3] [RFC] seccomp: give BPF x32 bit when restoring x32 filter
` [PATCH 3/3] [RFC] Revert "x86: remove the x32 syscall bitmask from syscall_get_nr()"
[PATCH v10 0/3] arm64: Add audit support
2014-07-10 10:08 UTC (9+ messages)
` [PATCH v10 1/3] arm64: Add __NR_* definitions for compat syscalls
` [PATCH v10 2/3] arm64: Add audit support
` [PATCH v10 3/3] arm64: audit: Add audit hook in syscall_trace_enter/exit()
[PATCH v2 0/2] Fix auditsc DoS and mark it BROKEN
2014-07-08 19:37 UTC (5+ messages)
` [PATCH v2 1/2] auditsc: audit_krule mask accesses need bounds checking
[PATCH 00/12] [V3] audit by executable name
2014-07-02 18:05 UTC (13+ messages)
` [PATCH 01/12] [V3] audit: implement audit by executable
` [PATCH 02/12] [V3] audit: clean simple fsnotify implementation
` [PATCH 03/12] [V3] audit: convert audit_exe to audit_fsnotify
` [PATCH 04/12] [V3] fixup! audit: clean simple fsnotify implementation
` [PATCH 05/12] [V3] fixup! audit: convert audit_exe to audit_fsnotify
` [PATCH 06/12] [V3] fixup! audit: clean simple fsnotify implementation
` [PATCH 07/12] [V3] audit: avoid double copying the audit_exe path string
` [PATCH 08/12] [V3] fixup! audit: convert audit_exe to audit_fsnotify
` [PATCH 09/12] [V3] fixup! audit: clean simple fsnotify implementation
` [PATCH 10/12] [V3] fixup! audit: implement audit by executable
` [PATCH 11/12] [V3] fixup! audit: clean simple fsnotify implementation
` [PATCH 12/12] "
[PATCH] TaskTracker : Simplified thread information tracker
2014-06-26 11:40 UTC (4+ messages)
[PATCH 00/14] audit by executable name
2014-06-25 20:19 UTC (21+ messages)
` [PATCH 01/14] audit: implement audit by executable
` [PATCH 02/14] audit: clean simple fsnotify implementation
` [PATCH 03/14] audit: convert audit_exe to audit_fsnotify
` [PATCH 04/14] fixup! "
` [PATCH 05/14] fixup! audit: clean simple fsnotify implementation
` [PATCH 06/14] audit: avoid double copying the audit_exe path string
` [PATCH 07/14] fixup! audit: convert audit_exe to audit_fsnotify
` [PATCH 08/14] fixup! audit: clean simple fsnotify implementation
` [PATCH 09/14] audit: put rule existence check in canonical order
` [PATCH 10/14] fixup! audit: implement audit by executable
` [PATCH 11/14] "
` [PATCH 12/14] fixup! audit: clean simple fsnotify implementation
` [PATCH 13/14] audit: continue fleshing out audit by exe
` [PATCH 14/14] audit: enable audit_get/put_mark()
[PATCH] userspace: audit: ausearch doesn't return entries for AppArmor events that exist in the log
2014-06-24 15:34 UTC (8+ messages)
Fwd: 3.15: kernel BUG at kernel/auditsc.c:1525!
2014-06-20 4:44 UTC
[oss-security] CVE request: Another Linux syscall auditing bug
2014-06-20 3:37 UTC
[PATCH] audit: fix dangling keywords in integrity ima message output
2014-06-19 2:23 UTC (3+ messages)
` [Linux-ima-user] "
auditing access to directories with restricted access
2014-06-18 11:54 UTC (4+ messages)
[PATCH] audit: use union for audit_field values since they are mutually exclusive
2014-06-17 22:17 UTC (2+ messages)
` [PATCH] fixup! "
aulast only displaying reboot pseudo-users
2014-06-17 16:30 UTC (18+ messages)
[PATCH] audit: use atomic_t to simplify audit_serial()
2014-06-16 19:56 UTC
[PATCH] audit: reduce scope of audit_log_fcaps
2014-06-16 19:55 UTC
[PATCH] audit: reduce scope of audit_net_id
2014-06-16 19:54 UTC
[PATCH] integrity: get comm using lock to avoid race in string printing
2014-06-15 2:45 UTC (11+ messages)
` oraphaned keywords in audit log text [was: Re: [PATCH] integrity: get comm using lock to avoid race in string] printing
` [Linux-ima-user] "
[PATCH 1/2] auditsc: audit_krule mask accesses need bounds checking
2014-06-10 15:48 UTC (16+ messages)
[GIT PULL] CVE-2014-3917
2014-06-09 23:11 UTC
One challenge for audit - seeking ideas
2014-06-09 20:17 UTC (4+ messages)
audit 2.3.7 released
2014-06-09 3:21 UTC (2+ messages)
Application audit through auditd
2014-06-04 22:20 UTC (2+ messages)
Need help, we are receiving type=SYSCALL with auid=unset event entries
2014-06-04 19:28 UTC (2+ messages)
` EXT :Need "
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox