[RFC][PATCH] collect security labels on user processes generating audit messages

Steve Grubb sgrubb at redhat.com
Wed Feb 15 18:14:34 UTC 2006

Previous message (by thread): [RFC][PATCH] collect security labels on user processes generating audit messages
Next message (by thread): [RFC][PATCH] collect security labels on user processes generating audit messages
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wednesday 15 February 2006 12:17, Linda Knippers wrote:
> How can I tell from the audit records that the file name was "(null)"
> vs. having "(null)" manufactured by the audit system?

ls -i "(null)"

and then compare inode values.

-Steve

Previous message (by thread): [RFC][PATCH] collect security labels on user processes generating audit messages
Next message (by thread): [RFC][PATCH] collect security labels on user processes generating audit messages
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Linux-audit mailing list