[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [RFC][PATCH] collect security labels on user processes generating audit messages



On Wednesday 15 February 2006 12:17, Linda Knippers wrote:
> type=PATH msg=audit(1140192875.311:3789): name="(null)" flags=1
> inode=6537222 dev=fd:01 mode=0100664 ouid=501 ogid=501 rdev=00:00

Wait a second...notice the quote marks around (null). When you have a genuine 
(null) they are not there.

type=PATH msg=audit(02/14/2006 08:54:27.096:24) : item=1 name=(null) 
inode=34681 dev=03:06 mode=dir,700 ouid=root ogid=root rdev=00:00 
obj=system_u:object_r:automount_tmp_t:s0


-Steve


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]