auditing for RHEL ES4
Bill Tangren
bjt at usno.navy.mil
Fri Nov 16 16:15:30 UTC 2007
On DATE, the author spaketh: Kevin Boyce
> Oops, don't forget to recompile, and then the "rpm -Uhv"
>
> On Fri, 2007-11-16 at 11:11 -0500, Kevin Boyce wrote:
>
>> I would download the source rpms, make your changes, change the
>> version, and use the "rpm -Uhv" to upgrade existing packages.
>>
>> Kevin Boyce
>> Northrop Grumman Corp.
Which sources? The source for the code I'm using now, or the latest
tarball? And which changes? And where do I get the latest tarball? I did
some googling, but didn't find anything that was obviously what I should
use.
>>
>>
>> On Fri, 2007-11-16 at 10:54 -0500, Bill Tangren wrote:
>>
>> > I'm running RHEL ES 4 servers, and am having difficulty with aureport.
>> I'm
>> > using audit version 1.0.15-3, the one that comes with the OS. The
>> problem
>> > is that I need daily reports, and it is not doing it. The reports
>> always
>> > cover the entire range of available logs (sometimes gigabytes of
>> data).
>> > The reports can take a LONG time to compile, and it doesn't give me
>> the
>> > daily snapshot I need. I'm thinking of installing the latest tarball
>> and
>> > compiling, as I understand more recent versions of aureport have
>> > implemented time limits. [I've emailed this list before about this.]
>> >
>> > My question now is, is it possible to uninstall the prepackaged audit
>> and
>> > audit-lib, and install the latest from source, without seriously
>> hosing my
>> > system?
>> >
>> > TIA,
>> >
>> >
>>
>> --
>> Linux-audit mailing list
>> Linux-audit at redhat.com
>> https://www.redhat.com/mailman/listinfo/linux-audit
>
--
Bill Tangren
U.S. Naval Observatory
More information about the Linux-audit
mailing list