explanation/translation of auditd exit codes
Vaughn, Chad M
chad.m.vaughn at lmco.com
Wed May 1 19:05:31 UTC 2013
All,
Is there a listing somewhere that explains what various exit codes in auditd are?
For example, we are getting some exit=-17 entries in our logs, and we have narrowed it down to an init script that tries to create a directory that already exists.
So, we are pretty sure exit=-17 means that a directory already exits.
It would be nice if we knew all codes and their translation, whether it be exit=-2, exit=-22, exit=-6, or exit=-17 and so on.
I have yet to find that explained anywhere. Any info would be greatly appreciated and would help us fine tune our audit.rules file.
Chad Vaughn
More information about the Linux-audit
mailing list