Running auditd from Raspberry Pi (Raspbian)
Kangkook Jee
aixer77 at gmail.com
Fri Oct 23 23:16:40 UTC 2015
Hi, all
From my Raspberry Pi machine (running Debian Wheezy distribution), I could see the kernel is built with audit enabled, and I could manage to install user-space audit client with the following command.
pi at raspberrypi ~ $ sudo apt-get install auditd
However, when I tried to enable audit issuing the following commands it doesn’t seem to run properly.
pi at raspberrypi ~ $ sudo auditctl -l
No rules
pi at raspberrypi ~ $ sudo auditctl -a entry,always -S open
Error detecting machine type
pi at raspberrypi ~ $ sudo auditctl -a entry,always -F arch=armeb -S open
arch=armeb machine type not found
Can anyone tell me whether audit support ARM based linux systems?
Here’s my system information and thanks a lot for your help in advance!
pi at raspberrypi ~ $ sudo uname -a
Linux raspberrypi 3.18.11-v7+ #781 SMP PREEMPT Tue Apr 21 18:07:59 BST 2015 armv7l GNU/Linux
pi at raspberrypi ~ $ dpkg -l |grep audit
ii auditd 1:1.7.18-1.1 armhf User space tools for security auditing
ii libaudit0 1:1.7.18-1.1 armhf Dynamic library for security auditing
Regards, Kangkook
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20151023/e9d7bd13/attachment.htm>
More information about the Linux-audit
mailing list