[redhat-lspp] audit records when specifying an invalid context at ssh login
Tomas Mraz
tmraz at redhat.com
Thu Feb 8 13:47:46 UTC 2007
On Wed, 2007-02-07 at 21:37 -0200, Klaus Heinrich Kiwi wrote:
...
> Note that, from the above, we can't tell that a user was trying to access an
> invalid context (and what context). Same thing happens when the user
> successfully logs-in using a non-default role/level - no audit record
> telling what kind of transition was made.
>
> In previous refreshes, we needed to use 'newrole' and both success and
> failures were audited as 'USER_ROLE_CHANGE' records.
>
> I must ask: is this the expected behavior and is this ok with the
> certification requirements?
What is your openssh version-release installed?
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
More information about the redhat-lspp
mailing list