[redhat-lspp] Re: audit records when specifying an invalid context at ssh login
Tomas Mraz
tmraz at redhat.com
Thu Feb 8 17:37:45 UTC 2007
On Thu, 2007-02-08 at 14:09 -0200, Klaus Heinrich Kiwi wrote:
> Tomas Mraz wrote:
>
> >> I must ask: is this the expected behavior and is this ok with the
> >> certification requirements?
> > What is your openssh version-release installed?
> >
>
> [abat at alex ~]$ rpm -qa | grep ssh
> openssh-clients-4.3p2-16.el5
> openssh-4.3p2-16.el5
> openssh-server-4.3p2-16.el5
> [abat at alex ~]$
Yes, that's the current one. We actually audit just the case when user
requests a level change, not the role change. We also do not audit the
case where the requested level is invalid. There is just a message
in /var/log/secure for that case.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
More information about the redhat-lspp
mailing list