woensdag 5 december 2007

Auditadm Role

The administrator should assume the appropriate role when performing a task. If the administrator wants to define what is being audited than he should assume the auditadm_r and execute auditctl. This will avoid unnecessary errors.

/etc/audit/audit.rules
The audit documentation directory can be found at:
/usr/share/doc/audit-*

Geen opmerkingen: