Searched refs:audit (Results 1 – 25 of 26) sorted by relevance
12
| /system/core/logd/ |
| D | README.auditd | 3 The audit daemon is a simplified version of its desktop
4 counterpart designed to gather the audit logs from the
5 audit kernel subsystem. The audit subsystem of the kernel
8 To enable the audit subsystem, you must add this to your
|
| D | LogAudit.cpp | 431 char* audit = strstr(buf, " audit("); in log() local
432 if (!audit || (audit >= &buf[len])) { in log()
436 *audit = '\0'; in log()
441 rc = logPrint("%s %s", type, audit + 1); in log()
443 rc = logPrint("%s", audit + 1); in log()
445 *audit = ' '; in log()
|
| D | README.property | 4 ro.logd.auditd bool true Enable selinux audit daemon
5 ro.logd.auditd.dmesg bool true selinux audit messages sent to dmesg.
6 ro.logd.auditd.main bool true selinux audit messages sent to main.
7 ro.logd.auditd.events bool true selinux audit messages sent to events.
|
| /system/sepolicy/vendor/ |
| D | hal_wifi_supplicant_default.te | 23 # Write to security logs for audit.
|
| /system/sepolicy/prebuilts/api/27.0/private/ |
| D | dexoptanalyzer.te | 25 # "dontaudit...audit_access" policy line to suppress the audit access without
|
| /system/sepolicy/prebuilts/api/28.0/private/ |
| D | dexoptanalyzer.te | 25 # "dontaudit...audit_access" policy line to suppress the audit access without
|
| /system/sepolicy/private/ |
| D | dexoptanalyzer.te | 27 # "dontaudit...audit_access" policy line to suppress the audit access without
|
| /system/sepolicy/prebuilts/api/29.0/private/ |
| D | dexoptanalyzer.te | 27 # "dontaudit...audit_access" policy line to suppress the audit access without
|
| /system/sepolicy/prebuilts/api/26.0/public/ |
| D | crash_dump.te | 13 # which will result in an audit log even when it's allowed to trace.
|
| D | init.te | 336 # Send an SELinux userspace denial to the kernel audit subsystem,
|
| /system/sepolicy/prebuilts/api/27.0/public/ |
| D | crash_dump.te | 13 # which will result in an audit log even when it's allowed to trace.
|
| D | init.te | 341 # Send an SELinux userspace denial to the kernel audit subsystem,
|
| /system/sepolicy/prebuilts/api/28.0/public/ |
| D | crash_dump.te | 5 # which will result in an audit log even when it's allowed to trace.
|
| D | property.te | 142 # Don't audit legacy ctl. property handling. We only want the newer permission check to appear
143 # in the audit log
|
| D | init.te | 412 # Send an SELinux userspace denial to the kernel audit subsystem,
|
| /system/sepolicy/public/ |
| D | crash_dump.te | 5 # which will result in an audit log even when it's allowed to trace.
|
| D | property.te | 176 # Don't audit legacy ctl. property handling. We only want the newer permission check to appear
177 # in the audit log
|
| D | attributes | 49 # This attribute is used to audit access to proc_net. it is temporary and will
|
| D | init.te | 473 # Send an SELinux userspace denial to the kernel audit subsystem,
|
| D | app.te | 195 # audit access for all these non-core app domains.
|
| /system/sepolicy/prebuilts/api/29.0/public/ |
| D | crash_dump.te | 5 # which will result in an audit log even when it's allowed to trace.
|
| D | property.te | 176 # Don't audit legacy ctl. property handling. We only want the newer permission check to appear
177 # in the audit log
|
| D | attributes | 49 # This attribute is used to audit access to proc_net. it is temporary and will
|
| D | init.te | 473 # Send an SELinux userspace denial to the kernel audit subsystem,
|
| /system/sepolicy/tools/sepolicy-analyze/ |
| D | README | 18 conditional rules, audit-related rules (auditallow or dontaudit),
|
12