Searched refs:audit (Results 1 – 25 of 180) sorted by relevance
12345678
1 type=AVC msg=audit(1162850331.422:978): avc: denied { ioctl } for pid=6314 comm="pam_timestamp_c…2 type=SYSCALL msg=audit(1162850331.422:978): arch=40000003 syscall=54 success=no exit=-22 a0=2 a1=54…3 type=AVC_PATH msg=audit(1162850331.422:978): path="pipe:[96391]"4 type=AVC msg=audit(1162850332.318:979): avc: denied { read } for pid=6306 comm="beagled" name=".…5 type=SYSCALL msg=audit(1162850332.318:979): arch=40000003 syscall=33 success=yes exit=0 a0=bfdb2fde…6 type=AVC msg=audit(1162850333.186:980): avc: denied { read } for pid=6306 comm="beagled" name="m…7 type=SYSCALL msg=audit(1162850333.186:980): arch=40000003 syscall=5 success=yes exit=24 a0=11833c a…8 type=AVC msg=audit(1162850335.022:981): avc: denied { read write } for pid=6336 comm="clock-appl…9 type=SYSCALL msg=audit(1162850335.022:981): arch=40000003 syscall=5 success=yes exit=13 a0=9c0e840 …10 type=AVC msg=audit(1162850335.022:982): avc: denied { lock } for pid=6336 comm="clock-applet" na…[all …]
1 type=USER_AVC msg=audit(1163772866.369:8084): user pid=6659 uid=81 auid=500 subj=staff_u:staff_r:st…2 type=USER_AVC msg=audit(1163772866.437:8085): user pid=6659 uid=81 auid=500 subj=staff_u:staff_r:st…3 type=USER_AVC msg=audit(1163772866.449:8086): user pid=6659 uid=81 auid=500 subj=staff_u:staff_r:st…4 type=USER_AVC msg=audit(1163772866.449:8087): user pid=6659 uid=81 auid=500 subj=staff_u:staff_r:st…5 type=USER_AVC msg=audit(1163772866.449:8088): user pid=6659 uid=81 auid=500 subj=staff_u:staff_r:st…6 type=USER_AVC msg=audit(1163772866.453:8089): user pid=6659 uid=81 auid=500 subj=staff_u:staff_r:st…7 type=USER_AVC msg=audit(1163772866.453:8090): user pid=6659 uid=81 auid=500 subj=staff_u:staff_r:st…8 type=USER_AVC msg=audit(1163772866.453:8091): user pid=6659 uid=81 auid=500 subj=staff_u:staff_r:st…9 type=USER_AVC msg=audit(1163772866.453:8092): user pid=6659 uid=81 auid=500 subj=staff_u:staff_r:st…10 type=USER_AVC msg=audit(1163772866.453:8093): user pid=6659 uid=81 auid=500 subj=staff_u:staff_r:st…[all …]
1 type=AVC msg=audit(1158584779.745:708): avc: denied { dac_read_search } for pid=8132 comm="sh" c…2 type=SYSCALL msg=audit(1158584779.745:708): arch=40000003 syscall=195 success=no exit=-13 a0=80d243…3 type=AVC msg=audit(1158584779.753:709): avc: denied { dac_override } for pid=8133 comm="vpnc-scr…4 type=AVC msg=audit(1158584779.753:709): avc: denied { dac_read_search } for pid=8133 comm="vpnc-…5 type=SYSCALL msg=audit(1158584779.753:709): arch=40000003 syscall=195 success=no exit=-13 a0=80d243…6 type=AVC msg=audit(1158584779.825:710): avc: denied { dac_override } for pid=8134 comm="vpnc-scr…7 type=AVC msg=audit(1158584779.825:710): avc: denied { dac_read_search } for pid=8134 comm="vpnc-…8 type=SYSCALL msg=audit(1158584779.825:710): arch=40000003 syscall=195 success=no exit=-13 a0=80d243…9 type=AVC msg=audit(1158584780.793:711): avc: denied { dac_override } for pid=8144 comm="sh" capa…10 type=AVC msg=audit(1158584780.793:711): avc: denied { dac_read_search } for pid=8144 comm="sh" c…[all …]
21 import sepolgen.audit61 avc = sepolgen.audit.AVCMessage(audit1)69 avc = sepolgen.audit.AVCMessage(granted1)90 avc = sepolgen.audit.AVCMessage(audit1)114 avc = sepolgen.audit.AVCMessage(audit2)138 path = sepolgen.audit.PathMessage(path1)150 a = sepolgen.audit.AuditParser()159 a = sepolgen.audit.AuditParser()167 a = sepolgen.audit.AuditParser()177 parser = sepolgen.audit.AuditParser()[all …]
1 node=bill.example.com type=AVC_PATH msg=audit(1166045975.667:1128): path="/usr/lib/libGL.so.1.2"2 type=AVC msg=audit(1166045975.667:1129): avc: denied { write } for comm=local dev=dm-0 name=root.lo…3 …audit(1166111074.191:74): item=0 name="/etc/auto.net" inode=16483485 dev=fd:00 mode=0100755 ouid=0…4 node=bob.example.com type=SYSCALL msg=audit(1166111074.191:74): arch=40000003 syscall=33 success=no…5 node=bob.example.com type=AVC msg=audit(1166111074.191:74): avc: denied { execute } for pid=1394…6 node=james.example.com type=SYSCALL msg=audit(1165963069.244:851): arch=40000003 syscall=102 succes…7 node=james.example.com type=AVC msg=audit(1165963069.244:851): avc: denied { name_bind } for pid…8 node=tom.example.com type=SYSCALL msg=audit(1165963069.244:852): arch=40000003 syscall=102 success=…9 node=tom.example.com type=AVC msg=audit(1165963069.244:852): avc: denied { name_connect } for pi…10 node=mary.example.com type=SYSCALL msg=audit(1166023021.373:910): arch=40000003 syscall=12 success=…[all …]
25 import sepolgen.audit as audit namespace97 if options.audit is True or options.boot:129 parser = audit.AuditParser(last_load_only=self.__options.lastreload)139 messages = audit.get_dmesg_msgs()140 elif self.__options.audit:142 messages = audit.get_audit_msgs()148 messages = audit.get_audit_boot_msgs()175 avcfilter = audit.AVCTypeFilter(self.__options.type)177 csfilter = audit.ComputeSidTypeFilter(self.__options.type)
39 other access vectors - this forms the backbone of how we turn audit56 Audit Messages (sepolgen.audit)60 audit system. This is not a general purpose audit parsing library - it68 deliberately only loosely coupled to the audit parsing to allow
25 * audit.py: Handle times in foreign locals for audit2allow -b40 * audit.py Dont crash if empty data is passed to sepolgen136 * Merged support for parsing USER_AVC audit messages from Karl MacMillan.
1 This target allows to create audit records for packets hitting the target.6 Set type of audit record.
45 /usr/lib64/audit/sotruss-lib.so47 /usr/lib/audit/sotruss-lib.so
12 9 audit
1 /* linux used to have linux/elf-em.h out of sync with linux/audit.h */
9 gulp-audit: 1.0.0
207 audit-bsm.c \208 audit-linux.c \209 audit.c \
10 /* System only supports IPv4 audit records */249 /* Define to 1 if you have the <bsm/audit.h> header file. */718 /* Define to 1 if you have the <linux/audit.h> header file. */1142 /* Define to 1 if you have the <sys/audit.h> header file. */1575 /* Use audit debugging module */1620 /* Use BSM audit module */1629 /* Use Linux audit module */1657 /* Define if you want IRIX audit trails */
79 The BSM audit event range available for third party TCB applications is
14 test, but for now this test serves as a reminder to audit all the callers if
5 yum install audit-libs-devel bison bzip2-devel dbus-devel dbus-glib-devel flex flex-devel flex-stat…
127 This example will log an audit event whenever the corresponding [`allow`](cil_access_vector_rules.m…137 Do not audit the access rights defined when access denied. This stops excessive log entries for kno…175 This example will not audit the denied access:323 This example will log an audit event whenever the corresponding [`allowx`](cil_access_vector_rules.…333 Do not audit the access rights defined when access denied. This stops excessive log entries for kno…371 This example will not audit the denied access:
919 || s_attributes[sessionIndex].audit in RetrieveSessionData()985 if(s_attributes[sessionIndex].audit) in RetrieveSessionData()1330 if(s_attributes[sessionIndex].audit) in ParseSessionBuffer()1346 if( s_attributes[sessionIndex].audit == CLEAR in ParseSessionBuffer()1623 if(s_attributes[i].audit == SET) in UpdateAuditSessionStatus()
15 17) find others to audit it - we need more eyes!
9 "Project-Id-Version: audit-viewer\n"896 #~ msgid "<b>_System audit log</b>"1166 #~ msgid "Start an audit event viewer."1170 #~ "do not attempt to start the privileged backend for reading system audit "1176 #~ msgid "Error running audit-viewer-server: %s"1177 #~ msgstr "Fehler beim Laufenlassen von audit-viewer-server: %s"1195 #~ msgid "Error reading audit events: %s"1301 #~ "This program is only for use by audit-viewer and it should not be run "1304 #~ "Dieses Programm ist nur für die Benutzung durch audit-viewer und es "1448 #~ msgid "View audit logs"
7 custom DBUS protocol were reviewed, but deemed too difficult to audit, and