Auditing has moved in Redhat V4

Robert Walker_8 · ‎07-19-2005

Hi,

Have been trying to set up a system configuration - which will use Auditing. We worked out in V3 etc that we could implement auditing and use aucat to get details from the Audit subsystem. We also we caught on the fact that auditing was generating 20mb a day audit logs and filling up var.

However, moving to RHEL4 aucat and audit are gone - replaced by auditctl and of course SELinux. Anyone got some details on this.

Would much appreciate.

Rob.

Steven E. Protter · ‎07-20-2005

They kind of pulled support and went to a different product on you, without adequate notice.

SELINUX will prevent you if active from doing things like having a httpd server thats no based in the /var filesystem. I generally turn it off or put it into warning mode on my RH/Centos boxes.

You are kind of stuck, probably needing to learn this new product which will probably have some similarities to the old product.

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Robert Walker_8 · ‎07-21-2005

Thanks,

Ok now what do most Linux sys admins do about tracking what happened where when who and how.

Under T64 and OpenVMS you can track down to whoes opening files etc.

This used to exist in V3 U4 but as I mentioned it has now gone?

Robert.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Auditing has moved in Redhat V4

Auditing has moved in Redhat V4

Re: Auditing has moved in Redhat V4

Re: Auditing has moved in Redhat V4