Support Home Communities Home   Search Today's Posts Mark Forums Read

 
 
LinkBack (1) Thread Tools Display Modes
Prev Previous Post   Next Post Next
  1 links from elsewhere to this Post. Click to view. #1  
Old 03-Dec-2007, 09:54 PM
CCC
NNTP User
  
Posts: n/a
Default About Apparmor's audit log format
I'm analyzing audit log generated by learning mode of Apparmor. Like under logs:

Jul 11 02:43:25 nanjing kernel: audit(1184147005.032:617870383):
PERMITTING mrw access to /var/opt/teradata/tdtemp/pdesegments3.dat
(actmain(20792) profile null-complain-profile active null-complain-profile)
Jul 11 02:43:25 nanjing kernel: audit(1184147005.036:617870384):
PERMITTING mrw access to /var/opt/teradata/tdtemp/pdesegments3.dat
(actmain(20792) profile null-complain-profile active null-complain-profile)

Why there is "null-complain-profile active" sometime and a absoulte path name of a executable file?
Thanks.
Reply With Quote
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

LinkBacks (?)
LinkBack to this Thread: http://forums.novell.com/novell-product-support-forums/apparmor/302143-about-apparmors-audit-log-format.html
Posted By For Type Date
[all variants] AppArmor Support Thread - Page 3 - Ubuntu Forums This thread Refback 16-Feb-2009 05:50 AM


All times are GMT -6. The time now is 11:55 AM.
Contact Us - NOVELL FORUMS - Archive - Privacy Statement - Top

© 2007 Novell, Inc. All Rights Reserved.

Search Engine Friendly URLs by vBSEO 3.3.0 RC2