* The default file for krb5_key_file is missing from the auditd.conf(5) manual
@ 2016-08-21 19:00 Mateusz Piotrowski
2016-08-21 19:49 ` Mateusz Piotrowski
2016-09-30 12:50 ` Steve Grubb
0 siblings, 2 replies; 3+ messages in thread
From: Mateusz Piotrowski @ 2016-08-21 19:00 UTC (permalink / raw)
To: linux-audit
Hello,
See this line[1]. It lacks the name of the default file.
As I don't know what the default file is I cannot submit a patch. Hopefully,
someone else can fix this file.
Cheers!
-Mateusz
[1]: https://github.com/linux-audit/audit-userspace/blob/master/docs/auditd.conf.5#L291
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: The default file for krb5_key_file is missing from the auditd.conf(5) manual
2016-08-21 19:00 The default file for krb5_key_file is missing from the auditd.conf(5) manual Mateusz Piotrowski
@ 2016-08-21 19:49 ` Mateusz Piotrowski
2016-09-30 12:50 ` Steve Grubb
1 sibling, 0 replies; 3+ messages in thread
From: Mateusz Piotrowski @ 2016-08-21 19:49 UTC (permalink / raw)
To: linux-audit
Hello,
On 21 Aug 2016, at 21:00, Mateusz Piotrowski <0mp@freebsd.org> wrote:
> See this line[1]. It lacks the name of the default file.
>
> [1]: https://github.com/linux-audit/audit-userspace/blob/master/docs/auditd.conf.5#L291
I was able to fix this man page. Here's the patch:
>From e0650ae46d13ea9e588d2552c83513c554cf52dd Mon Sep 17 00:00:00 2001
From: Mateusz Piotrowski <mpp302@gmail.com>
Date: Sun, 21 Aug 2016 21:42:00 +0200
Subject: [PATCH] Fix auditd man page.
Related to this email: [The default file for krb5_key_file is missing
from the auditd.conf(5) manual][1]
[1]: https://www.redhat.com/archives/linux-audit/2016-August/msg00056.html.
---
docs/auditd.conf.5 | 7 +++----
1 file changed, 3 insertions(+), 4 deletions(-)
diff --git a/docs/auditd.conf.5 b/docs/auditd.conf.5
index 026a58d..1546b34 100644
--- a/docs/auditd.conf.5
+++ b/docs/auditd.conf.5
@@ -29,7 +29,7 @@ The log format describes how the information should be stored on disk. There are
the audit records will be stored in a format exactly as the kernel sends it. The
.IR ENRICHED
option will resolve all uid, gid, syscall, architecture, and socket address information before writing the event to disk. This aids in making sense of events created on one system but reported/analized on another system.
-The
+The
.I NOLOG
option is now deprecated. If you were setting this format, now you should set
the write_logs option to no.
@@ -256,7 +256,7 @@ events. In this case you would increase the number only large enough to let it
in too.
.TP
.I use_libwrap
-This setting determines whether or not to use tcp_wrappers to discern connection attempts that are from allowed machines. Legal values are either
+This setting determines whether or not to use tcp_wrappers to discern connection attempts that are from allowed machines. Legal values are either
.IR yes ", or " no "
The default value is yes.
.TP
@@ -288,12 +288,11 @@ server's host, as returned by a DNS lookup of its IP address.
.I krb5_key_file
Location of the key for this client's principal.
Note that the key file must be owned by root and mode 0400.
-The default is
+The default is \fI/etc/audit/audit.key\fP.
.TP
.I distribute_network
If set to "yes", network originating events will be distributed to the audit
dispatcher for processing. The default is "no".
-.I /etc/audit/audit.key
.SH NOTES
In a CAPP environment, the audit trail is considered so important that access to system resources must be denied if an audit trail cannot be created. In this environment, it would be suggested that /var/log/audit be on its own partition. This is to ensure that space detection is accurate and that no other process comes along and consumes part of it.
--
2.9.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: The default file for krb5_key_file is missing from the auditd.conf(5) manual
2016-08-21 19:00 The default file for krb5_key_file is missing from the auditd.conf(5) manual Mateusz Piotrowski
2016-08-21 19:49 ` Mateusz Piotrowski
@ 2016-09-30 12:50 ` Steve Grubb
1 sibling, 0 replies; 3+ messages in thread
From: Steve Grubb @ 2016-09-30 12:50 UTC (permalink / raw)
To: linux-audit
On Sunday, August 21, 2016 9:00:31 PM EDT Mateusz Piotrowski wrote:
> Hello,
>
> See this line[1]. It lacks the name of the default file.
>
> As I don't know what the default file is I cannot submit a patch.
> Hopefully, someone else can fix this file.
I forgot to reply but this was fixed in the latest release. Looks like a copy
and paste hit the wrong line. Thanks for pointing this out.
-Steve
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2016-09-30 12:50 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-08-21 19:00 The default file for krb5_key_file is missing from the auditd.conf(5) manual Mateusz Piotrowski
2016-08-21 19:49 ` Mateusz Piotrowski
2016-09-30 12:50 ` Steve Grubb
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.