Linux-audit Archive on lore.kernel.org
 help / color / Atom feed
Auditd is not turning off the system on (RHEL7.+)
 2020-10-15 10:46 UTC  (6+ messages) - mbox.gz / Atom

How to confirm AUDITD is immutable
 2020-10-14 18:44 UTC  (2+ messages) - mbox.gz / Atom

[GIT PULL] Audit patches for v5.10
 2020-10-13 23:49 UTC  (4+ messages) - mbox.gz / Atom

[PATCH v21 00/23] LSM: Module stacking for AppArmor
 2020-10-12 20:19 UTC  (24+ messages) - mbox.gz / Atom
  ` [PATCH v21 01/23] LSM: Infrastructure management of the sock security
  ` [PATCH v21 02/23] LSM: Create and manage the lsmblob data structure
  ` [PATCH v21 03/23] LSM: Use lsmblob in security_audit_rule_match
  ` [PATCH v21 04/23] LSM: Use lsmblob in security_kernel_act_as
  ` [PATCH v21 05/23] LSM: Use lsmblob in security_secctx_to_secid
  ` [PATCH v21 06/23] LSM: Use lsmblob in security_secid_to_secctx
  ` [PATCH v21 07/23] LSM: Use lsmblob in security_ipc_getsecid
  ` [PATCH v21 08/23] LSM: Use lsmblob in security_task_getsecid
  ` [PATCH v21 09/23] LSM: Use lsmblob in security_inode_getsecid
  ` [PATCH v21 10/23] LSM: Use lsmblob in security_cred_getsecid
  ` [PATCH v21 11/23] IMA: Change internal interfaces to use lsmblobs
  ` [PATCH v21 12/23] LSM: Specify which LSM to display
  ` [PATCH v21 13/23] LSM: Ensure the correct LSM context releaser
  ` [PATCH v21 14/23] LSM: Use lsmcontext in security_secid_to_secctx
  ` [PATCH v21 15/23] LSM: Use lsmcontext in security_inode_getsecctx
  ` [PATCH v21 16/23] LSM: security_secid_to_secctx in netlink netfilter
  ` [PATCH v21 17/23] NET: Store LSM netlabel data in a lsmblob
  ` [PATCH v21 18/23] LSM: Verify LSM display sanity in binder
  ` [PATCH v21 19/23] audit: add support for non-syscall auxiliary records
  ` [PATCH v21 20/23] Audit: Add new record for multiple process LSM attributes
  ` [PATCH v21 21/23] Audit: Add a new record for multiple object "
  ` [PATCH v21 22/23] LSM: Add /proc attr entry for full LSM context
  ` [PATCH v21 23/23] AppArmor: Remove the exclusive flag

Identifying thread/process termination
 2020-10-09  1:12 UTC  (7+ messages) - mbox.gz / Atom

auditing signals
 2020-10-08  0:55 UTC  (2+ messages) - mbox.gz / Atom

[PATCH ghak90 V9 00/13] audit: implement container identifier
 2020-10-06 20:03 UTC  (24+ messages) - mbox.gz / Atom
` [PATCH ghak90 V9 02/13] audit: add container id
` [PATCH ghak90 V9 05/13] audit: log container info of syscalls
` [PATCH ghak90 V9 06/13] audit: add contid support for signalling the audit daemon
` [PATCH ghak90 V9 08/13] audit: add containerid support for user records
` [PATCH ghak90 V9 11/13] audit: contid check descendancy and nesting

[PATCH 2/3] fanotify: define bit map fields to hold response decision context
 2020-10-01 20:33 UTC  (4+ messages) - mbox.gz / Atom

[PATCH 1/3] fanotify: Ensure consistent variable type for response
 2020-10-01  9:49 UTC  (2+ messages) - mbox.gz / Atom

[PATCH 3/3] fanotify: Allow audit to use the full permission event response
 2020-09-30 16:12 UTC  - mbox.gz / Atom

[PATCH 0/3] fanotify: Allow user space to pass back additional audit info
 2020-09-30 16:12 UTC  - mbox.gz / Atom

[PATCH ghak120 V5] audit: trigger accompanying records when no rules present
 2020-09-23 17:47 UTC  (4+ messages) - mbox.gz / Atom

augenrules --load
 2020-09-22 17:06 UTC  (2+ messages) - mbox.gz / Atom

[[PATCH V4]] audit: trigger accompanying records when no rules present
 2020-09-22 12:43 UTC  (5+ messages) - mbox.gz / Atom

[PATCH AUTOSEL 4.4 24/64] audit: CONFIG_CHANGE don't log internal bookkeeping as an event
 2020-09-18  2:16 UTC  - mbox.gz / Atom

[PATCH AUTOSEL 4.9 34/90] audit: CONFIG_CHANGE don't log internal bookkeeping as an event
 2020-09-18  2:13 UTC  - mbox.gz / Atom

[PATCH AUTOSEL 4.14 043/127] audit: CONFIG_CHANGE don't log internal bookkeeping as an event
 2020-09-18  2:10 UTC  - mbox.gz / Atom

[PATCH AUTOSEL 4.19 072/206] audit: CONFIG_CHANGE don't log internal bookkeeping as an event
 2020-09-18  2:05 UTC  - mbox.gz / Atom

[PATCH AUTOSEL 5.4 120/330] audit: CONFIG_CHANGE don't log internal bookkeeping as an event
 2020-09-18  1:57 UTC  - mbox.gz / Atom

[PATCH v20 00/23] LSM: Module stacking for AppArmor
 2020-09-10 14:11 UTC  (63+ messages) - mbox.gz / Atom
  ` [PATCH v20 01/23] LSM: Infrastructure management of the sock security
  ` [PATCH v20 02/23] LSM: Create and manage the lsmblob data structure
  ` [PATCH v20 03/23] LSM: Use lsmblob in security_audit_rule_match
  ` [PATCH v20 04/23] LSM: Use lsmblob in security_kernel_act_as
  ` [PATCH v20 05/23] net: Prepare UDS for security module stacking
  ` [PATCH v20 06/23] LSM: Use lsmblob in security_secctx_to_secid
  ` [PATCH v20 07/23] LSM: Use lsmblob in security_secid_to_secctx
  ` [PATCH v20 08/23] LSM: Use lsmblob in security_ipc_getsecid
  ` [PATCH v20 09/23] LSM: Use lsmblob in security_task_getsecid
  ` [PATCH v20 10/23] LSM: Use lsmblob in security_inode_getsecid
  ` [PATCH v20 11/23] LSM: Use lsmblob in security_cred_getsecid
  ` [PATCH v20 12/23] IMA: Change internal interfaces to use lsmblobs
  ` [PATCH v20 13/23] LSM: Specify which LSM to display
  ` [PATCH v20 14/23] LSM: Ensure the correct LSM context releaser
  ` [PATCH v20 15/23] LSM: Use lsmcontext in security_secid_to_secctx
  ` [PATCH v20 16/23] LSM: Use lsmcontext in security_inode_getsecctx
  ` [PATCH v20 17/23] LSM: security_secid_to_secctx in netlink netfilter
  ` [PATCH v20 18/23] NET: Store LSM netlabel data in a lsmblob
  ` [PATCH v20 19/23] LSM: Verify LSM display sanity in binder
  ` [PATCH v20 20/23] Audit: Add new record for multiple process LSM attributes
  ` [PATCH v20 21/23] Audit: Add a new record for multiple object "
  ` [PATCH v20 22/23] LSM: Add /proc attr entry for full LSM context
  ` [PATCH v20 23/23] AppArmor: Remove the exclusive flag

-F perm in audit rules
 2020-09-09 18:03 UTC  (2+ messages) - mbox.gz / Atom

Security Auditd Config for Enterprises
 2020-09-04 15:41 UTC  (3+ messages) - mbox.gz / Atom

[RFC] Tamper Evident Logging on Linux Audit
 2020-08-29 15:42 UTC  (2+ messages) - mbox.gz / Atom

[PATCH] audit: Remove redundant null check
 2020-08-26 13:29 UTC  (2+ messages) - mbox.gz / Atom

Administrivia
 2020-08-21 22:03 UTC  (3+ messages) - mbox.gz / Atom

[audit] c4dad0aab3: canonical_address#:#[##]
 2020-08-18  1:10 UTC  (3+ messages) - mbox.gz / Atom
  ` [LKP] "

[RESEND PATCH 1/2] audit: change unnecessary globals into statics
 2020-08-18  0:38 UTC  (6+ messages) - mbox.gz / Atom
` [RESEND PATCH 2/2] audit: uninitialize variable audit_sig_sid

[RFC PATCH v5 00/11] Integrity Policy Enforcement LSM (IPE)
 2020-08-14 14:21 UTC  (42+ messages) - mbox.gz / Atom
      ` [dm-devel] "

[PATCH] field-dictionary.csv: Add errno to audit message field dictionary
 2020-08-12  0:53 UTC  (2+ messages) - mbox.gz / Atom

[GIT PULL] Audit patches for v5.9
 2020-08-04 21:40 UTC  (2+ messages) - mbox.gz / Atom

page: 

Linux-audit Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-audit/0 linux-audit/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-audit linux-audit/ https://lore.kernel.org/linux-audit \
		linux-audit@redhat.com
	public-inbox-index linux-audit

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/com.redhat.linux-audit


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git