audit in jail
George Mamalakis
mamalos at eng.auth.gr
Fri Mar 2 16:17:38 UTC 2012
Ah!
And one more thing with respect to this issue. Since I realized that
probably I won't be able to run audit within a jail, I tried to continue
with my work from outside the jail. What I need is to audit some system
users (like www) inside my jails and do stuff with their audit trails.
In order to be able to audit www's actions, I downloaded setaudit from
http://www.freebsd.org/~csjp/setaudit.c which allows this functionality.
setaudit works fine from outside my jails, but when I run it from within
a jail, I get the following error again:
[root at in-jail] # setaudit -awww -mfr /bin/ls
setaudit: setaudit_addr: Function not implemented
Is there, at least, some
easy/secure/not-whole-system-configuration-changing way to start apache
from within a jail to be able to audit his actions from outside the jail?
Thank you all in advance, once more.
--
George Mamalakis
IT and Security Officer
Electrical and Computer Engineer (Aristotle Un. of Thessaloniki),
MSc (Imperial College of London)
Department of Electrical and Computer Engineering
Faculty of Engineering
Aristotle University of Thessaloniki
phone number : +30 (2310) 994379
More information about the freebsd-stable
mailing list