LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
LinkBack Search this Thread
Old 08-03-2005, 10:51 AM   #1
Beezer
LQ Newbie
 
Registered: Jun 2005
Distribution: Fedora Core 10
Posts: 19

Rep: Reputation: 0
What is Auditing support?


I'm trying to configure a 2.6 kernel (2.6.12.3 to be exact) and one of the first options to configure is auditing support. I've done some searching on the net to figure out exactly what it is and if I need it. My searches were unsuccessful and the description given from the menu

Quote:
Enable auditing infrastructure that can be used with another
kernel subsystem, such as SELinux (which requires this for
logging of avc messages output). Does not do system-call
auditing without CONFIG_AUDITSYSCALL
didn't help that much. What is the "auditing infrastructure" ? Do I need it?

Maybe this is just a minor option considering I have quite a few more left to configure, but
I've already compiled the kernel a few times now and was unsuccessful so I decided to figure out as best possible exactly what each option means.

I guess my next question is: What should I do when I can't figure out what an option does even after reading some docs and doing some searches? Is this the best place to come.

Thanks,
Beezer
 
Old 08-03-2005, 11:14 AM   #2
Kdr Kane
Member
 
Registered: Jan 2005
Distribution: SUSE, LFS
Posts: 357

Rep: Reputation: 30
Auditing is logging of all accesses and modifications of files. Logging is required for high-security systems as an audit trail to make sure only the authorized when they should.

It slows down your system and usually isn't necessary unless your business requires it.
 
Old 08-03-2005, 08:33 PM   #3
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 3,996

Rep: Reputation: 261Reputation: 261Reputation: 261
I'd suggest searching the archives of the Linux kernel mailing list, personally (there are links on www.kernel.org). IIRC this option also allows auditing of system calls made by processes, which can be useful if you have something like SELinux which can use it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Auditing Services dollaz Linux - General 1 02-17-2005 03:31 PM
Network Auditing.... againstms Linux - Software 0 11-22-2004 04:17 AM
File Auditing Software earlybird_66 Linux - Software 0 10-13-2004 02:48 PM
user auditing tools cyph3r7 Linux - Security 9 12-24-2003 09:26 AM
Print Auditing fjw999 Linux - Software 0 07-25-2003 04:14 AM


All times are GMT -5. The time now is 09:45 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration