What is Auditing support?
I'm trying to configure a 2.6 kernel (2.6.12.3 to be exact) and one of the first options to configure is auditing support. I've done some searching on the net to figure out exactly what it is and if I need it. My searches were unsuccessful and the description given from the menu
Quote:
Maybe this is just a minor option considering I have quite a few more left to configure, but I've already compiled the kernel a few times now and was unsuccessful so I decided to figure out as best possible exactly what each option means. I guess my next question is: What should I do when I can't figure out what an option does even after reading some docs and doing some searches? Is this the best place to come. Thanks, Beezer |
Auditing is logging of all accesses and modifications of files. Logging is required for high-security systems as an audit trail to make sure only the authorized when they should.
It slows down your system and usually isn't necessary unless your business requires it. |
I'd suggest searching the archives of the Linux kernel mailing list, personally (there are links on www.kernel.org). IIRC this option also allows auditing of system calls made by processes, which can be useful if you have something like SELinux which can use it.
|
All times are GMT -5. The time now is 08:37 AM. |