Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Newbie
User Name
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!


  Search this Thread
Old 08-03-2005, 10:51 AM   #1
LQ Newbie
Registered: Jun 2005
Distribution: Fedora Core 10
Posts: 19

Rep: Reputation: 0
What is Auditing support?

I'm trying to configure a 2.6 kernel ( to be exact) and one of the first options to configure is auditing support. I've done some searching on the net to figure out exactly what it is and if I need it. My searches were unsuccessful and the description given from the menu

Enable auditing infrastructure that can be used with another
kernel subsystem, such as SELinux (which requires this for
logging of avc messages output). Does not do system-call
auditing without CONFIG_AUDITSYSCALL
didn't help that much. What is the "auditing infrastructure" ? Do I need it?

Maybe this is just a minor option considering I have quite a few more left to configure, but
I've already compiled the kernel a few times now and was unsuccessful so I decided to figure out as best possible exactly what each option means.

I guess my next question is: What should I do when I can't figure out what an option does even after reading some docs and doing some searches? Is this the best place to come.

Old 08-03-2005, 11:14 AM   #2
Kdr Kane
Registered: Jan 2005
Distribution: SUSE, LFS
Posts: 357

Rep: Reputation: 30
Auditing is logging of all accesses and modifications of files. Logging is required for high-security systems as an audit trail to make sure only the authorized when they should.

It slows down your system and usually isn't necessary unless your business requires it.
Old 08-03-2005, 08:33 PM   #3
Senior Member
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,284

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
I'd suggest searching the archives of the Linux kernel mailing list, personally (there are links on IIRC this option also allows auditing of system calls made by processes, which can be useful if you have something like SELinux which can use it.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Auditing Services dollaz Linux - General 1 02-17-2005 03:31 PM
Network Auditing.... againstms Linux - Software 0 11-22-2004 04:17 AM
File Auditing Software earlybird_66 Linux - Software 0 10-13-2004 02:48 PM
user auditing tools cyph3r7 Linux - Security 9 12-24-2003 09:26 AM
Print Auditing fjw999 Linux - Software 0 07-25-2003 04:14 AM > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 06:44 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration