ccs-auditd(8) TOMOYO Linux's auditing daemon

SYNOPSIS

ccs-auditd location_to_save_grant_log location_to_save_reject_log [remote_ip:remote_port]

DESCRIPTION

This program reads access request logs from kernel and writes to specified location.

By running this program upon startup, you can save access logs which violated domain_policy (reject_log) and access logs which didn't violate domain_policy (grant_log) in domain_policy file's format.

You may specify /dev/null as location to save logs. But in that case, you should set PREFERENCE::audit={ max_grant_log=0 } and/or PREFERENCE::audit={ max_reject_log=0 } in profile configuration ( /etc/ccs/profile.conf or /proc/ccs/profile ).

remote_ip:remote_port
Get process information via agent listening at specified IP address and port number.

EXAMPLES

# ccs-auditd /dev/null /var/log/tomoyo/reject_log.txt

NOTES


 Start this program from appropriate stage such as /etc/rc.local .

AUTHORS


 penguin-kernel _at_ I-love.SAKURA.ne.jp

COPYRIGHT

Copyright © 2005-2010 NTT DATA CORPORATION.

This program is free software; you may redistribute it under the terms of the GNU General Public License. This program has absolutely no warranty.