[SunHELP] BSM Woes
Jarrett Carver
sunhelp at sunhelp.org
Fri Jun 22 17:17:29 CDT 2001
Here is what I did:
# bsmconv
# init 6
-------------------------------------------
My files look like:
audit_control:
dir:/etc/security/audit/sandbox2/files/
flags:fw,fm,fc,fd,pc,lo,ad,ot,ap,ex
minfree:20
naflags:all
audit_user:
root:lo,ex:no
audit_startup:
auditconfig -conf
auditconfig -setpolicy none
auditconfig -setpolicy +cnt
We use ssh to get into the box so in my sshd_config I put:
UseLogin yes
----------------------------------------------
Yet still when I login,logout,touch files,run commands, etc.. I see nothing
in the 20010622165925.not_terminated.sandbox2 file. I had left it running
last night and it appeared to pick-up crontab executed commands, but that is
it.
Currently after running several commands as both root and regular users, my
*not_terminated* file only has:
#cat 20010622165925.not_terminated.sandbox2 | praudit -l
file,Fri Jun 22 12:59:25 2001, + 549880 msec,
I am clueless as to why this is not working. Any suggestions appreciated.
Thanks.
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
More information about the SunHELP
mailing list