TOMOYO

Fork

[tomoyo-dev-en 40] Re: Access Logs

Tetsuo Handa from-****@I-lov*****
Tue Dec 14 09:32:15 JST 2010

• Previous message: [tomoyo-dev-en 39] Re: Access Logs
• Next message: [tomoyo-dev-en 41] Re: Access Logs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jamie Nguyen wrote:
> > Below is default configuration for /etc/ccs/tools/auditd.conf .
> > Any questions or comments?
> >
> > # Discard all granted logs.
> > Header.contains: granted=yes
> > Destination: /dev/null
> >
> > # Save rejected logs with profile=0 to /var/log/tomoyo/reject_000.log
> > Header.contains: profile=0
> > Destination: /var/log/tomoyo/reject_000.log
> >
> > # Save rejected logs with profile=1 to /var/log/tomoyo/reject_001.log
> > Header.contains: profile=1
> > Destination: /var/log/tomoyo/reject_001.log
> >
> > # Save rejected logs with profile=2 to /var/log/tomoyo/reject_002.log
> > Header.contains: profile=2
> > Destination: /var/log/tomoyo/reject_002.log
> >
> > # Save rejected logs with profile=3 to /var/log/tomoyo/reject_003.log
> > Header.contains: profile=3
> > Destination: /var/log/tomoyo/reject_003.log
> 
> Purely from an aesthetic point of view, I prefer just a space instead
> of using a colon. Also, I would suggest for all characters in the
> syntax to be lower case. Most configuration files I have come across
> use only lower case, and TOMOYO Linux keywords (e.g. path_group) are
> lower case:
> 
> header.contains   profile=1
> destination           /var/log/tomoyo/reject_001.log
> 
Sure. Fixed in revision 4193.

I thought someone may want to write to multiple destinations.
In that case, terminating a chunk with "destination " line is not good.

Now, I'll start ccs-patternize part.

Thanks.

• Previous message: [tomoyo-dev-en 39] Re: Access Logs
• Next message: [tomoyo-dev-en 41] Re: Access Logs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]