30 Jan
2010
30 Jan
'10
4:29 a.m.
Greetings,
Thanks a lot
On Fri, Jan 29, 2010 at 4:13 PM, Kwan Lowe kwan.lowe@gmail.com wrote: On Fri, Jan 29, 2010 at 3:12 AM, Rajagopal Swaminathan raju.rajsand@gmail.com wrote:
It is possible using the auditd subsysted. You'd need to define a rule
I presume you meant subsystem..
-a entry,always -S open -S close -S read -S write -S link -S unlink -S chmod -S chown -S execve -F uid=root -k root_activity
I will look into that..
Regards,
Rajagopal