Hi all,
I need to do some tests about auditd funcionalities on two CentOS5.5 hosts. I need
to audit when user executes sudo command, when system files are modified, when some
process call to some system calls, when kernel semaphores are modified, etc.
I see some examples on /usr/shae/doc/audit-x.x.x, but I will know if someone has
more complet audit.rules. Can somebody share some samples??
Thanks.
--
CL Martinez
carlopmart {at} gmail {d0t} com