auditing users within a jail
Mateusz Piotrowski
0mp at FreeBSD.org
Wed Mar 14 13:12:33 UTC 2018
On Sun, 11 Mar 2018 22:17:47 -0500
Christian Peron <csjp at sqrt.ca> wrote:
>However, it is possible for processes in jails to produce audit
>records. The processes just need an audit mask. Since audit masks
>(configurations) are inherited across forks, you could set a global
>audit configuration for the jail using the following tool (or
>something like it):
>
>https://github.com/csjayp/setaudit (I just dropped it on to github)
FYI, I'll submit a new setaudit port if Christian decides to pull in my
enhancements.
More information about the freebsd-security
mailing list