auditing users within a jail
Eitan Adler
lists at eitanadler.com
Sat Mar 17 11:49:24 UTC 2018
On 14 March 2018 at 06:13, Mateusz Piotrowski <0mp at freebsd.org> wrote:
> On Sun, 11 Mar 2018 22:17:47 -0500
> Christian Peron <csjp at sqrt.ca> wrote:
>
>>However, it is possible for processes in jails to produce audit
>>records. The processes just need an audit mask. Since audit masks
>>(configurations) are inherited across forks, you could set a global
>>audit configuration for the jail using the following tool (or
>>something like it):
>>
>>https://github.com/csjayp/setaudit (I just dropped it on to github)
>
> FYI, I'll submit a new setaudit port if Christian decides to pull in my
> enhancements.
We chatted a bit offline, but thanks for the info! That was really helpful.
--
Eitan Adler
More information about the freebsd-security
mailing list