Date: Wed, 14 Mar 2018 14:13:01 +0100 From: Mateusz Piotrowski <0mp@FreeBSD.org> To: Christian Peron <csjp@sqrt.ca> Cc: Eitan Adler <lists@eitanadler.com>, "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: Re: auditing users within a jail Message-ID: <20180314141301.7bdd2d3d@oxy> In-Reply-To: <20180312031746.GB7114@cps-macbook-pro.lan> References: <CAF6rxgmWWx-vQ9UDk4Uyk9SfxXBNtirtCEW6bixpS-akkn%2BwCw@mail.gmail.com> <20180312031746.GB7114@cps-macbook-pro.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 11 Mar 2018 22:17:47 -0500 Christian Peron <csjp@sqrt.ca> wrote: >However, it is possible for processes in jails to produce audit >records. The processes just need an audit mask. Since audit masks >(configurations) are inherited across forks, you could set a global >audit configuration for the jail using the following tool (or >something like it): > >https://github.com/csjayp/setaudit (I just dropped it on to github) FYI, I'll submit a new setaudit port if Christian decides to pull in my enhancements.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180314141301.7bdd2d3d>