lairtech
Reputation: 2417
selinux: How to programmatically log to audit log?
Is there a way to programmatically log events to the SELinux audit log? I'm looking to create a monitoring script that audits the user's activities.
Upvotes: 0
Views: 1565
Answers (1)
UndeadKernel
Reputation: 533
If you are using C/C++ you can interact with auditd (the one responsible for writing to audit.log) with the library "audit-libs" by including "libaudit.h". If you have the development library installed read the manual page of audit_open (man audit_open), or take a look here: http://linux.die.net/man/3/audit_open
I gathered most information from the following sites:
Upvotes: 5
Related Questions
- PHP's configuration setting 'error_log' is not working
- How to log to AUDITD from application?
- audit2allow for unix socket on android gives blank output
- Map SELinux requested permission to string representing System Call
- How to get the SELinux context of a specified file on Android?
- Is it possible to connect SELinux policy with Android permissions?
- Where is the audit.log for Android 5?
- Nginx can't create log files
- Selinux must need auditing support? Can audit2allow be used instead?
- Log files not being written to (Passenger)