1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
#! /bin/sh
if [ "$1" = "--version" ]
then
cat << EOF
ccs-auditd 1.7.2
Copyright (C) 2005-2010 NTT DATA CORPORATION.
This program is free software; you may redistribute it under the terms of
the GNU General Public License. This program has absolutely no warranty.
EOF
elif [ "$1" = "--help" ]
then
cat << EOF
Usage: ccs-auditd location_to_save_grant_log location_to_save_reject_log [remote_ip:remote_port]
This program reads access request logs from kernel and writes to specified location.
By running this program upon startup, you can save access logs which violated domain_policy (reject_log) and access logs which didn't violate domain_policy (grant_log) in domain_policy file's format.
You may specify /dev/null as location to save logs. But in that case, you should set PREFERENCE::audit={ max_grant_log=0 } and/or PREFERENCE::audit={ max_reject_log=0 } in profile configuration ( /etc/ccs/profile.conf or /proc/ccs/profile ).
remote_ip:remote_port Get process information via agent listening at specified IP address and port number.
Examples:
# ccs-auditd /dev/null /var/log/tomoyo/reject_log.txt
EOF
else
cat << EOF | help2man -i - -N -s 8 -n "TOMOYO Linux's auditing daemon" $0 | gzip -9 > man8/ccs-auditd.8.gz
[NOTES]
Start this program from appropriate stage such as /etc/rc.local .
[SEE ALSO]
ccs-editpolicy-agent (8)
[AUTHORS]
penguin-kernel _at_ I-love.SAKURA.ne.jp
EOF
fi
exit 0
|
