File: wrong_syscall.fail.sh

package info (click to toggle)
scap-security-guide 0.1.65-1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 71,936 kB
  • sloc: xml: 179,374; sh: 69,771; python: 23,819; makefile: 23
file content (9 lines) | stat: -rw-r--r-- 745 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
 
#!/bin/bash
#

rm -f /etc/audit/rules.d/*
> /etc/audit/audit.rules
echo "-a always,exit -F arch=b32 -S pipe -F exit=-EACCES -F auid>=1000 -F auid!=unset -F key=unsuccesful-perm-change" >> /etc/audit/rules.d/unsuccesful-perm-change.rules
echo "-a always,exit -F arch=b64 -S pipe -F exit=-EACCES -F auid>=1000 -F auid!=unset -F key=unsuccesful-perm-change" >> /etc/audit/rules.d/unsuccesful-perm-change.rules
echo "-a always,exit -F arch=b32 -S pipe -F exit=-EPERM -F auid>=1000 -F auid!=unset -F key=unsuccesful-perm-change" >> /etc/audit/rules.d/unsuccesful-perm-change.rules
echo "-a always,exit -F arch=b64 -S pipe -F exit=-EPERM -F auid>=1000 -F auid!=unset -F key=unsuccesful-perm-change" >> /etc/audit/rules.d/unsuccesful-perm-change.rules