[rsbac] new log format proposition

Michal Purzynski albeiro at zeus.polsl.gliwice.pl
Wed Oct 27 13:55:29 CEST 2004


hello

recently i was working on making rsbac log format more readable while
keeping and even adding new information there. here is what came to my
mind:

example message in old format:

rsbac_adf_request(): request LINK_HARD, pid 2021, ppid 1422, prog_name
dpkg, uid 0, target_type FILE, tid Device 03:03 Inode 179171 Path
/var//lib/dpkg/available, attr none, value 0, result NOT_GRANTED (Softmode) by RC

proposed new format:

rsbac_adf_request(): request LINK_HARD, by /somepath/dpkg[dpkg:2021]
uid/euid:0/0 gid/egid:0/0, parent /bin/zsh[zsh:19188] uid/euid:0/0
gid/egid:0/0, target_type FILE, tid Device 03:03 Inode 179171 Path /var//lib/dpkg/available,
attr none, value 0, result NOT_GRANTED (Softmode) by RC

please comment on it, and feel free to propose changes that could improve
it.

Albeiro



More information about the rsbac mailing list