[Apparmor-general] problem with profiling sshd under OpenSuSE 10.2
Seth Arnold
seth.arnold at suse.de
Wed Feb 7 16:19:19 MST 2007
On Wed, Feb 07, 2007 at 06:19:35PM +0100, ps wrote:
> > It would seem so, did you try audit_control? sshd shouldn't need
> > it but that doesn't stop developers from trying to use it.
> When I add capability: CAP_AUDIT_CONTROL and restarted apparmor
> everything seemed ok. Adding CAP_AUDIT_WRITE didn't work. I received the
> log trails the same as before.
Steve's discussion on the audit mail list explains it all. Apparently
changing the login uid is considered a "control" event in linux.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://forge.novell.com/pipermail/apparmor-general/attachments/20070207/f951c90d/attachment.pgp
More information about the Apparmor-general
mailing list