|
The Linux audit framework provides a CAPP-compliant
(Controlled Access Protection Profiles) auditing system that reliably collects
information about any security-relevant (or non-security-relevant) event on a
system. It can help you track actions performed on a system.
Kconfig required
- CONFIG_AUDIT=y
- CONFIG_HAVE_ARCH_AUDITSYSCALL=y
- CONFIG_AUDITSYSCALL=y
- CONFIG_AUDIT_WATCH=y
- CONFIG_AUDIT_TREE=y
- CONFIG_INTEGRITY_AUDIT=y
- CONFIG_AUDIT_GENERIC=y
- CONFIG_AUDIT_ARCH_COMPAT_GENERIC=y
- CONFIG_AUDIT_COMPAT_GENERIC=y
Audit test suite validates syscall, filter and audit-tools.
Change-Id: I7e1bce102021bd63b40fa66a4292c3d6f53fff25
Signed-off-by: Naresh Kamboju <naresh.kamboju@linaro.org>
|