mirror of
https://github.com/opnsense/src.git
synced 2026-02-27 03:40:37 -05:00
deea362c80
/etc/security/audit_event to provide a list of audit event-number <-> name mappings. However, this occurs too late for anonymous tracing. With this change, adding 'audit_event_load="YES"' to /boot/loader.conf will cause the boot loader to preload the file, and then the kernel audit code will parse it to register an initial set of audit event-number <-> name mappings. Those mappings can later be updated by auditd(8) if the configuration file changes. Reviewed by: gnn, asomers, markj, allanjude Discussed with: jhb Approved by: re (kib) MFC after: 1 week Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D16589 |
||
|---|---|---|
| .. | ||
| audit.c | ||
| audit.h | ||
| audit_arg.c | ||
| audit_bsm.c | ||
| audit_bsm_db.c | ||
| audit_bsm_klib.c | ||
| audit_dtrace.c | ||
| audit_ioctl.h | ||
| audit_pipe.c | ||
| audit_private.h | ||
| audit_syscalls.c | ||
| audit_trigger.c | ||
| audit_worker.c | ||
| bsm_domain.c | ||
| bsm_errno.c | ||
| bsm_fcntl.c | ||
| bsm_socket_type.c | ||
| bsm_token.c | ||