2023-10-31 21:24 Linux Audit Mail List 3+ messages
2023-10-24 18:53 Audit status update
2023-10-20 19:14 Couldn't get audit messages for 'listen' on kernel 4.19.0-6-686-pae 5+ messages
2023-10-17 14:21 netlink ACK handling in audit_set_pid()
2023-10-16 6:45 Re: Need help with af_unix audisd plugin
2023-10-12 10:43 Re: [linux-audit/audit-userspace] Aureport on stream of data (Issue #324)
2023-09-15 16:15 128 Character limit on proctitle field? 4+ messages
2023-09-15 5:33 Increasing audit netlink buffer size 2+ messages
2023-09-06 15:56 Sycall Rules vs Watch Rules 13+ messages
2023-08-30 4:17 [pcmoore-audit:main 1/1] README.orig: warning: ignored by one of the .gitignore files 4+ messages
2023-08-29 18:02 Re: [nf PATCH 1/2] netfilter: nf_tables: Audit log setelem reset 10+ messages
2023-08-11 10:58 [PATCH] audit: add task history record 29+ messages
2023-08-08 14:25 [RFC] Future audit changes
2023-08-06 21:52 audit-3.1.2 released
2023-08-06 13:04 [PATCH v2] TaskTracker : Simplified thread information tracker. 11+ messages
2023-06-29 22:34 Cannot disable kernel's audit system via auditctl 5+ messages
2023-06-05 18:46 Re: Comprehensive Documentation on the Linux Audit Framework 5+ messages
2023-05-24 11:37 Auditd doesn't receive syscalls after installation for the current shell. 4+ messages
2023-05-23 23:12 No more report of quantity of rules successfully loaded 4+ messages
2023-05-12 21:17 What STIG audit rule picks up type=SOFTWARE_UPDATE events? 6+ messages
2023-05-10 13:43 sending audit logs only to audit.log via rsyslog 4+ messages
2023-05-04 14:51 The directory removing loses a fraction of path.
2023-05-03 21:14 Can AUDIT_LIST_RULES causes kthreadd-spam? 13+ messages
2023-04-28 7:54 Re: Re: "service auditd start" fails inside a container 6+ messages
2023-04-27 19:44 audit-3.1.1 released
2023-04-17 8:35 [ANNOUNCE] [CFP] Linux Security Summit Europe (LSS-EU)
2023-03-20 12:20 Help with setting up Auditd kernel repository 4+ messages
2023-03-18 14:36 run script after auditd rotates logs 3+ messages
2023-03-09 0:04 Auditing nftables changes 10+ messages
2023-03-08 13:46 How to define audit rule for one bit *not* set for a syscall argument? 3+ messages
2023-02-28 22:04 audit userspace problems with io_uring async ops 7+ messages
2023-02-28 10:53 Key based rate limiter (audit_set_rate_limit) 15+ messages
2023-02-20 22:38 [GIT PULL] Audit patches for v6.3 2+ messages
2023-02-14 19:23 [PATCH] tests/filter_exclude: euid filtering now possible in exclude filter 2+ messages
2023-02-13 21:24 Clarification Around File System Auditing 7+ messages
2023-02-10 23:37 small patch for issue with rules that have been (incorrecly) copied from Windows 4+ messages
2023-02-09 16:40 audit-3.1 released
2023-02-07 18:44 [PATCH] audit: update the mailing list in MAINTAINERS 2+ messages
2023-02-03 21:35 [PATCH v7 0/3] fanotify: Allow user space to pass back additional audit info 14+ messages
2023-02-01 20:33 [PATCH v2] io_uring,audit: don't log IORING_OP_MADVISE 13+ messages
2023-02-01 6:00 Re: Re: audit library license 3+ messages
2023-01-31 19:44 Upstream kernel development and the linux-audit mailing list 3+ messages
2023-01-31 0:55 audit library license 2+ messages
2023-01-30 22:57 [RFC PATCH v9 14/16] scripts: add boot policy generation program 74+ messages
2023-01-30 5:21 Setting priority to auditd rule files 2+ messages
2023-01-27 17:23 [PATCH v1 1/2] io_uring, audit: audit IORING_OP_FADVISE but not IORING_OP_MADVISE 29+ messages
2023-01-20 22:24 [ANNOUNCE] Linux Security Summit North Americ (LSS-NA) CfP
2023-01-20 14:09 [RFC PATCH v2 02/31] Documentation: Add binding for kalray,kv3-1-core-intc 63+ messages
2023-01-17 21:14 [PATCH v6 1/3] fanotify: Ensure consistent variable type for response 13+ messages
2023-01-16 16:15 Difference between BITMAP_EXECUTABLE_PATH and BITMAP_EXCLUDE_EXTEND flags 2+ messages
2023-01-13 22:47 audit rules to help watch for potential threat? 2+ messages
2023-01-10 12:08 Identify whether the kernel version supports Path based exclusion 3+ messages
2023-01-09 7:33 A question on monitoring time or time management changes in the kernel and the adjtimex system call 3+ messages
2023-01-06 15:44 [PATCH v3 2/2] bpf: remove the do_idr_lock parameter from bpf_prog_free_id() 12+ messages
2023-01-05 9:46 New bug in Audit 10+ messages
2023-01-03 21:35 Re: [RFC PATCH 02/25] kvx: Add ELF-related definitions 13+ messages
2023-01-03 18:12 Re: [PATCH v2] bpf: restore the ebpf program ID for BPF_AUDIT_UNLOAD and PERF_BPF_EVENT_PROG_UNLOAD
2022-12-23 18:55 [PATCH v2] bpf: restore the ebpf program ID for BPF_AUDIT_UNLOAD and PERF_BPF_EVENT_PROG_UNLOAD 18+ messages
2022-12-22 0:13 [PATCH] bpf: restore the ebpf audit UNLOAD id field 12+ messages
2022-12-20 22:36 BPF audit logs 8+ messages
2022-12-19 18:00 [PATCH RESEND 1/2] audit: introduce a struct to represent an audit timestamp 4+ messages
2022-12-19 17:54 [PATCH 0/2] Provide matching audit timestamp in the SELinux AVC trace event 4+ messages
2022-12-13 3:05 [GIT PULL] Audit patches for v6.2 2+ messages
2022-12-12 14:06 [PATCH v5 0/3] fanotify: Allow user space to pass back additional audit info 20+ messages
2022-11-19 2:16 [PATCH AUTOSEL 4.9 2/4] audit: fix undefined behavior in bit shift for AUDIT_BIT
2022-11-19 2:16 [PATCH AUTOSEL 4.14 2/6] audit: fix undefined behavior in bit shift for AUDIT_BIT
2022-11-19 2:16 [PATCH AUTOSEL 4.19 2/8] audit: fix undefined behavior in bit shift for AUDIT_BIT
2022-11-19 2:15 [PATCH AUTOSEL 5.4 03/11] audit: fix undefined behavior in bit shift for AUDIT_BIT
2022-11-19 2:14 [PATCH AUTOSEL 5.10 04/18] audit: fix undefined behavior in bit shift for AUDIT_BIT
2022-11-19 2:13 [PATCH AUTOSEL 5.15 04/27] audit: fix undefined behavior in bit shift for AUDIT_BIT
2022-11-19 2:10 [PATCH AUTOSEL 6.0 06/44] audit: fix undefined behavior in bit shift for AUDIT_BIT
2022-11-09 23:34 Re: [PATCH v1 4/8] LSM: Maintain a table of LSM attribute data
2022-11-07 23:10 [GIT PULL] Audit fixes for v6.1 (#1) 2+ messages
2022-10-31 2:10 [PATCH] audit: fix undefined behavior in bit shift for AUDIT_BIT 5+ messages
2022-10-28 14:13 [PATCH] Properly pass struct timeval.tv_sec to snprintf under -D_TIME_BITS=64
2022-10-07 17:34 IORING_OP_SENDMSG_ZC should enable auditing just like IORING_OP_SENDMSG 2+ messages
2022-10-03 19:19 [GIT PULL] Audit patches for v6.1 2+ messages
2022-09-27 22:59 [PATCH 3/3] audit: unify audit_filter_{uring(), inode_name(), syscall()} 20+ messages
2022-09-27 19:53 [PATCH v38 00/39] LSM: Module stacking for AppArmor 68+ messages
2022-09-13 16:53 Query regarding the lib audit-userspace 4+ messages
2022-09-10 1:01 [PATCH RFC] LSM: lsm_self_attr system call to get security module attributes 4+ messages
2022-09-06 13:25 [PATCH -next] audit: remove selinux_audit_rule_update() declaration 2+ messages
2022-08-30 15:28 [RFC PATCH 2/2] fs/xattr: wire up syscalls 3+ messages
2022-08-30 10:50 [PATCH] audit: remove obvious unnecessary header files 7+ messages
2022-08-29 22:18 audit-3.0.9 released
2022-08-29 16:26 [PATCH] audit: use time_after to compare time 2+ messages
2022-08-26 19:43 [GIT PULL] Audit fixes for v6.0 (#2) 2+ messages
2022-08-25 19:32 [PATCH ghak138 v2 1/4] audit: audit_context pid unused, context enum comment fix 9+ messages
2022-08-25 3:09 [PATCH ghak138] audit: move audit_return_fixup before the filters 3+ messages
2022-08-24 19:42 [PATCH] tests/io_uring: ensure that tne io_uring::enter_ring_fd is imported 4+ messages
2022-08-23 19:19 [GIT PULL] Audit fixes for v6.0 (#1) 2+ messages
2022-08-23 0:06 Re: [PATCH next] audit: printk before dropping logs in audit_log_end 5+ messages
2022-08-22 2:29 [PATCH next] audit: fix potential double free on error path from fsnotify_add_inode_mark 8+ messages
2022-08-19 1:59 Re: data-race in audit_log_start / audit_receive 6+ messages
2022-08-14 9:39 [PATCH] kernel: fix repeated words in comments 2+ messages
2022-08-09 17:22 [PATCH v4 0/4] fanotify: Allow user space to pass back additional audit info 44+ messages
2022-08-03 5:02 [PATCH] audit, io_uring, io-wq: Fix memory leak in io_sq_thread() and io_wqe_worker() 10+ messages
2022-08-03 0:01 LSM stacking in next for 6.1? 74+ messages
2022-08-01 19:52 [GIT PULL] Audit patches for v6.0 2+ messages
2022-07-14 17:53 Excluding a script / process and its descendants from audit 3+ messages
2022-07-07 4:05 Trying to understand audisp-remote network behavior 8+ messages
2022-06-28 0:55 [PATCH v37 02/33] LSM: Infrastructure management of the sock security 39+ messages
2022-06-16 21:50 [GIT PULL] Audit fixes for v5.19 (#1) 2+ messages
2022-06-15 15:44 [PATCH] audit: free module name 2+ messages
2022-06-11 9:23 [PATCH -next] audit: make is_audit_feature_set() static 2+ messages
2022-06-09 23:01 [PATCH v36 00/33] LSM: Module stacking for AppArmor 42+ messages
2022-06-08 19:01 [RFC PATCH v8 05/17] ipe: add LSM hooks on execution and kernel read 26+ messages
2022-06-06 23:09 Be careful with rules 5+ messages
2022-05-23 14:16 Linux v5.19 and audit
2022-05-19 16:45 Help setxattr,lsetxattr,fsetxattr,removexattr,lremovexattr 6+ messages
2022-05-18 18:17 [GIT PULL] Audit fixes for v5.18 (#1) 2+ messages
2022-05-18 15:50 [ANNOUNCE][CFP] Linux Security Summit Europe 2022
2022-05-17 10:32 [PATCH 0/1] audit, io_uring, io-wq: call __audit_uring_exit for dummy contexts 4+ messages
2022-05-16 20:22 [PATCH v3 0/3] fanotify: Allow user space to pass back additional audit info 16+ messages
2022-05-15 7:31 [PATCH 2/2] audit: fix most of the checkpatch.pl warnnings & errors 6+ messages
2022-05-14 21:54 Re: [PATCH 5/5] audit: fix most of the checkspec.pl warnnings & errors 11+ messages
2022-05-12 8:01 What does "---" in audit.log timestamp / event-id field mean? 4+ messages
2022-05-03 9:02 [PATCH 2/2] audit: add filterkey to special audit messages 9+ messages
2022-04-29 0:44 [PATCH v2 0/3] fanotify: Allow user space to pass back additional audit info 21+ messages
2022-04-26 22:05 [PATCH] signal: improve the signal test robustness 2+ messages
2022-04-18 14:59 [PATCH v35 00/29] LSM: Module stacking for AppArmor 64+ messages
2022-04-15 21:17 [PATCH v34 00/29] LSM: Module stacking for AppArmor 31+ messages
2022-04-07 21:22 [PATCH v34 00/29] LSM: Module stacking for AppArmor 34+ messages
2022-04-04 13:12 Re: [PATCH v2] audit: do a quick exit when syscall number is less than 0 2+ messages
2022-03-29 21:55 audit-3.0.8 released
2022-03-28 5:46 [PATCH v2] audit: do a quick exit when syscall number is invalid 2+ messages
2022-03-26 20:55 Re: [PATCH] audit: do a quick exit when syscall number is invalid 20+ messages
2022-03-21 22:21 [GIT PULL] Audit patches for v5.18 2+ messages
2022-03-19 3:39 [linux-next:master] BUILD REGRESSION 6d72dda014a4753974eb08950089ddf71fec4f60
2022-03-11 18:47 Re: [PATCH 03/17] io_uring: add infra and support for IORING_OP_URING_CMD 3+ messages
2022-03-10 23:46 [PATCH v33 00/29] LSM: Module stacking for AppArmor 41+ messages
2022-03-02 21:45 Bug in Queue Statistics? 3+ messages
2022-03-02 15:51 Alert when auditd is stopped 2+ messages
2022-02-28 17:29 Newer versions of audit missing information? 3+ messages
2022-02-23 18:32 Re: Removing Audit-libs, Python3-audit 3+ messages
2022-02-23 9:41 [PATCH -next] audit: only print records that will be dropped via printk() 2+ messages
2022-02-23 9:35 [PATCH -next, v2] audit: only print records that will be dropped via printk()
2022-02-22 16:44 [PATCH v6] audit: log AUDIT_TIME_* records only from rules 3+ messages
2022-02-21 21:50 audit user space build problems 3+ messages
2022-02-16 20:32 [PATCH v5] audit: log AUDIT_TIME_* records only from rules 3+ messages
2022-02-14 15:23 [PATCH v4] audit: log AUDIT_TIME_* records only from rules 2+ messages
2022-02-10 3:42 [GIT PULL] Audit fixes for v5.17 (#2) 2+ messages
2022-02-09 21:50 [PATCH v1] audit: fix illegal pointer dereference for openat2 2+ messages
2022-02-09 21:11 [PATCH] audit: don't deref the syscall args when checking the openat2 open_how::flags 2+ messages
2022-02-07 22:37 How to configure auditd to register like internal bash commands? 7+ messages
2022-02-07 22:24 [ANNOUNCE][CFP] Linux Security Summit North America 2022 2+ messages
2022-02-04 13:50 [PATCH v4 5/5] taskstats: Use task_is_in_init_pid_ns() 6+ messages
2022-02-02 23:52 [PATCH v32 00/28] LSM: Module stacking for AppArmor 41+ messages
2022-01-31 18:45 [GIT PULL] Audit fixes for v5.17 (#1) 2+ messages
2022-01-26 3:24 [PATCH v3] audit: log AUDIT_TIME_* records only from rules 9+ messages
2022-01-23 20:29 audit-3.0.7 released
2022-01-21 16:17 [PATCH v2] audit: log AUDIT_TIME_* records only from rules 4+ messages
2022-01-20 16:50 Re: [PATCH v2] audit: improve audit queue handling when "audit=1" on cmdline 6+ messages
2022-01-19 1:26 [RFC PATCH] audit: improve audit queue handling when "audit=1" on cmdline 3+ messages
2022-01-18 2:46 [PATCH AUTOSEL 4.19 33/59] audit: ensure userspace is penalized the same as the kernel when under pressure
2022-01-18 2:44 [PATCH AUTOSEL 5.4 43/73] audit: ensure userspace is penalized the same as the kernel when under pressure
2022-01-18 2:39 [PATCH AUTOSEL 5.10 071/116] audit: ensure userspace is penalized the same as the kernel when under pressure
2022-01-18 2:30 [PATCH AUTOSEL 5.15 121/188] audit: ensure userspace is penalized the same as the kernel when under pressure
2022-01-18 2:18 [PATCH AUTOSEL 5.16 142/217] audit: ensure userspace is penalized the same as the kernel when under pressure
2022-01-13 11:56 Flush the hold queue fall into an infinite loop. 5+ messages
2022-01-10 20:32 Mapping of Audit rule to Record Type Generated + chmod log query 4+ messages
2022-01-10 19:14 [GIT PULL] Audit patches for v5.17 2+ messages
2022-01-04 22:43 initial io_uring test for audit-testsuite
2021-12-29 1:20 Re: [PATCH -next 1/1] audit: ignore userspace log when backlog limit exceeded and backlog_wait_time is 0 3+ messages
2021-12-20 16:41 Re: [PATCH 1/1] Smack:- Fix the issue of wrong info printed in ptrace error logs 14+ messages
2021-12-17 1:01 [PATCH -next, v3 1/2] audit: use struct_size() helper in audit_[send|make]_reply() 4+ messages
2021-12-16 23:16 Fwd: [PATCH -next, v3 2/2] audit: replace zero-length array with flexible-array member 2+ messages
2021-12-16 22:58 [GIT PULL] Audit fixes for v5.16 (#1) 2+ messages
2021-12-14 17:08 Re: [PATCH -next] audit: use struct_size() helper in kmalloc() 8+ messages
2021-12-14 16:16 [PATCH] audit: ensure userspace is penalized the same as the kernel when under pressure 4+ messages
2021-12-13 23:40 [PATCH v31 01/28] integrity: disassociate ima_filter_rule from security_audit_rule 35+ messages
2021-12-13 18:31 [PATCH] audit: improve robustness of the audit queue handling 5+ messages
2021-12-08 8:33 [PATCH v2 1/7] pid: Introduce helper task_is_in_init_pid_ns() 24+ messages
2021-12-05 14:51 [PATCH v1 3/7] coresight: etm4x: Use task_is_in_root_ns() to check PID namespace 11+ messages
2021-12-02 2:25 Re: [PATCH] audit: accelerate audit rule filter 3+ messages
2021-11-30 23:04 Maximum Value for q_depth 10+ messages
2021-11-29 19:27 LSM stacking v30 Audit changes 3+ messages
2021-11-24 1:43 [PATCH v30 00/28] LSM: Module stacking for AppArmor 40+ messages
2021-11-23 7:50 [PATCH] audit: accelerate audit rule filter 4+ messages
2021-11-04 21:38 [PATCH RFC] integrity: disassociate ima_filter_rule from security_audit_rule 2+ messages
2021-11-04 21:01 [PATCH v1] add clock_adjtime to certification rulesets 3+ messages
2021-11-04 20:59 [RFC PATCH v1] audit: log AUDIT_TIME_* records only from rules 14+ messages
2021-11-04 17:34 Disassociating ima_filter_rule* from security_audit_rule* 2+ messages
2021-11-01 23:59 [GIT PULL] Audit patches for v5.16 2+ messages
2021-10-28 19:59 [PATCH v3 5/7] add ausearch --uringop option 13+ messages
2021-10-28 19:49 [PATCH v1] add filesystem filter list to auditctl usage 2+ messages
2021-10-28 19:48 [PATCH v1] auditctl: check for a watch before adding perm 2+ messages
2021-10-28 19:48 [PATCH v1] remove unused fn audit_add_dir and decl audit_rule_syscall_data 2+ messages
2021-10-20 14:55 why no LOGOUT event record on some OSes 10+ messages
2021-10-20 1:42 [GIT PULL] Audit fixes for v5.15 (#1) 2+ messages
2021-10-20 1:15 [PATCH] audit: correct the AUDIT_DM_CTRL and AUDIT_DM_EVENT numbering 6+ messages
2021-10-16 7:23 [PATCH -next,v3 0/2] Audit: fix warning and check priority early 7+ messages
2021-10-13 19:06 [RFC PATCH v7 06/16] uapi|audit: add trust audit message definitions 63+ messages
2021-10-13 9:12 [PATCH -next, v2 2/2] audit: return early if the rule has a lower priority 7+ messages
2021-10-12 1:32 [PATCH -next] audit: return early if the rule has a lower priority 3+ messages
2021-10-05 23:24 Audit container ID patchset v11 comments
2021-10-01 17:21 audit-3.0.6 released
2021-08-24 13:36 [PATCH v2 RESEND] powerpc/audit: Convert powerpc to AUDIT_ARCH_COMPAT_GENERIC 14+ messages
2021-08-11 20:48 [RFC PATCH v2 4/9] audit: add filtering for io_uring records 41+ messages
2021-05-19 20:00 [PATCH v4 3/3] audit: add OPENAT2 record to list how 26+ messages
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).