Paul Moore
Paul Moore
Ah, I see this is a Nutanix kernel build. Do you work for Nutanix or are you a customer/user? If the former, you should definitely read the mail archive link...
Quick silly question: does this system have a working RTC? There are a number of smaller aarch64 systems, e.g. RPi 4 and below, that do not have a RTC and...
> Quick silly question: does this system have a working RTC? There are a number of smaller aarch64 systems, e.g. RPi 4 and below, that do not have a RTC...
The audit record support for `openat(2)` was added in [Linux v5.16](https://www.paul-moore.com/blog/d/2022/01/linux_v516.html) after [discussions on-list that spanned multiple months](https://lore.kernel.org/linux-audit/?q=s%3Aopenat2). We are well past the point where we can change the kernel...
Let's bring this to @stevegrubb's attention.
Thanks @hillu, but I'm going to hold off on merging this until the LSM stacking patches are merged upstream.
I think a good first step would be to unpack the ausearch-test into a personal repository for review before inclusion in the linux-audit organization. Discussions on the mailing list have...
Thanks for unpacking the tests @WOnder93. As far as questions are concerned, this isn't a complete list, but this is what comes to mind quickly: * How does one install...
>> * How does one install the test (e.g. what dependencies are there, if any)? >> * It looks like the entire test (suite?) is a single C file, are...
> There appears to be no mechanism that prevents a container from modifying its own id (presuming CAP_SYS_ADMIN is not removed from its capability set, which I think doesn't occur...