| William Roberts | 29d238d | 2013-02-08 09:45:26 +0900 | [diff] [blame] | 1 | Auditd Daemon |
| 2 | |
| 3 | The audit daemon is a simplified version of its desktop |
| 4 | counterpart designed to gather the audit logs from the |
| 5 | audit kernel subsystem. The audit subsystem of the kernel |
| 6 | includes Linux Security Modules (LSM) messages as well. |
| 7 | |
| 8 | To enable the audit subsystem, you must add this to your |
| 9 | kernel config: |
| 10 | CONFIG_AUDIT=y |
| 11 | |
| 12 | To enable a LSM, you must consult that LSM's documentation, the |
| 13 | example below is for SELinux: |
| 14 | CONFIG_SECURITY_SELINUX=y |
| 15 | |
| 16 | This does not include possible dependencies that may need to be |
| 17 | satisfied for that particular LSM. |