libaudit-go
libaudit-go copied to clipboard
mozilla
go package for interfacing with Linux audit
Added support for group names while setting the audit rules. With this change the group names will be resolved to the corresponding group id.
I'm trying to run auditprint.go on a ubuntu16.04 machine. After I ran the program, there is no output. After some print statement, I found that the program will be blocked...
hello, i want to monitor who access this file "/etc/passwd" when system "auditd" is running, "auditprint" cannot run, I don't want to stop auditd daemon, because our clients donot allow...
Hi, can you release a release version, which is convenient for our version management and subsequent upgrades? Thank you very much!
For example, FreeBSD doesn't have Netlink: https://github.com/mozilla/libaudit-go/blob/master/libaudit.go#L38
Issue --- stop auditprint and kernel got panic `~/go/src/github.com/mozilla/libaudit-go# $GOPATH/bin/aud itprint testdata/rules.json` kernel logs [ 173.399485] audit: netlink_unicast sending to audit_pid=5074 returned error: -111 [ 173.401834] Kernel panic - not...
The func Receive in libaudit.go make a new buf every time to receive the netlink message, dose it cost too much performance? And it is easy to trigger the GC...
Cannot make it work, and the tests don't pass. The auditisenabled always fails with unexpected EOF. I added some printf to see what's in there, the binary.Read should only give...
When auditd is already running on the system, calls to AuditSetPID will end up failing, and do not provide any indication of what the issue is aside from an errno...
Right now go test fails unless the test is run as root, and netlink is available --- FAIL: TestNetlinkConnection (0.00s) libaudit_test.go:43: NewNetlinkConnection failed not root user, exiting panic: runtime error:...