Searched refs:audit (Results 1 – 23 of 23) sorted by relevance
| /system/logging/logd/ |
| D | README.auditd | 3 The audit daemon is a simplified version of its desktop
4 counterpart designed to gather the audit logs from the
5 audit kernel subsystem. The audit subsystem of the kernel
8 To enable the audit subsystem, you must add this to your
|
| D | LogAudit.cpp | 379 char* audit = strstr(buf, " audit("); in log() local
380 if (!audit || (audit >= &buf[len])) { in log()
384 *audit = '\0'; in log()
389 rc = logPrint("%s %s", type, audit + 1); in log()
391 rc = logPrint("%s", audit + 1); in log()
393 *audit = ' '; in log()
|
| D | logd.rc | 22 service logd-auditctl /system/bin/auditctl -r ${persist.logd.audit.rate:-5}
38 on property:persist.logd.audit.rate=*
|
| D | README.property | 4 ro.logd.auditd bool true Enable selinux audit daemon
5 ro.logd.auditd.dmesg bool true selinux audit messages sent to dmesg.
6 ro.logd.auditd.main bool true selinux audit messages sent to main.
7 ro.logd.auditd.events bool true selinux audit messages sent to events.
|
| /system/sepolicy/microdroid/system/private/ |
| D | property.te | 13 # Don't audit legacy ctl. property handling. We only want the newer permission check to appear
14 # in the audit log
|
| D | dex2oat.te | 37 # Don't audit because we don't configure the compiler through these
|
| D | crash_dump.te | 2 # which will result in an audit log even when it's allowed to trace.
|
| D | init.te | 389 # Send an SELinux userspace denial to the kernel audit subsystem,
|
| /system/sepolicy/private/ |
| D | sdk_sandbox_audit.te | 4 ### This file defines the audit sdk sandbox security policy for
|
| D | traced_perf.te | 51 # Do not audit the cases where traced_perf attempts to access /proc/[pid] for
55 # Do not audit failures to signal a process, as there are cases when this is
|
| D | fuseblkd_untrusted.te | 46 # and nothing breaks. If enforce is set to permissive, the audit goes away.
|
| D | odrefresh.te | 48 # Do not audit unused resources from parent processes (adb, shell, su).
|
| D | crash_dump.te | 43 # which will result in an audit log even when it's allowed to trace.
|
| D | su.te | 31 # Do not audit accesses to keystore2 namespace for the su domain.
|
| D | property.te | 201 # Don't audit legacy ctl. property handling. We only want the newer permission check to appear
202 # in the audit log
|
| D | shell.te | 165 # adjust SELinux audit rates
|
| D | init.te | 690 # Send an SELinux userspace denial to the kernel audit subsystem,
|
| D | app.te | 16 # audit access for all these non-core app domains.
|
| D | property_contexts | 65 persist.logd.audit.rate u:object_r:logd_auditrate_prop:s0
|
| /system/sepolicy/vendor/ |
| D | hal_wifi_supplicant_default.te | 23 # Write to security logs for audit.
|
| /system/sepolicy/microdroid/system/public/ |
| D | attributes | 49 # This attribute is used to audit access to proc_net. it is temporary and will
|
| /system/sepolicy/tools/sepolicy-analyze/ |
| D | README | 18 conditional rules, audit-related rules (auditallow or dontaudit),
|
| /system/sepolicy/public/ |
| D | attributes | 66 # This attribute is used to audit access to proc_net. it is temporary and will
|