platform_system_core/logd/README.auditd

18 lines
549 B
Text
Raw Normal View History

Auditd Daemon
The audit daemon is a simplified version of its desktop
counterpart designed to gather the audit logs from the
audit kernel subsystem. The audit subsystem of the kernel
includes Linux Security Modules (LSM) messages as well.
To enable the audit subsystem, you must add this to your
kernel config:
CONFIG_AUDIT=y
To enable a LSM, you must consult that LSM's documentation, the
example below is for SELinux:
CONFIG_SECURITY_SELINUX=y
This does not include possible dependencies that may need to be
satisfied for that particular LSM.