Re: [PATCH] more message updates
On Sun, 2005-05-22 at 17:57 -0400, Steve Grubb wrote:
I was working on the ausearch utility and have it interpreting the
logs
nicely. There were a couple issues that popped up where some messages did not
fall into similar patterns. There are several cases where auid does not have
an '=' between it and the loginuid.
Also, I ran into a problem interpreting syscalls because arch comes after the
syscall. Life would be so much easier if arch was before syscall. The
attached patch fixes this. Its against the .46 kernel.
I can see the point in the former, but I don't see why the latter makes
any difference. Anyway, as far as I'm concerned they're fine, but I'd
like an ack from Kris.
--
dwmw2