Re: Sucess or failure?

From the point of view of the linux kernel, and of the audit, you have

Hi, I enter the command "sudo cp qwerty /etc/xxx" and get the reply: "cp: cannot stat `qwerty': No such file or directory." A number of log entries are written. The last two are, in part: type=SYSCALL success=yes type=EXECVE argc=3 a0="cp" a1="qwerty" a2="/etc/xxx" My problem is with "success=yes". What is happening? Thanks - Michael Mather ----------------------- -- Linux-audit mailing list Linux-audit(a)redhat.com https://www.redhat.com/mailman/listinfo/linux-audit