Re: [PATCH 0/2] Begin auditing SECCOMP_RET_ERRNO return actions
On Tue, Jan 3, 2017 at 3:44 PM, Kees Cook <keescook(a)chromium.org> wrote:
I still wonder, though, isn't there a way to use auditctl to get
all
the seccomp messages you need?
Not all of the seccomp actions are currently logged, that's one of the
problems (and the biggest at the moment).
--
paul moore
www.paul-moore.com