Re: Setting loginuid for a process starting at boot

On Tuesday, January 14, 2014 04:55:30 PM Maupertuis Philippe wrote: To some extent, the documentation is in the header files. They describe what the intended use is for the event record types. https://fedorahosted.org/audit/browser/trunk/lib/libaudit.h#L40 https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree... As for what triggers them, it can mostly be deduced from the event's type. However, some user space apps that do the same thing as others may not have been updated to do auditing and various distributions may or may not enable the auditing at build time. So, the user space support varies. -Steve