Re: Sucess or failure?
On Sat, Jul 21, 2012 at 9:48 PM, Michael Mather
<michael.mather(a)teksavvy.com> wrote:
Hi,
I enter the command "sudo cp qwerty /etc/xxx"
and get the reply: "cp: cannot stat `qwerty': No such file or directory."
A number of log entries are written. The last two are, in part:
type=SYSCALL success=yes
type=EXECVE argc=3 a0="cp" a1="qwerty" a2="/etc/xxx"
My problem is with "success=yes".
What is happening?
Assuming the syscall is execve, then it succeeds because your shell
successfully execve() to run cp.
Then cp the program fails.