File Manager

X7ROOT File Manager

Current Path: /usr/share/doc/audit-2.8.5/rules

usr / share / doc / audit-2.8.5 / rules /

📁 ..
📄 10-base-config.rules(163 B)
📄 10-no-audit.rules(284 B)
📄 11-loginuid.rules(93 B)
📄 12-cont-fail.rules(329 B)
📄 12-ignore-error.rules(323 B)
📄 20-dont-audit.rules(516 B)
📄 21-no32bit.rules(273 B)
📄 22-ignore-chrony.rules(252 B)
📄 23-ignore-filesystems.rules(506 B)
📄 30-nispom.rules(4.8 KB)
📄 30-ospp-v42.rules(10.15 KB)
📄 30-pci-dss-v31.rules(5.81 KB)
📄 30-stig.rules(6.44 KB)
📄 31-privileged.rules(1.42 KB)
📄 32-power-abuse.rules(213 B)
📄 40-local.rules(156 B)
📄 41-containers.rules(439 B)
📄 42-injection.rules(672 B)
📄 43-module-load.rules(398 B)
📄 70-einval.rules(326 B)
📄 71-networking.rules(151 B)
📄 99-finalize.rules(86 B)
📄 README-rules(1.17 KB)

Editing: 31-privileged.rules

##- Use of privileged commands (unsuccessful and successful)
## You can run the following commands to generate the rules:
#find /bin -type f -perm -04000 2>/dev/null | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $1 }' > priv.rules
#find /sbin -type f -perm -04000 2>/dev/null | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $1 }' >> priv.rules
#find /usr/bin -type f -perm -04000 2>/dev/null | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $1 }' >> priv.rules
#find /usr/sbin -type f -perm -04000 2>/dev/null | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $1 }' >> priv.rules
#filecap /bin 2>/dev/null | sed '1d' | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $2 }' >> priv.rules
#filecap /sbin 2>/dev/null | sed '1d' | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $2 }' >> priv.rules
#filecap /usr/bin 2>/dev/null | sed '1d' | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $2 }' >> priv.rules
#filecap /usr/sbin 2>/dev/null | sed '1d' | awk '{ printf "-a always,exit -F path=%s -F perm=x -F auid>=1000 -F auid!=unset -F key=privileged\n", $2 }' >> priv.rules

X7ROOT File Manager

Editing: 31-privileged.rules

Upload File

Create Folder