sedispatch(8)sedispatch(8)NAME
sedispatch - setroubleshoot audit dispatcher for SELinux Messages
SYNOPSIS
sedispatch
DESCRIPTION
This manual page describes the sedispatch program.
sedispatch is audit dispatcher. It scans audit messages for SELinux AVC messages, formats them into a dbus message and sends it to setrou-
bleshootd
AUTHOR
This man page was written by Dan Walsh <dwalsh@redhat.com>.
SEE ALSO audispd(8),auditd(8),
20100915 sedispatch(8)
Check Out this Related Man Page
AUDISPD:(8) System Administration Utilities AUDISPD:(8)NAME
audispd - an event multiplexor
SYNOPSIS
audispd
DESCRIPTION
audispd is an audit event multiplexor. It has to be started by the audit daemon in order to get events. It takes audit events and distrib-
utes them to child programs that want to analyze events in realtime. When the audit daemon recieves a SIGTERM or SIGHUP, it passes that
signal to the dispatcher, too. The dispatcher in turn passes those signals to its child processes.
The child programs install a configuration file in a plugins directory, /etc/audisp/plugins.d. Filenames are not allowed to have more than
one '.' in the name or it will be treated as a backup copy and skipped. Options are given one per line with an equal sign between the key-
word and its value. The available options are as follows:
active The options for this are yes or no.
direction
The option is dictated by the plugin. In or out are the only choices. You cannot make a plugin operate in a way it wasn't designed
just by changing this option.This option is to give a clue to the event dispatcher about which direction events flow. NOTE: inbound
events are not supported yet.
path This is the absolute path to the plugin executable. In the case of internal plugins, it would be the name of the plugin.
type This tells the dispatcher how the plugin wants to be run. Choices are builtin and always. Builtin should always be given for plug-
ins that are internal to the audit event dispatcher. These are af_unix and syslog. The option always should be given for most if not
all plugins. The default setting is always.
args This allows you to pass arguments to the child program. Generally plugins do not take arguments and have their own config file that
instructs them how they should be configured. At the moment, there is a limit of 2 args.
format The valid options for this are binary and string. Binary passes the data exactly as the audit event dispatcher gets it from the
audit daemon. The string option tells the dispatcher to completely change the event into a string suitable for parsing with the
audit parsing library. The default value is string.
FILES
/etc/audisp/audispd.conf /etc/audisp/plugins.d
SEE ALSO audispd.conf(5), auditd(8).
AUTHOR
Steve Grubb
Red Hat Sept 2007 AUDISPD:(8)
Hi everyone,
I know the following questions are noobish questions but I am asking them because I am confused about the basics of history behind UNIX and LINUX.
Ok onto business, my questions are-:
Was/Is UNIX ever an open source operating system ?
If UNIX was... (21 Replies)
Hello and thanks in advance for any help anyone can offer me
I'm trying to learn the find command and thought I was understanding it... Apparently I was wrong. I was doing compound searches and I started getting weird results with the -size test. I was trying to do a search on a 1G file owned by... (14 Replies)
hi all,
i have installed quota on my centos 7 machine and its what im after (setting size limit on users, so they cant fill the hard drive)
i want to now make this part of my create user script for my sftp server so i want to do a echo and a read command so i capture the limit they enter... (0 Replies)
Hi everybody,
Which Unix base OS have best performance for HOST virtualization?
I tested SmartOS but it needs another OS to connect remotely!
Thanks in advance. (11 Replies)
Hi All,
I need to write a shell script which opens a file and increments the version(text) within the file every time the script runs. For example:
$ cat docker_file.yml
version: '3.1'
services:
ui:
image: repo-srv.dev.io:5000/facebook/ui:0.0.2-QA1
$
So, I would like... (6 Replies)
Dear Team
We use DB2 v10.5 and using DBArtisan tool
Can someone please guide how to convert digits to binary numbers using db2 feature.
Ex> for number 9 , binary should be 1001 ( 8+1)
Any help appreciated. Thanks (2 Replies)
hi folks,
how to using tar with exclude directory and compress it using tar.Z
i only know how to exclude dir only with this command below:
tar -cvf /varios/restore/test.tar -X excludefile.txt /jfma/test1/
how to compress it using 1 command?
Thanx
Please use CODE tags as... (6 Replies)
Quite an obscure question I think.
We have a rebuild process for remote sites that allows us to PXE rebuild a till (actually a PC with a touch screen and various fancy bits) running CentOS. The current CentOS5 tills work just fine with a tar image restore and some personalisation. Sadly,... (4 Replies)
Hello All,
I had recently learnt a bit of Docker(which provides containerization process).
Here are some of my learning points from it.
Let us start first with very basic question:
What is Docker:
Docker is a platform for sysadmins and developers to DEPLOY, DEVELOP and RUN applications ... (7 Replies)
What is the point of this? Whenever I close my shell it appends to the history file without adding this. I have never seen it overwrite my history file.
# When the shell exits, append to the history file instead of overwriting it
shopt -s histappend (3 Replies)
Hello... And thanks in advance for any help anyone can offer me
I was trying to work out the differences between displaying modify, access, and change times with the 'ls' command. Everything seems in order when I look at files, but the access time on a directory doesn't seem to change when I... (4 Replies)
Hello everyone,
I am having an issue here with CentOS release 6.6 (Final) that shows all of the space used up, but I can't tell where the space went.
Seemingly I am using up 100%, according to
df -h
Filesystem Size Used Avail Use% Mounted on... (27 Replies)
I'm trying to use a bash script for a psych experiment that involves listening to sound files and responding. If I have something like the code below, how can I make sure that a key press is assigned to RESPONSE only after the second echo statement?
for i in 1 2 3; do
echo "Ready?"
sleep 2
... (10 Replies)
After the success of the jq - tool for parsing and manipulating JSON-Data someone wrote a tool called yq, which aims to be the same for YAML, what jq is for JSON. Seems to work fine. I'll definitely give it a chance in future.
Example YAML-File:
--- !ruby/object:Puppet::Node::Facts
... (1 Reply)
Dear All,
I am very pleased to announce that Dave Munro (gull04) is joining the Moderation Team, after being a very valuable member of UNIX.com for 15+ years.
Dave is an IT Consultant with 30 years of experience this year, has worked in many of the industry vertical market segments and has... (6 Replies)