On Thu, 2004-12-30 at 20:03, Karsten Wade wrote:
aiui, this is just /var/log/messages.
Flask is a framework, and the documentation tends to be vague about
particulars like where you choose to put audit logs. SELinux, the
implementation of Flask, generally uses /var/log/messages, but I'm sure
even that could be different if you wanted.
By default, SELinux (via the kernel audit framework) logs using the
normal kernel logging facility, i.e. kernel -> klogd -> syslogd, and
then syslogd dispatches based on /etc/syslog.conf, typically to
/var/log/messages. However, the kernel audit framework will instead
dispatch the audit messages to an audit daemon if one is present; work
on an audit daemon is ongoing - see the linux-audit mailing list.
--
Stephen Smalley <sds(a)epoch.ncsc.mil>
National Security Agency