Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

autrace(8) [minix man page]

AUTRACE:(8)						  System Administration Utilities					       AUTRACE:(8)

NAME
autrace - a program similar to strace SYNOPSIS
autrace program [-r] [program-args]... DESCRIPTION
autrace is a program that will add the audit rules to trace a process similar to strace. It will then execute the program passing arguments to it. The resulting audit information will be in the audit logs if the audit daemon is running or syslog. This command deletes all audit rules prior to executing the target program and after executing it. As a safety precaution, it will not run unless all rules are deleted with auditctl prior to use. OPTIONS
-r Limit syscalls collected to ones needed for analyzing resource usage. This could help people doing threat modeling. This saves space in logs. EXAMPLES
The following illustrates a typical session: autrace /bin/ls /tmp ausearch --start recent -p 2442 -i and for resource usage mode: autrace -r /bin/ls ausearch --start recent -p 2450 --raw | aureport --file --summary ausearch --start recent -p 2450 --raw | aureport --host --summary SEE ALSO
ausearch(8), auditctl(8). AUTHOR
Steve Grubb Red Hat Jan 2007 AUTRACE:(8)

Check Out this Related Man Page

AUTRACE:(8)						  System Administration Utilities					       AUTRACE:(8)

NAME
autrace - a program similar to strace SYNOPSIS
autrace program [-r] [program-args]... DESCRIPTION
autrace is a program that will add the audit rules to trace a process similar to strace. It will then execute the program passing arguments to it. The resulting audit information will be in the audit logs if the audit daemon is running or syslog. This command deletes all audit rules prior to executing the target program and after executing it. As a safety precaution, it will not run unless all rules are deleted with auditctl prior to use. OPTIONS
-r Limit syscalls collected to ones needed for analyzing resource usage. This could help people doing threat modeling. This saves space in logs. EXAMPLES
The following illustrates a typical session: autrace /bin/ls /tmp ausearch --start recent -p 2442 -i and for resource usage mode: autrace -r /bin/ls ausearch --start recent -p 2450 --raw | aureport --file --summary ausearch --start recent -p 2450 --raw | aureport --host --summary SEE ALSO
ausearch(8), auditctl(8). AUTHOR
Steve Grubb Red Hat Jan 2007 AUTRACE:(8)
Man Page

4 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Getting the most recent file

Hi people, Please some help over here. I have logs in a directory, in which I need to get the most recent file in order to put it within other command. The format of the files are loadfiles20090308094339_41 loadfiles20090308094418_42 loadfiles20090308095457_43... (4 Replies)
Discussion started by: cgkmal
4 Replies

2. Fedora

aureport issues

Over the last few weeks, I have had 3 different machines start showing only the date of 12/31/1969 19:00:00 for the aureport logs. Seeing it on Fedora 6 and RHEL 5.5. I saw a few others posting on this same issue, but no answers. I am a newbie to linux/unix, and have exhausted all of my internal... (0 Replies)
Discussion started by: dantil
0 Replies

3. Programming

Wrapper for unix program - urgent help needed

Hello all , i need some help asap i have a program that keeps killing the machine when i did google searches and 2 days later i ran strace it seems the programm keeps making a system call to gettimeofday to i guess increment a counter ? gettimeofday({1347986584, 464904}, NULL) = 0... (6 Replies)
Discussion started by: NetworkLearning
6 Replies

4. AIX

Why /bin/su permission with SUID?

Dear all experts in this forum, I have faced a audit issue as auditor told that we should not have SUID on /bin/su. As I have checked using Google, I found most of the site only telling that /bin/su should have the permission bit as -rwsr-xr-x but never explain why /bin/su need this permission... (4 Replies)
Discussion started by: kwliew999
4 Replies