On Thu, 2004-06-10 at 08:17, Levine, Daniel J. wrote: > Perhaps my problem is simpler to solve than this. All I really need is the > user ID of the person who logged in to the system. This identifies whose > account was used to perpetrate the illegal access. Could the user ID number > and user name be added to the log messages when violations occur That is something which is best handled by the audit framework. Boot with audit=1. The audit framework already includes support for setting a login uid; someone just needs to patch login and friends to use it. -- Stephen Smalley <sds@xxxxxxxxxxxxxx> National Security Agency
