Hello. Silva Paulo wrote: > How do I do to redirect the logged records from /var/log/messages to any > other log file, let's say /var/log/tomoyo? Please use grep -F 'ERROR:' /var/log/messages grep -F 'WARNING:' /var/log/messages if you want to get printk() logs. printk() logs are just for telling policy violation occurred. Better log with plenty information is available from /proc/ccs/reject_log . You can start ccs-auditd like /usr/sbin/ccs-auditd /dev/null /var/log/tomoyo using some startup script (e.g. /etc/rc.local). You can use grep -A 3 -F " mode=enforcing " /var/log/tomoyo to get logs of requests which violated policy in enforcing mode. Regards.
TOMOYO
Fork