Provided by: tomoyo-tools_2.4.0-20111025-3_amd64 bug


       tomoyo-auditd - access request logs recording daemon for TOMOYO Linux



       tomoyo-auditd <remote_ip:remote_port>


       This  program  reads  access  request  logs  from the kernel and writes to the location(s)
       specified in the configuration file. By running this program at  startup,  access  request
       logs for all or selected domains can be stored to aid in system administration.

       The  format  of  these  logs is similar to domain policy so they can be used to aid in the
       development of policy.

       The writing of these logs is controlled by rules defined in /etc/tomoyo/tools/auditd.conf.
       If  an  access  request log matches a rule, then it will be written to the specified file.
       This can be used to split access request logs into multiple files to  make  administration
       easier.  Only  the  first  matching rule is used, so any single access request log will be
       written to a maximum of one output file. If the access request  log  does  not  match  any
       rules, it will be discarded.


           Retrieve  access  request  logs via an agent connected to the specified IP address and
           port number.


       Discard all granted logs:
       header.contains granted=yes
       destination /dev/null

       Write   access   request   logs   from   Apache   and   its    descendent    domains    to
       /var/log/tomoyo/apache.log :
       domain.starts <kernel> /usr/sbin/httpd
       destination /var/log/tomoyo/apache.log


       This  program  should be started from the appropriate stage during startup, for example in


       If there are any bugs, send an email with as much  detail  as  possible  to  tomoyo-users-


       Main authors:

       ·   Tetsuo Handa <penguin-kernel AT>

       Other contributers:

       ·   Jamie Nguyen <jamie AT>

           Man pages, documentation and website.



       See for more information.