Esokra
November 23rd, 2012, 05:00 PM
Hello,
As part of a project, I need to log the filenames (including path) of files that have been changed or created by an enforced process (e.g. firefox) in special directories (I tried Downloads). Although I set to profile to audit, it only shows me the directory where changes where made (in my case the Downlaods directory). For me it is especially important to figure out, whether a new file has been created or not (this information I would like to store in a seperate log, if possible). Is apparmor capable of doing that?
If not, has anybody an idea how to achieve this, together with apparmor and a special program (e.g. inotify)? In this case it would be important to know, how to make apparmor starting a special script or program for at the startup of an enforced application.
Thank you very much in advance!
As part of a project, I need to log the filenames (including path) of files that have been changed or created by an enforced process (e.g. firefox) in special directories (I tried Downloads). Although I set to profile to audit, it only shows me the directory where changes where made (in my case the Downlaods directory). For me it is especially important to figure out, whether a new file has been created or not (this information I would like to store in a seperate log, if possible). Is apparmor capable of doing that?
If not, has anybody an idea how to achieve this, together with apparmor and a special program (e.g. inotify)? In this case it would be important to know, how to make apparmor starting a special script or program for at the startup of an enforced application.
Thank you very much in advance!