Re: stacker and vm_enough_memory

From: Tony Jones (tonyj@private)
Date: Wed Jun 29 2005 - 13:15:00 PDT

Previous message: Tony Jones: "Re: stacker and vm_enough_memory"
In reply to: Tony Jones: "Re: stacker and vm_enough_memory"
Next in thread: serue@private: "Re: stacker and vm_enough_memory"
Next in thread: James Morris: "Re: stacker and vm_enough_memory"
Reply: serue@private: "Re: stacker and vm_enough_memory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

> Clearly, you can't intelligently audit from a module since you have no idea 
> as to what use the caller intends to make of your information (or down the 
> road if stacker was to do something different from RETURN_ERROR_IF_ANY_ERROR).

I guess I should ammend that to say that you can't log using a simplistic
method.  I should look at the kernel audit subsystem to see if higher levels 
can generate an audit based on what they did with the capable data (i.e reject),
which an automated tool could combine with audit data from the module to 
suggest policy changes.

Tony

Previous message: Tony Jones: "Re: stacker and vm_enough_memory"
In reply to: Tony Jones: "Re: stacker and vm_enough_memory"
Next in thread: serue@private: "Re: stacker and vm_enough_memory"
Next in thread: James Morris: "Re: stacker and vm_enough_memory"
Reply: serue@private: "Re: stacker and vm_enough_memory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Wed Jun 29 2005 - 13:19:21 PDT