Use file in /proc for message reading. Program use it way by default.
-f file
Log messages to the specified filename. By default messages go to SECOFF_HOME/security-out file .
-u uid
Change to the specified UID instead of the default 400.
-l
Listen for network connections.Log-server mode. Messages will copy to <log-name>-fromnet file.
-n hostname
Copy messages to log-server on specified host.
OVERVIEW
Standard klogd daemon can't read RSBAC kernel message buffers.
This program does and sends the messages to a separate file.
You can protect this file using any RSBAC model, e.g. RC, so a possible
intruder cannot delete security alert logs.
FILES
/proc/rsbac-info/rmsg
kernel messages buffer.
rklogd
daemon itself.
/var/run/rklogd.pid
The file containing the process id of
rklogd
BUGS
May be. Please, send patches, not changed files.
AUTHOR
I use some of
klogd
code.It was originally written by Steve Lord ([email protected]),
Dr. Greg Wettstein ([email protected]) made major improvements.