README.auditd
1Auditd Daemon
2
3The audit daemon is a simplified version of its desktop
4counterpart designed to gather the audit logs from the
5audit kernel subsystem. The audit subsystem of the kernel
6includes Linux Security Modules (LSM) messages as well.
7
8To enable the audit subsystem, you must add this to your
9kernel config:
10CONFIG_AUDIT=y
11
12To enable a LSM, you must consult that LSM's documentation, the
13example below is for SELinux:
14CONFIG_SECURITY_SELINUX=y
15
16This does not include possible dependencies that may need to be
17satisfied for that particular LSM.
18
README.property
1The properties that logd responds to are:
2
3name type default description
4logd.auditd bool true Enable selinux audit daemon
5logd.auditd.dmesg bool true selinux audit messages duplicated and
6 sent on to dmesg log
7logd.statistics.dgram_qlen bool false Record dgram_qlen statistics. This
8 represents a performance impact and
9 is used to determine the platform's
10 minimum domain socket network FIFO
11 size (see source for details) based
12 on typical load (logcat -S to view)
13persist.logd.size number 256K default size of the buffer for all
14 log ids at initial startup, at runtime
15 use: logcat -b all -G <value>
16persist.logd.size.main number 256K Size of the buffer for the main log
17persist.logd.size.system number 256K Size of the buffer for the system log
18persist.logd.size.radio number 256K Size of the buffer for the radio log
19persist.logd.size.event number 256K Size of the buffer for the event log
20persist.logd.size.crash number 256K Size of the buffer for the crash log
21
22NB:
23- number support multipliers (K or M) for convenience. Range is limited
24 to between 64K and 256M for log buffer sizes. Individual logs override the
25 global default.
26