Server : Apache System : Linux wealthytechsolutions.wealthytechsolutions.com 5.14.0-611.49.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Apr 21 16:39:08 EDT 2026 x86_64 User : raybondt ( 1003) PHP Version : 8.3.31 Disable Function : exec,passthru,shell_exec,system Directory : /usr/share/audit/sample-rules/ |
# These rules watch for invocation of things known to install software -a always,exit -F arch=b32 -F perm=x -F path=/usr/bin/dnf-3 -F key=software-installer -a always,exit -F arch=b64 -F perm=x -F path=/usr/bin/dnf-3 -F key=software-installer -a always,exit -F arch=b32 -F perm=x -F path=/usr/bin/yum -F key=software-installer -a always,exit -F arch=b64 -F perm=x -F path=/usr/bin/yum -F key=software-installer -a always,exit -F arch=b32 -F perm=x -F path=/usr/bin/pip -F key=software-installer -a always,exit -F arch=b64 -F perm=x -F path=/usr/bin/pip -F key=software-installer -a always,exit -F arch=b32 -F perm=x -F path=/usr/bin/npm -F key=software-installer -a always,exit -F arch=b64 -F perm=x -F path=/usr/bin/npm -F key=software-installer -a always,exit -F arch=b32 -F perm=x -F path=/usr/bin/cpan -F key=software-installer -a always,exit -F arch=b64 -F perm=x -F path=/usr/bin/cpan -F key=software-installer -a always,exit -F arch=b32 -F perm=x -F path=/usr/bin/gem -F key=software-installer -a always,exit -F arch=b64 -F perm=x -F path=/usr/bin/gem -F key=software-installer -a always,exit -F arch=b32 -F perm=x -F path=/usr/bin/luarocks -F key=software-installer -a always,exit -F arch=b64 -F perm=x -F path=/usr/bin/luarocks -F key=software-installer