Hi to all of you,
I'm preparing new files Audit rules in the /etc/audit/audit.rules file.
The syntax I'm using is: auditctl -w path_to_file -p permissions -k key_name
example -w /etc/libaudit.conf -p wa -k wlib.conf
My question is: if I use the following syntax without specifing the permission option (-p)
auditctl -w path_to_file -k key_name what is the default permission value used?
Sounds a strange question but this is what I've been asked.
Bye and thanks