219
edits
Changes
m
→Access to System Audit Log
====Access to System Audit Log====
To meet the audit requirements of FIPS 140-2 at Security Level 2, on Red Hat Enterprise Linux 4 and Trusted Solaris 8 and Solaris 10, the NSS module also uses the audit mechanism provided by the operating system to audit events, so the NSS audit data are also stored in the system audit log. Only the root user can read or modify the system audit log.
On Red Hat Enterprise Linux 4, the system audit log is in the <code>/var/log/audit</code> directory. This directory and the log files in it have the following permission bits (the following commands were run as the root user; only the root user can run the second command):
-r--r----- 1 root root 5242936 May 20 18:01 audit.log.2
On Trusted Solaris 8 and Solaris default audit records are stored in system_name:/var/audit/.
===Entry of Cryptographic Keys and CSPs===
'''N/A'''. The NSS module does not support manual entry of cryptographic keys and CSPs.
