calcurse newsboat and auditd aliases

This commit is contained in:
Pratyush Desai 2022-05-01 13:45:12 +05:30
parent 75c1e74fb9
commit 209a0af18b
Signed by: pratyush
GPG Key ID: DBA5BB7505946FAD
3 changed files with 1868 additions and 1 deletions

View File

@ -49,4 +49,15 @@ alias gck='git checkout'
alias gckb='git checkout -b'
alias gvrf='git rev-parse --verify HEAD'
alias gscm='git commit -S -m'
# aureport and ausearch
alias aurepwk='aureport --start this-week'
alias aurepwkv='aureport --start this-week --key --summary'
# syscall audit rule for failure to open files due to EPERM with key field access
# add to syscall.rules
# -a always,exit -F arch=b64 -S open -S openat -F exit=-EPERM -k access
# check which files have been attempted
alias aurfilist='ausearch --start this-week -k access --raw | aureport --file --summary'
# check the user accounts implicated
alias aurlusfi='ausearch --start this-week -k access --raw | aureport --user --summary'
~

View File

@ -8,7 +8,7 @@ appearance.dayseparator=yes
appearance.emptyline=yes
appearance.emptyday=--
appearance.notifybar=yes
appearance.sidebarwidth=0
appearance.sidebarwidth=5
appearance.theme=blue on default
appearance.todoview=hide-completed
appearance.headingpos=right-justified
@ -30,3 +30,4 @@ general.systemevents=yes
notification.command=printf '\a'
notification.notifyall=flagged-only
notification.warning=300
format.appointmenttime=%H:%M

File diff suppressed because it is too large Load Diff