fix ausearch

Signed-off-by: Ludvig Liljenberg <[email protected]>

Author: ludfjig

.github/workflows/dep_rust.yml

@@ -96,9 +96,12 @@ jobs:
           # Add audit rules for KVM device monitoring
           echo "Adding comprehensive audit rules for KVM monitoring..."
           
+          ls -al /dev/kvm || echo "❌ /dev/kvm does not exist or is not accessible"
           # Monitor file operations on /dev/kvm (if it exists)
           sudo auditctl -w /dev/kvm -p rwxa -k hypervisor_kvm || echo "Failed to add /dev/kvm watch rule (device may not exist yet)"
-          
+          ls -al /dev/kvm || echo "❌ /dev/kvm still not accessible after adding watch rule"
+          sudo ausearch -k hypervisor_kvm
+
           # Monitor device creation/deletion in /dev/
           sudo auditctl -w /dev/ -p wa -k device_changes || echo "Failed to add /dev/ watch rule"
           
@@ -539,4 +542,7 @@ jobs:
           else
             echo "✅ No device permission/ownership changes detected during job execution"
           fi
+          
+          echo "hi"
+          sudo ausearch -k hypervisor_kvm -ts recent