LIBAUDIT.CONF:(5) System Administration Utilities LIBAUDIT.CONF:(5)NAME
libaudit.conf - libaudit configuration file
DESCRIPTION
The file /etc/libaudit.conf contains configuration information for user space applications that link to libaudit. The applications are
responsible for querrying the settings in this file and obeying the admin's preferences. This file contains one configuration keyword per
line, an equal sign, and then followed by appropriate configuration information. The keywords recognized are: failure_action. These key-
words are described below.
failure_action
This keyword specifies what action the admin wishes a user space application to take when there is a failure to send an audit event
to the kernel. The possible values are: IGNORE
- meaning do nothing, LOG - write to syslog the inability to send an audit event, and TERMINATE - the user space application should
exit.
SEE ALSO get_auditfail_action(3).
AUTHOR
Steve Grubb
Red Hat Oct 2009 LIBAUDIT.CONF:(5)
Check Out this Related Man Page
AUDISPD.CONF:(5) System Administration Utilities AUDISPD.CONF:(5)NAME
audispd.conf - the audit event dispatcher configuration file
DESCRIPTION
audispd.conf is the file that controls the configuration of the audit event dispatcher. The options that are available are as follows:
q_depth
This is a numeric value that tells how big to make the internal queue of the audit event dispatcher. A bigger queue lets it handle a
flood of events better, but could hold events that are not processed when the daemon is terminated. If you get messages in syslog
about events getting dropped, increase this value. The default value is 80.
overflow_action
This option determines how the daemon should react to overflowing its internal queue. When this happens, it means that more events
are being received than it can get rid of. This error means that it is going to lose the current event its trying to dispatch. It
has the following choices: ignore, syslog, suspend, single, and halt. If set to ignore, the audisp daemon does nothing. syslog
means that it will issue a warning to syslog. suspend will cause the audisp daemon to stop processing events. The daemon will still
be alive. The single option will cause the audisp daemon to put the computer system in single user mode. halt option will cause the
audisp daemon to shutdown the computer system.
priority_boost
This is a non-negative number that tells the audit event dispatcher how much of a priority boost it should take. This boost is in
addition to the boost provided from the audit daemon. The default is 4. No change is 0.
max_restarts
This is a non-negative number that tells the audit event dispatcher how many times it can try to restart a crashed plugin. The
default is 10.
name_format
This option controls how computer node names are inserted into the audit event stream. It has the following choices: none, hostname,
fqd, numeric, and user. None means that no computer name is inserted into the audit event. hostname is the name returned by the
gethostname syscall. The fqd means that it takes the hostname and resolves it with dns for a fully qualified domain name of that
machine. Numeric is similar to fqd except it resolves the IP address of the machine. User is an admin defined string from the name
option. The default value is none.
name This is the admin defined string that identifies the machine if user is given as the name_format option.
SEE ALSO audispd(8)Red Hat Jan 2008 AUDISPD.CONF:(5)
Hi everyone,
I know the following questions are noobish questions but I am asking them because I am confused about the basics of history behind UNIX and LINUX.
Ok onto business, my questions are-:
Was/Is UNIX ever an open source operating system ?
If UNIX was... (21 Replies)
Hello and thanks in advance for any help anyone can offer me
I'm trying to learn the find command and thought I was understanding it... Apparently I was wrong. I was doing compound searches and I started getting weird results with the -size test. I was trying to do a search on a 1G file owned by... (14 Replies)
hi all,
i have installed quota on my centos 7 machine and its what im after (setting size limit on users, so they cant fill the hard drive)
i want to now make this part of my create user script for my sftp server so i want to do a echo and a read command so i capture the limit they enter... (0 Replies)
Hi everybody,
Which Unix base OS have best performance for HOST virtualization?
I tested SmartOS but it needs another OS to connect remotely!
Thanks in advance. (11 Replies)
Hi All,
I need to write a shell script which opens a file and increments the version(text) within the file every time the script runs. For example:
$ cat docker_file.yml
version: '3.1'
services:
ui:
image: repo-srv.dev.io:5000/facebook/ui:0.0.2-QA1
$
So, I would like... (6 Replies)
Dear Team
We use DB2 v10.5 and using DBArtisan tool
Can someone please guide how to convert digits to binary numbers using db2 feature.
Ex> for number 9 , binary should be 1001 ( 8+1)
Any help appreciated. Thanks (2 Replies)
hi folks,
how to using tar with exclude directory and compress it using tar.Z
i only know how to exclude dir only with this command below:
tar -cvf /varios/restore/test.tar -X excludefile.txt /jfma/test1/
how to compress it using 1 command?
Thanx
Please use CODE tags as... (6 Replies)
Quite an obscure question I think.
We have a rebuild process for remote sites that allows us to PXE rebuild a till (actually a PC with a touch screen and various fancy bits) running CentOS. The current CentOS5 tills work just fine with a tar image restore and some personalisation. Sadly,... (4 Replies)
Hello All,
I had recently learnt a bit of Docker(which provides containerization process).
Here are some of my learning points from it.
Let us start first with very basic question:
What is Docker:
Docker is a platform for sysadmins and developers to DEPLOY, DEVELOP and RUN applications ... (7 Replies)
What is the point of this? Whenever I close my shell it appends to the history file without adding this. I have never seen it overwrite my history file.
# When the shell exits, append to the history file instead of overwriting it
shopt -s histappend (3 Replies)
Hello... And thanks in advance for any help anyone can offer me
I was trying to work out the differences between displaying modify, access, and change times with the 'ls' command. Everything seems in order when I look at files, but the access time on a directory doesn't seem to change when I... (4 Replies)
Hello everyone,
I am having an issue here with CentOS release 6.6 (Final) that shows all of the space used up, but I can't tell where the space went.
Seemingly I am using up 100%, according to
df -h
Filesystem Size Used Avail Use% Mounted on... (27 Replies)
I'm trying to use a bash script for a psych experiment that involves listening to sound files and responding. If I have something like the code below, how can I make sure that a key press is assigned to RESPONSE only after the second echo statement?
for i in 1 2 3; do
echo "Ready?"
sleep 2
... (10 Replies)
After the success of the jq - tool for parsing and manipulating JSON-Data someone wrote a tool called yq, which aims to be the same for YAML, what jq is for JSON. Seems to work fine. I'll definitely give it a chance in future.
Example YAML-File:
--- !ruby/object:Puppet::Node::Facts
... (1 Reply)
Dear All,
I am very pleased to announce that Dave Munro (gull04) is joining the Moderation Team, after being a very valuable member of UNIX.com for 15+ years.
Dave is an IT Consultant with 30 years of experience this year, has worked in many of the industry vertical market segments and has... (6 Replies)