libaudit.conf(5) — Linux manual page


LIBAUDIT.CONF(5)     System Administration Utilities    LIBAUDIT.CONF(5)

NAME         top

       libaudit.conf - libaudit configuration file

DESCRIPTION         top

       The file /etc/libaudit.conf contains configuration information
       for user space applications that link to libaudit. The
       applications are responsible for querying the settings in this
       file and obeying the admin's preferences. This file contains one
       configuration keyword per line, an equal sign, and then followed
       by appropriate configuration information. The keywords recognized
       are: failure_action.  These keywords are described below.

              This keyword specifies what action the admin wishes a user
              space application to take when there is a failure to send
              an audit event to the kernel. The possible values are:
               - meaning do nothing, LOG - write to syslog the inability
              to send an audit event, and TERMINATE - the user space
              application should exit.

SEE ALSO         top


AUTHOR         top

       Steve Grubb

COLOPHON         top

       This page is part of the audit (Linux Audit) project.
       Information about the project can be found at 
       ⟨⟩.  If you have a bug
       report for this manual page, send it to
       This page was obtained from the project's upstream Git repository
       ⟨⟩ on
       2023-06-23.  (At that time, the date of the most recent commit
       that was found in the repository was 2023-06-22.)  If you
       discover any rendering problems in this HTML version of the page,
       or you believe there is a better or more up-to-date source for
       the page, or you have corrections or improvements to the
       information in this COLOPHON (which is not part of the original
       manual page), send a mail to

Red Hat                         Oct 2009                LIBAUDIT.CONF(5)